Skip to content

OSINT Dojo Student challenge – geolocation puzzles

  • by

Today is the back to the basics day.

Close to a year ago I had the pleasure to talk to Sinwindie, the creator of the OSINT Dojo. I also promised to participate as a learner in the OSINT Dojo project – that took way longer than anticipated.

Luckily, the time has finally come to rectify this and to deliver on the pledge.

In OSINT, every day is potentially a school day. Let’s do this.

OSINT Dojo Student – Rank Requirements

1: Participate in an OSINT CTF
2: Attempt 2 OSINT quizzes of any kind. Don’t just make a guess, show the reasoning behind your answer!
3: Create and share a 2-minute video showcasing the steps you took to solve a previous OSINT quiz. You may use your real voice or a computer generated one for audio.
4: Write and publish an article, tweet, or blog post of at least 250 words showcasing steps you took to solve a previous OSINT quiz
5: Introduce yourself to the OSINT community and let others know you are ready to learn by including the hashtag #OSINTDOJO

1: Participate in an OSINT CTF

To complete this requirement I selected the Sakura Room CTF challenge on TryHackMe. It’s an enjoyable and yet sometimes challenging room that requires using several various OSINT techniques and approaches. The description reads: “With a bit of research, most beginner OSINT practitioners should be able to complete these challenges“.

Damn right, you do need research. Maybe even a bit more than a bit – but it’s all for a good cause!

I definitely recommend this room for both OSINT beginners and consummate practitioners – a thing or two in these challenges will certainly surprise you.

OSINT Dojo Sakura Room CTF
.

2a: Quiz 1 - The OSINTDojo puzzle, November 23, 2020

Source: @OSINTDojo

Objective: Can you find the lat / long of the attached photo?

OSINT Dojo puzzle

Visual clues:

  • A sign with what appears like an emblem / logo and a partially visible name – “Golden T”;
  • Country flags, the first one being what appears like the flag of South Africa; I was able to recognise that flag without any external aids, but should you need assistance, all other existing African flags can be found in this Wikipedia article.
  • Spacious carpark at the front, gated boundary, bollards & flag masts – possibly a hotel?
  • Large, long structure with a distinct shape – should be visible on Google Maps aerial shots;
  • Individuals of African descent in the foreground;
  • Older looking cars, suggesting a developing country; 
  • Tropical / warm country vegetation – so most definitely somewhere in the southern hemisphere;
  • Telecommunications mast in the close proximity.
OSINT Dojo puzzle 2

Methodology:

  • Switch to the South African version of Google for better, localised search results;
  • Search for: golden t hotel +Africa;
  • First result – Facebook page of “Golden Tulip Africa”;
  • Switch to the photos tab on Google and browse images manually;
  • Identify Golden Tulip hotel in Accra, Ghana by spotting the visual clues;
  • Corroborate using Google Maps street view – and find the exact same photo 🙂
  • Take the GPS coordinates from the Google Maps location and reverse search for latitude / longitude.

Answer: Golden Tulip, 37 Liberation Rd, Accra, Ghana. 5°35’35.5″N 0°10’50.5″W

2b: Quiz 2 - The OSINTDojo puzzle, September 20, 2021

Source: @OSINTDojo

Objective: What city is pictured? What IP address is associated with this camera? What is the ISP for that IP address?

OSINT Dojo webcam puzzle

Methodology:

  • Spot some obvious visual clues – anybody who was born in Eastern Europe (like yours truly) will have a bias in favour of immediately recognising the architecture (the towers, the red roofs, the blocks of flats, etc) as belonging to a country in that part of the world.
  • Reverse search the target image using the Image Search Options extension for Firefox (or a similar browser extension for image reverse search);
  • Visit the website appearing in the Google search results;
  • Find the webcam feed that visually matches the target image (NOTE: do this during Eastern European daylight hours, UTC/GMT+1 or +2, because you won’t be able to see most of the features of this image in the dark);
  • Visit the original website where the image came from;
  • Check the website’s domain information using Big Domain Data (or another similar resource that will display the associated IP address);
  • Visit IP Info and run the check on the associated IP address found to find the ISP.

Answer: Tallin, Estonia. 217.159.186.253. AS3249 Telia Eesti AS.

3: The 2-minute video

4: The published article

You’re reading it!

5: The introductory tweet

Leave a Reply

Your email address will not be published. Required fields are marked *