Oct 11, 2024 12:23:08 PM | Hack challenge OSINT Challenge: Hacktoria Geolocation 16

What Is OSINT? For those who aren’t familiar with the term, OSINT stands for Open Source Intelligence. This refers to the use of data collected from open or publicly available […]

What Is OSINT?

For those who aren’t familiar with the term, OSINT stands for Open Source Intelligence. This refers to the use of data collected from open or publicly available sources to provide intelligence that can be used for later action. OSINT techniques and the intelligence produced by them can provide value to individuals in many different roles such as law enforcement, military intelligence, hiring managers, etc. There is also significant overlap in the cybersecurity sector, where penetration testers, red teamers, threat intelligence professionals, and many others need to research targets using openly available datasets.

OSINT techniques can take advantage of a target’s lapse in operational security (OPSEC) to gain valuable information about them, such as their identity or location. One OSINT approach, which has gained increasing attention due to the current war in Ukraine, is geolocation. Geolocation is the process of identifying a specific geographical location via some form of digital information, such as a photograph or video. Geolocation skills can be useful for law enforcement, journalism, war crimes investigation, and even offensive cybersecurity.

OSINT Challenge

There are many freely available OSINT resources, but one I found recently stood out to me and I wanted to write about it. The website, Hacktoria, is a hobby project by a group of OSINT professionals who wanted to provide valuable OSINT resources and training for free to the community. 

They have a ton of individual online challenges and monthly CTF competitions for practicing OSINT techniques. If you haven’t seen the site, I recommend checking it out; they also have a Discord channel. The site is: https://www.hacktoria.com

Hacktoria Geolocation 16

Hacktoria has a bunch of practice options, so I decided to tackle the Geolocation #16 challenge for this post:

White Oak Security’s screenshot from Hacktoria’s Geolocation 16 challenge that helps pentesters and info sec, cybersec, and the like, practice OSINT techniques.

First, we’ll examine the photo for interesting features:

There are several interesting potential features in the photo, but many are quite blurry due to the low resolution of the image. 

We can see that the location where the photo was taken is a parking lot. There’s a sign indicating that the parking lot is private and charges money, which could potentially be useful information later on:

There are many buildings in view with signs and logos. There are also some flags in the background, but again, they are hard to make out due to the photo’s resolution.

One interesting feature we can make out is a sign, on the building on the right:

Zooming in on this, although pixelated, it appears that the sign says “Commissionaires”:

A quick Google search of “Commissionaires business” results in information about a security company in Canada with that name:

Commissionaires Business google map search during the Hacktoria geolocation 16 OSINT challenges, tackled by White Oak Security.

A brief examination of their website shows that their logo is a match the one on the sign in the photo, so we know we’re on the right track:

Commissionaires Ottawa logo which matches the blurred photo of the Hacktoria geolocation 16 OSINT challenge - tackled by White Oak Security.

Looking back at the original photo for clues, we can see that there is a delivery van on the left with the word “Canadian” imprinted on the side:



This further reinforces our previously found information that the location in the photo is in Canada.

If we take another look at the features in the photo, we see a large brown building in the center with a logo on the side:

Despite the pixelation, we can make out that the building’s logo has a blue cross shape and some words. The words are difficult to make out, but look as if they could be “blue cross”, matching the shape in the logo:

Blurred screenshot of a logo taken from the Hacktoria geolocation 16 OSINT challenge taken by White Oak Security.

A Google search for “blue cross Canada” finds the Wikipedia page for the Canadian Blue Cross insurance company whose logo is a match for the sign on the building:

At this point in our search, we know that the location the photo was taken was in a paid parking lot, in Canada, close to both a Blue Cross office, and a Commissionaires office. If we can find locations with both of these businesses, we may find our target.

We can examine a list of the known office locations for Blue Cross in Canada from their website:

Using the address information on the Blue Cross website, White Oak Security is able to figure out geolocation for the Hacktoria OSINT challenge.

We can then search for these addresses and Commissionaires offices in the same city and determine whether they are in close enough proximity and match the known features in the image. There are several cities which have both businesses, but where the features of the offices don’t match the photo:

After a bit of searching we get to the Saskatoon, Saskatchewan office of Blue Cross:

A Google search shows that there is a Commissionaires office in Saskatoon as well, located on 1st Ave:

Google map data screenshot that helps White Oak Security’s pentesters figure out the geolocation of a photo on Hacktoria’s OSINT challenge.

We can look at the Google maps imagery for the Saskatchewan Blue Cross office and see if the features and location match:

If we click on the preview photo in the Google maps search, the building looks similar but slightly different. The awning color is silver, not blue as in the challenge photo:

Additionally, if we look at the satellite imagery in Google maps, we can see there is a different business name listed where the Commissionaires office would be:

However, if we use Google Street View for that location, we can see that we are in the correct place:

If we look carefully we can see that the Google Street view panorama was taken in 2009:

This likely explains the mismatch between the Google Maps business information and the business sign in the original photo, as well as the difference in the color of the awnings on the Blue Cross building.

Finally, by looking at the satellite imagery and comparing it to the location in the image, based on the spacing in the parking spaces of the parking lot in the image, we can narrow it down to a few feet where the image was taken:


The location pin gives us the exact GPS coordinates: 52.135642, -106.661363

To complete the challenge, we return to the Hacktoria website and enter the city on the Hacktoria challenge page. We can confirm that we’ve successfully identified the location in the image!

This was a fun challenge to solve and I’ll definitely do more of these in the future. There are plenty more challenges available on Hacktoria’s website which run the gamut of difficulty from beginner level to extremely challenging. I highly recommend you check it out if you’re up for the challenge!

MORE FROM WHITE OAK SECURITY

White Oak Security is a highly skilled and knowledgeable cyber security testing company that works hard to get into the minds of opponents to help protect those we serve from malicious threats through expertise, integrity, and passion. 

Read more from White Oak Security’s pentesting team.

Written By: Admin