CTF

Recently, I got the chance to play the WSC CTF challenge organized by We Shield Cyber and sponsored by NCA Nepal and Hack@sec. There was an OSINT challenge titled “A Challenge Worth iPhone 16 Pro Max” with a description and an image provided. Description: My friend, currently in Canada, sent me a picture of an institute with a challenge: if I can pinpoint the exact location, he'll reward me with a brand-new iPhone 16 Pro Max. What he doesn’t know is that I have a hacker friend on my side! Can you help me figure out the place's location? Let’s crack this together! Flag format : WSC{cityname_full_name_of_the_place_phonenumber} Image: ...

[Note: the email was blured for user privacy] Here is a Write of the Osint Challenge ,‘Ransome’ from WSC CTF . Description: I have recently received a threatening message from an unknown person. They are asking for ransom money, otherwise, they will leak my secrets. The only information I have is a email from where i got the message.Can you find more information about the threat actor. [Email:[email protected]] Flag Format : WSC{ownerName_RegistrationDate_HostingProvider} For example : WSC{ram_gurung_2012-06-02_NestNepal} In this challenge we have to find out the name of the people who own that email, Registration date of domain and the hosting provider’s name. only clue we have is the email address and domain that is related to email address. ...

Recently I have create a osint Challenge, ‘Scammer’ for WSC CTF . Here is Writeup for the challenge. Description: I met a web developer on Facebook and made a deal for him to create my portfolio for Rs. 5000. However, he is no longer in contact with me, and he has even deleted his Facebook account. I don’t know anything else about him, but fortunately, I have his Facebook profile URL[https://www.facebook.com/dip3sh]. Unfortunately, the original profile cannot be found now. Can you help me find information about him? Flag Format: WSC{firstname_Lastname_email_District} Hint: Always use small letters. The only info we had is the facebook link which is used to be the Scammer’s account but that username was used by another people right now. ...

Description: Dear agents, It is come to our attention that the two possible spies we were to search for, have gone into hiding. It may not be a quick and easy task but it IS our duty to seek out their hideout location. We know the information we have right now is quite little but we have faith in you to not make us disappointed Note: Spy1 Alias: Thedius Age: 24 Gender: male Social media: https://www.facebook.com/thedius.665152?mibextid=ZbWKwL Spy2 'met thedius before disappearance' Flag format: wsc {name_of_the_sation, city} for example: Wsc{baedehi, itaharwa} Solution: when visiting the URL, I got the birthday post from spy1 and in the image there is a something written in book cipher. ...

Gaganchumbi Mahal is an OSINT-related CTF challenge hosted by Team NCA@Nepal. NCA@Nepal is Nepal’s active cybersecurity community and Capture The Flag (CTF) team, where learning and sharing knowledge are at the heart of everything they do. Their motto is ‘Learn and Share: Growing Together in Cybersecurity’. In the challenge, a short description and image were provided. You can see them in the image below: Whenever we are solving the challenge, we need to carefully read the description and set a clear goal for what we need to find out. In the image above, the term ‘unfinished building casting a long shadow’ is mentioned. So, I began solving the challenge with the help of Google image search.I got the exact location of the place shown in the image. It is Bhatbhateni located in Bhaktapur. To confirm the location, I used Google Earth for a virtual tour. Surprisingly, I found an unfinished building in front of the Bhatbhateni as well. ...

Bhagini Sahar is the CTF challenge related to OSINT hosted by NCA@Nepal. NCA@Nepal is an active CTF and cybersecurity community in Nepal. A short description and image are provided in the challenge. Whenever we need to find the geolocation of an image, we can use Google Image Search, Yandex, or Bing. I used Google Images to gather information about the above image, and I discovered that it is located in Chongqing, China ...

Recently, I created an OSINT challenge for Team NCA@Nepal . The challenge, called ‘Ghumantey,’ is considered the most confusing and difficult OSINT challenge in the NCA CTF. So far, only two teams have solved it at last moment. In the challenge, there is a short description and an image. The image above is the one provided in the challenge. We have multiple choices to identify the location name. Participants can use image search tools such as Google Images, Yandex, Bing, etc., or check the image metadata using tools like exiftool or https://exif.tools/. In this case, I prefer exiftool over Google searching, and look what I found… ...

Description: Last time, you guys helped me win the brand-new iPhone 16 that my friend promised me. I received the iPhone 16 because you solved the 'ghumantey' puzzle. This time, my friend has promised me a MacBook. Recently, he visited a new place and uploaded a photo on his social media. Can you help me to won macbook? flag format : WSC{username_Country_Artist_Name_Car_Number} In the description, the challenge is suggesting they have a challenge, ‘Ghumantey’ in previous CTF and asking us to find the username of his friends and other details. what we need ? 1.username of friend 2.Country name 3.Artist's name 4.Car Number Solution : I started with google search and find out there is a writeup of Ghumanytey challenge organized by NCA Nepal . i visit the URL and I found username of his friends and twitter Twitter handle. ...