Maltego CTF

I stumbled upon this free community based CTF by chance just scrolling LinkedIn in the past week. At the company I work at, our Threat Intelligence team has mentioned this product before so I was curious to look into it . I also had a goal to participate in more Capture The Flags this year. Free, Relevant, Not on a Workday…yeah sign me up!

It took me a little while to get going in this CTF and after I thought I was making some progress, I got stuck on most of the questions. Definitely not the best showing from me but A for effort….I guess. I ended up placing 103 out of 174. You were allowed up to three people on a team so doing this by myself, I didn’t feel too bad.

CTF Summary:
Various images were provided in the questions for the CTF. Some of ships, ports and others of locations indicated by red on a map. I tried using google maps and google location but found difficulty in trying to trace where it was. Not from the CTF buT questions did show images such as the one below with a location marked out:

The goal was narrow this location to the nearest longitude and latitude.

An interesting thing I noticed was I ended up using Claude and ChatGPT and was comparing both responses based on evidence and prompts I provided. Keep in mind, I used the free versions but I found Claude would edge ChatGPT in providing correct responses.

I did try finding metadata of these images using tools like ExifTool but it didn't work for me. They were images uploaded on imgshare.

This CTF took me all over trying to find information on different vehicles from ships, cars, planes etc. Definitely cool but I wish I had more time to search lol.

I also was provided an audio file that had morse code. Attempted to decode this with free online morse decoders but often got the wrong answers. I then used claude with context and got the right answer but by that time, the CTF had already been completed. What I learned here is that instead of trying to find the right free tool that can decode according to what the question is asking for, its more efficient to use A.I to sift through tools that provide an answer close to what you’re looking for.

I did the best in the Threat Intel portion as that's where I had the most exp from my SecOps days. Virus Total was primarily used here for me. I like that the CTF forced you to really go through all those tabs in VT to find the information. Along with these , I did have to visit different websites to narrow down what the answers were.

What I learned from this experience?
OSINT isn’t a matter of just google something and you’ll find it. It is so much more complicated than that. It involves geolocations, person of interest investigations and putting the pieces together to fit a storyline that ultimately leads you to the source of an event. Very cool, this is why we watch those investigative dramas.

Per The A.I Overlords, “ OSINT stands for Open-Source Intelligence — the practice of collecting and analyzing information from publicly available sources, all without hacking or accessing private systems.”

I learned that for a beginner like me, my go to tools and platforms should be as follows:

OSINT Framework

VirusTotal

ExifTool

GoogleEarth

If all else fails , Claude or ChatGPT.

I had a good time doing this CTF. It gave me exposure to the world of OSINT and an idea of what it takes to do this job on a daily basis. Thank you Maltego for putting this together. Looking forward to the next one.

Triminator out!