CyberSoc | Cyber Detective CTF: Evidence Investigation

CyberSoc Detective CTF is a platform that contains many OSINT-based challenges. It was created by the Cyber Society at Cardiff University.

In this post, I will be covering my write-up for the Evidence Investigation challenges.

NOTE: This document is subject to change without notice. I will add more solutions to the remaining challenges as I solve them.


dvla

250 points

Okay so they want us to find the BRAND and MONTH a vehicle was made. Given the picture below:

In case you didn’t already know, “dvla” stands for Driver and Vehicle Licensing Agency. I had a little bit of an issue finding a proper site that I could input a license plate into and it return the desired output. That said, I did find two reliable ones:

Upon entering in CY10HHB…

Answer: Ford June.


connectionrefused

300 points

They mention the site(time-traveler.icec.tf) was accessible 4 years ago. Let’s see if The Wayback Machine can help us go back in time and retrieve a snapshot of the website.

Precisely at the June 1st, 2016 snapshot, I found this.

Answer: **IceCTF{Th3y’11_n3v4r_f1 |d_m4h_fl3g_1n_th3_p45t}**

chemtrails

350 points

So we’re given a boarding pass and tasked to find the seat number.

I cropped out the barcode on the boarding pass.

I then used an free online barcode reader from Inline.

Selected the barcode type and read the results.

Answer: 22B