[OSINT] Easy Phish

G'day all,

I've found a flag but it was missing the close '}' and won't work. Did anyone else come across this? Am I missing part of the flag?

«1

Comments

  • Yes, you're missing the second half of the flag. The first half that you have gives you the name/acronym of something. Research alternatives to that something and then try to query/enumerate those. Although subtle, the text you have so far hints at this.

    opt1kz

  • I'm going to slap myself upside the head for missing that one, thanks!

  • ok i also got the 2th part but missing the the 1th part. research about **F alternative but did not got anything special. pm me some hints.

  • I'm very lost on this one, I've been looking at the site and can't find anything. Can anyone give me a nudge? I feel like I'm completely on the wrong track.

    Thanks

  • edited July 28

    Type your comment> @Fyerguy said:

    I'm very lost on this one, I've been looking at the site and can't find anything. Can anyone give me a nudge? I feel like I'm completely on the wrong track.

    Thanks

    Think about the challenges description, and how you would go about trying to prevent that type of attack.

  • @n2lus said:

    Think about the challenges description, and how you would go about trying to prevent that type of attack.

    AH hah! Thank you so much, you got my head out of my ass and now I'm on the right track.

    Thanks!

  • Very interesting challenge. If you know what to do it doesn't take a long time. :)
  • Type your comment> @Wolfstorm said:

    Very interesting challenge. If you know what to do it doesn't take a long time. :)

    How do you know what to do? Are there articles available for example?

    center

  • edited July 29
    > @TheGrayMan said:
    > How do you know what to do? Are there articles available for example?

    No; there are online tools that can help you. PM me and I'll tell you.
  • The majority of the time was figuring out what to look for with what tools. After finding the first half it was quite easy with some googling.

  • Anyone want to PM Me a hint to get started, I have an idea at a high level whats happened, and I've tried some basic searches around the domain name but I'm clutching at straws and randomly googling rather than having a focused plan.

  • Never mind, ran enough tools foing on my initial theory and it became obvious...

  • edited August 1

    I see the first part of the flag but the rest is missing... is this part of the puzzle or is it messed up?

    Update: part of the puzzle

  • Any tips on what tool to use/start with for this? Nothing I've been doing has produced anything useful.

  • Type your comment> @bitL8ByteShort said:

    Any tips on what tool to use/start with for this? Nothing I've been doing has produced anything useful.

    Dig or nslookup and google

  • edited August 2

    Hello everyone, found the first part of the flag. any suggestions for the second part?

    EDIT: Found second part. Nice challenge. I learned so many things

    nemen91

  • Type your comment> @nemen said:

    Hello everyone, found the first part of the flag. any suggestions for the second part?

    EDIT: Found second part. Nice challenge. I learned so many things

    i have second part but cant locate the first part, any hint pleas pm.

  • I got the first half but don't really understand why I got it -- does anyone have any hints for the second part of the challenge?

  • edited August 7

    I got up to HTB{xxx_xxx_ any help solving 2nd part?? :smile:

    Edit: Done. I overlooked the 2nd part. This looks damn easy after solving.

  • @salute101 said:
    Type your comment> @nemen said:

    Hello everyone, found the first part of the flag. any suggestions for the second part?

    EDIT: Found second part. Nice challenge. I learned so many things

    i have second part but cant locate the first part, any hint pleas pm.

    still looking for first part?

  • The crispest of high-fives to anyone that can give me a hint to the 2nd part of the flag.

  • @Gimik said:
    The crispest of high-fives to anyone that can give me a hint to the 2nd part of the flag.

    Disregard - I found it.

  • Type your comment> @Un1k0d3r said:

    I got up to HTB{xxx_xxx_ any help solving 2nd part?? :smile:

    Read the challenge description properly, there are ways to prevent phishing attacks.

  • edited August 7

    Can someone help me for 2nd part please?
    Edit:- It's done

  • I'm also in a similar scenario. The 2nd part is throwing me off. It's probably something right in front of me lol.

  • Type your comment> @device said:

    Type your comment> @Un1k0d3r said:

    I got up to HTB{xxx_xxx_ any help solving 2nd part?? :smile:

    Read the challenge description properly, there are ways to prevent phishing attacks.

    thanks done now.

  • Hey,

    I am getting quite a few PMs about this challenge which is good but to benefit others taking the challenge please keep any questions within this thread.

    Small hint: how can one check an MX domain?

  • edited August 8

    Type your comment> @Wolfstorm said:

    Hey,

    I am getting quite a few PMs about this challenge which is good but to benefit others taking the challenge please keep any questions within this thread.

    Small hint: how can one check an MX domain?

    Is this in reference to the first or second piece? I think some of the hints have people going in circles on the second piece between people suggesting tools vs research.

    EDIT: Got it. Can be solved with tools and not with open source research.

  • Type your comment> @pingpong said:

    Type your comment> @Wolfstorm said:

    Hey,

    I am getting quite a few PMs about this challenge which is good but to benefit others taking the challenge please keep any questions within this thread.

    Small hint: how can one check an MX domain?

    Is this in reference to the first or second piece? I think some of the hints have people going in circles on the second piece between people suggesting tools vs research.

    EDIT: Got it. Can be solved with tools and not with open source research.

    Good job ;-)

  • i cant find the second half.... been working 10 h to find it and i cant

Sign In to comment.