Tryhackme - OhSINT

Tryhackme – OhSINT

In this walk through, we will be going through the OhSINT room from Tryhackme. This room consist of an OSINT challenge where we will use open source intelligence techniques to unravel information about a person. So, let’s get started without any delay.

Tryhackme - OhSINT

Task 1 – OhSINT

Question 1 – What is this users avatar of?

  • Running exiftool on the image gives us the copyright holder name – OWoodflint.
exiftool WindowsXP.jpg
exiftool WindowsXP.jpg
  • Searching that name on Google, reveals the user’s blog, github and twitter. User’s twitter profile is of a cat. Hence, getting our first flag.
OWoodflint github

Question 2 – What city is this person in?


Question 3 – Whats the SSID of the WAP he connected to?

  • We get the BSSID from one of the user’s tweets.
  • Searching this BSSID on gives us the location and name of the SSID.
Search for networks
Unilever Wifi BSSID
Unilever Wifi

Question 4 – What is his personal email address?


Question 5 – What site did you find his email address on?


Question 6 – Where has he gone on holiday?

  • Getting this info on the Oliver Woodflint wordpress blog found earlier.
Oliver Woodflint Blog
New York

Question 7 – What is this persons password?

  • Finding user’s password in his blog source code. I tried looking into before too by Ctrl + F “password” however left it untouched. Then waste some time in github commits.
Task 1 - OhSINT

Also Read: Tryhackme – Nessus

So that was “OhSINT” for you. In this room, we have covered an OSINT challenge where we uses Open Source Intelligence techniques like exif data analysis, Social media enumeration, Wifi AP investigation and more. In Short, it is an easy and fun room to practice your OSINT skills. On that note, i will take your leave and will meet you in next one. Till then, “Keep Hacking”.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top