In this walk through, we will be going through the WebOSINT room from Tryhackme. In this room, we will be conducting basic open source intelligence research on a website using various techniques and tools. So, let’s get started without any delay.
Table of Contents
Task 1 – When A Website Does Not Exist
Task 2 – Whois Registration
Question 1 – What is the name of the company the domain was registered with?
NAMECHEAP INC Question 2 – What phone number is listed for the registration company? (do not include country code or special characters/spaces)
6613102107Question 3 – What is the first nameserver listed for the site?
NS1.BRAINYDNS.COM Question 4 – What is listed for the name of the registrant?
Redacted for PrivacyQuestion 5 – What country is listed for the registrant?
Panama
Task 3 – Ghosts of Websites Past
Question 1 – What is the first name of the blog’s author?
SteveQuestion 2 – What city and country was the author writing from?
Gwangju, South KoreaQuestion 3 – [Research] What is the name (in English) of the temple inside the National Park the author frequently visits?
Jeungsimsa TempleTask 4 – Digging into DNS
Question 1 – What was RepublicOfKoffee.com’s IP address as of October 2016?
173.248.188.152Question 2 – Based on the other domains hosted on the same IP address, what kind of hosting service can we safely assume our target uses?
sharedQuestion 3 – How many times has the IP address changed in the history of the domain?
4
Task 5 – Taking Off The Training Wheels
Question 1 – What is the second nameserver listed for the domain?
NS2.HEAT.NETQuestion 2 – What IP address was the domain listed on as of December 2011?
72.52.192.240Question 3 – Based on domains that share the same IP, what kind of hosting service is the domain owner using?
sharedQuestion 4 – On what date did was the site first captured by the internet archive? (MM/DD/YY format)
01/06/97Question 5 – What is the first sentence of the first body paragraph from the final capture of 2001?
After years of great online gaming, it’s time to say good-bye.Question 6 – Using your search engine skills, what was the name of the company that was responsible for the original version of the site?
SegasoftQuestion 7 – What does the first header on the site on the last capture of 2010 say?
Heat.net – Heating and Cooling
Task 6 – Taking A Peek Under The Hood Of A Website
Question 1 – How many internal links are in the text of the article?
5Question 2 – How many external links are in the text of the article?
1Question 3 – Website in the article’s only external link ( that isn’t an ad)
purchase.orgQuestion 4 – Try to find the Google Analytics code linked to the site
UA-251372-24Question 5 – Is the the Google Analytics code in use on another website? Yay or nay
nayQuestion 6 – Does the link to this website have any obvious affiliate codes embedded with it? Yay or Nay
nay
Task 7 – Final Exam: Connect the Dots
Question 1 – Use the tools in Task 4 to confirm the link between the two sites. Try hard to figure it out without the hint.
- On checking the IP History, both the websites are owned by the same company.
LIQUID WEB, L.L.C
Task 8 – Debriefing
Question 1 – Click to complete
DoneTask 9 – Wrap-up
Also Read: Tryhackme – Toolbox: Vim
So that was “WebOSINT” for you. We started off with the WHOis registration data of the website. Then we took a dive into the target’s blog and found some useful info there. Moving on, we performed some DNS enumeration and then moved to source code analysis. At last, connected the dots with all the found information and completed the room. On that note, i would take your leave and will meet you in next one. Till then, “Happy hacking”.
