<-- home

9447 2015 / Recon 2

Description

This challenge starts off at the end of Recon 1.

Find the attackers full name. See attached file on Recon 1.

The format of the flag is 9447{firstname.lastname}. It will be obvious when you’ve found the name.


The Challenge

Starting from the end of Recon 1, we end up on the website dynaniclock.pw.

The website is a single page with static content and a form where you can fill in a name, email address and a message.

form


After filling the form, we receive an email:

From : Mailer <admin@dynamiclock.pw>
Subject : John, thank you for signing up

Thank you for registering your interest. We will contact you some time in the next week.


We can examine the header of the email to find the IP of the sender :

Received: from www.dynamiclock.pw (dynamiclock.pw [162.243.7.88])


Browsing to that IP gives us a vCard for the nickname dynamicWarl0ck!

warlock


From this point, we can use a service like namechk to list his accounts. We find that dynamicWarl0ck has an account on Github and BitBucket.

Going through both accounts, we find a project in which he has three commits, one of which is registered under his real name : William Clutterbuck!

Flag : 9447{William.Clutterbuck}