9447 2015 / Recon 2
November 29, 2015
Description
This challenge starts off at the end of Recon 1.
Find the attackers full name. See attached file on Recon 1.
The format of the flag is 9447{firstname.lastname}. It will be obvious when you’ve found the name.
The Challenge
Starting from the end of Recon 1, we end up on the website dynaniclock.pw.
The website is a single page with static content and a form where you can fill in a name, email address and a message.
After filling the form, we receive an email:
From : Mailer <admin@dynamiclock.pw>
Subject : John, thank you for signing up
Thank you for registering your interest. We will contact you some time in the next week.
We can examine the header of the email to find the IP of the sender :
Received: from www.dynamiclock.pw (dynamiclock.pw [162.243.7.88])
Browsing to that IP gives us a vCard for the nickname dynamicWarl0ck
!
From this point, we can use a service like namechk to list his accounts. We find that dynamicWarl0ck
has an account on Github and BitBucket.
Going through both accounts, we find a project in which he has three commits, one of which is registered under his real name : William Clutterbuck!
Flag : 9447{William.Clutterbuck}