BSides Canberra 2021

Documenting my BSides Canberra 2021 experience in the form of a continuously updated blog post.

#BSidesCbr2021 #conference

Resources

πŸ“… BSides Canberra 2021 Schedule Calendar Files – https://github.com/drsh0/BSidesCBR2021-calendar/

CTFs

CBR OSINT CTF

πŸ“’

🚩 https://cbrosint.ctfd.io/

Writeup

straightforward – 200

We'd like to purchase roundabouts.com. I've got all but one of the owner's details. What is the domain owner's street name? Flag Format One word. Case insensitive.

➜  ~ whois -H roundabouts.com | grep -i street
Registrant Street: 2685 Dorking  
Admin Street: 2685 Dorking  
Tech Street: 2685 Dorking  

Flag: Dorking

here's our old web page – 300

Not unlike his creator, Egbert sometimes starts creating blogs and >webpages, only to destroy them before revealing them to the world. To his credit, he will usually archive it first. What's his old email address, as seen on his old website: https://cbr-roundabout-society.blogspot.com/p/canberra-roundabout->society-annual_22.html Flag Format: Email address.

  1. Check the URI above on web.archive.org; no snapshots available
  2. Check google for cached copies; none available
  3. Query archive.is; snapshot found!: https://archive.is/wOyRB

Flag: cbr.roundabouts@hotmail.com

here's our web page – 300

This was the shortened link to Egbert's new blog (under construction): tinyurl.com/vadXDTcb Alas, it’s broken. One of his friend's did scan it to see if if was a phishing link, so perhaps we can track it down. What is the unshortened URL for Egbert's blog site. Flag Format: URL e.g. https://gateway.example.com/blog

curl "https://urlscan.io/api/v1/search/?q=filename:tinyurl.com\/vadXDTcb"

What we're looking for:

      "page": {
        "country": "DE",
        "server": "Netlify",
        "city": "Frankfurt am Main",
        "domain": "roundabout-spotters.netlify.app",
        "ip": "2a03:b0c0:3:e0::26f:c001",
        "mimeType": "text/html",
        "asnname": "DIGITALOCEAN-ASN, US",
        "asn": "AS14061",
        "url": "https://roundabout-spotters.netlify.app/blog",
        "status": "200"
      },
      "_id": "f2d8fc99-6aaa-494d-90ac-34b8365f6770",
      "sort": [
        1613981255108,
        "f2d8fc99-6aaa-494d-90ac-34b8365f6770"
      ],
      "result": "https://urlscan.io/api/v1/result/f2d8fc99-6aaa-494d-90ac-34b8365f6770/",
      "screenshot": "https://urlscan.io/screenshots/f2d8fc99-6aaa-494d-90ac-34b8365f6770.png"
    }

Flag: https://roundabout-spotters.netlify.app/blog