keyboard_arrow_up

title: Writeup DamCTF 2021 - Imp3rs0nAt0r-2
date: Nov 08, 2021
tags: DamCTF Writeups OSINT Cheatsheet Volatility3 Forensic ShieldsCTF Prog HeroCTF MidnightFlag


DamCTF2021 - Imp3rs0nAt0r-2

Great work figuring out their next moves! We have gone ahead and preemptively secured the aforementioned services. Now let’s start to try and put this whole thing to rest.

Can you find the full name of the person who was behind the operation?

Submit the flag as dam{firstname_lastname}.

Because I had a github account, the first thing I tried was to get the email address associated to that github account. In order to do that, if the account email is not set as "private" in the github settings you can choose any commit and add .patch at the end of the URL. You will have the commit information, in which is included the email address of the person : https://github.com/nc-lnvp/hello-world/commit/fe28e6b7d24317f2108e01ad80a6946cec6a0ce8.patch

retrieve-github-commit-email.

Yay ! We've got our mail address : nn9262186@gmail.com

It's a gmail address, so first thing to do is to run GHunt on it to find out if some google services are associated to the email account.

ghunt

Perfect we have his name, so we've got our flag :D !

dam{Pax_Vallejo}