top of page

Australian OSINT Symposium Capture-the-Flag Walkthrough Part III

  • Jemma Ward
  • 27 minutes ago
  • 4 min read

If you’ve been following along with our previous walkthrough blogs for the Australian OSINT Symposium Capture-the-Flag (Part I and Part II), you’ll know we have one final challenge left. This one was a tricky geolocation challenge, although it might have been a little more straightforward for those who were paying attention to some clues in the rest of the challenges.


Transit Point

ree

This is a classic geolocation challenge – we have an image, without any metadata, and we need to identify the correct town.

ree

In previous CTF walkthroughs, as well as our tradecraft blogs on image analysis, we’ve discussed approaches for analysing imagery for geolocation. One of the first things we can do is list the features in an image, with a particular focus on the following categories:

  • Signage

  • Landscape

  • Structures

  • Vehicles

  • Clothing

  • Hand-held objects

In this image, we can’t see any people, so we won’t be able to pull out details about clothing. But there are plenty of other clues, although they may require some scrutiny.

Signage

  • There are a few visible pieces of signage in our image. Firstly, the satellite dish in the top right quadrant reads ‘Orange TV’. Through the window, we can see some red neon signs that are a little more difficult to make out. We’ll come back to those ones. And we can see a pictorial sign above the staircase.


Landscape

  • Vegetation is visible in the window reflection. The images probably aren’t clear enough to use plant identification tools, but we can see green, bushy trees with branches that hang slightly, and some sort of grass at ground level.


Structures

  • The structures in this image provide an interesting contrast. On the left side of the picture, the building is light-coloured, blockish, with small, vertical windows and a walkway beneath it. It appears more functional than pretty. In contrast, the building on the right features a red-tiled roof, gabled dormer windows, carved timber frames, geometric decorations.


Vehicles

  • We can make out some vehicles in the reflection of the window, but there’s not quite enough detail to see logos or numberplates.

  • Potentially the side of a train carriage visible through the walkway on the left.


Let’s go back to that red neon sign that’s tricky to read – the interior of the building is quite dark, so if we adjust the light levels the sign might become more readable. There are a number of free online tools for image manipulation. Two of our favourites are:

Here is the light-adjusted version of the image from Lunapic.

NB: the images that are uploaded in our blogs lose some quality, so the original manipulation in Lunapic will be quite a bit clearer.
NB: the images that are uploaded in our blogs lose some quality, so the original manipulation in Lunapic will be quite a bit clearer.

With the light levels adjusted, it becomes much easier to make out the word – ‘Frizerie’. Using either searching techniques or AI, we can quickly confirm that ‘Frizerie’ is a Romanian term for a barbershop.  

ree

We can use the other sign – the satellite dish with the words ‘Orange TV’ – to further verify our approximate location. Google searching confirms that ‘Orange’ is a satellite television provider that covers Romania (as well as other parts of Europe).

ree

It seems, then, that we are looking at some kind of transit point in Romania. Based on the structure itself, it’s unlikely to be an airport, so a train or bus station are more likely candidates.


If we refer back to the other details in the image, we can begin to make some further inferences based on what we’ve seen. Firstly, this location is surrounded with trees and vegetation – this might mean that it is a smaller town or city. It doesn’t look like a particularly grand building, either, so perhaps it is not a station with constant or high volumes of transit traffic.


Keyword searching some of our features will begin to generate some leads (in fact, our location is in the image results below, but the photo is from a different angle!):

ree

Now that we have some location names to explore – Sighișoara and Sibiu – we can investigate their transport options via Google Street View or other imagery.

ree

Comparing the Sighișoara station building imagery on Google Street View to our picture confirms that we have the correct location (and for those of you were paying attention to the other clues in this CTF, Sighișoara is also considered the birthplace of Vlad the Impaler, the inspiration for Bram Stoker’s Dracula!).


How did you fare for our third capture-the-flag of the year? With almost 100 participants, we had a clear winner: Ch3w13 solved all challenges and achieved the maximum number of points (6050). Shout outs to Searching, SpotThem.com, and fr33dd who all achieved 5750 points, tying for second place.

ree

Congratulations to all participants! We’ll be running more capture-the-flag events next year, so keep an eye out. If you’re keen to uplift your OSINT tradecraft skills, explore our training courses here, or get in touch at training@osintcombine.com.

 
 
bottom of page