Aperi’CTF 2019 - Pwn The Scam 4 - Archived
Challenge details
| Event | Challenge | Category | Points | Solves |
|---|---|---|---|---|
| Aperi’CTF 2019 | Pwn The Scam 4 - Archived | OSINT | 175 | 7 |
Un site de scam Bitcoin a été découvert sur TOR. Vous avez été missionné pour en prendre le contrôle.
Pwn The Scam est un challenge d’OSINT, il n’y a pas de vulnerabilité web à exploiter! Format de flag : APRK{flag}.
Identifiez le scammeur.
TL;DR
Use Wayback Machine to get the flag and the twitter of the scammer.
Methodology
Looking at the challenge name, we may need a cache/old copy of the website to browse older information. We could have use google cache but there is no information about the website.
There is a famous website called [Wayback Machine](https://web.archive.org) which is usually use to keep a snapshot of a website for a given time. Lets search on it.
We got many snapshots, if we take the one for 03 JUL 2018 we got:
[https://web.archive.org/web/20180703085735/http://nothing-here.com/]
[https://web.archive.org/web/20180703085735/http://nothing-here.com/](https://web.archive.org/web/20180703085735/http://nothing-here.com/)
We get the flag but we also get a twitter profile “By 751”.
Flag
APRK{B4ck_1N_T1m3!}