Pwn The Scam 5 - Forget me and leak me not

Aperi'CTF 2019 - OSINT (250 pts).

Aperi’CTF 2019 - Pwn The Scam 5 - Forget me and leak me not

Challenge details

Event Challenge Category Points Solves
Aperi’CTF 2019 Pwn The Scam 5 - Forget me and leak me not OSINT 250 3

Un site de scam Bitcoin a été découvert sur TOR. Vous avez été missionné pour en prendre le contrôle.

Pwn The Scam est un challenge d’OSINT, il n’y a pas de vulnerabilité web à exploiter! Format de flag : APRK{flag}.

Récoltez des informations sur le scammeur afin de vous introduire sur le site de scam.


Twitter password reset, twitter screenshot about facebook, facebook password reset, email guessing, pastebin leak, log on admin pannel on TOR.


Get user email

Now we have a link thanks to Wayback Machine : “By 751” ( ).


Let's try to reset the password to get a partial mail:


We get the partial mail: `t0********@g****.***`.
We also have a screenshot:


We can recognize the domain and a Facebook account in the background: “Tor Byte”. A quick search led us to

The account has no real information, no pictures, no post, no friends… Let’s reset his password to complete our partial mail ! For this, go to forgot password, enter tor.byte in input field and submit (it correspond to the username in URL).


We can guess the email To verify, let's reset the facebook password with this email. The email is correct since we got a validation page.

Get user password

Now that we have the email, let’s search for password leaks. Usually leaks may appear in big databases or in website like pastebin. A quick search on google with this email gave us only one link:


We got a password for the mail account: Z>ZYc-4[^JG3k6br. After few try on Google, Facebook, Twitter, the password doesn’t seem to work… But what about TOR service ? If you go back to http://ylsspycahtqrv3u2.onion/free-btc/admin and put the password Z>ZYc-4[^JG3k6br.




Challenge by DrStache , WriteUp by Zeecka