Fall
Platypwn 2024 Fall Challenge
Challenge description:
Which building can be seen in this pretty fall photo?
The flag should be entered like
PP{nameofbuilding}, wherenameofbuildingis the name of the pictured building in the language of the country it is in. There are only lowercase letters and no spaces, diacritics or other special characters in the flag.
A good old regular OSINT challenge. While pretty easy they can still be very insightful into how we can properly approach finding where photos were taken.
So, first step is to go over the metadata of the photo. While it might seem trivial, photos contain lots and lots of metadata about a multitude of things, inculding but not limited to the camera and its settings, the software used to edit it, the GPS location of the photo and time of day, and etc.
In order to go over the metadata, we’re going to be using exiftool
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
┌─[slavetomints@parrot]─[~/ctfs/platypwn-2024/osint/fall/images]
└──╼ $exiftool Fall.jpg
ExifTool Version Number : 12.57
File Name : Fall.jpg
Directory : .
File Size : 8.1 MB
File Modification Date/Time : 2024:12:02 21:32:02-06:00
File Access Date/Time : 2024:12:02 21:32:02-06:00
File Inode Change Date/Time : 2024:12:07 09:11:39-06:00
File Permissions : -rw-r--r--
File Type : JPEG
File Type Extension : jpg
MIME Type : image/jpeg
JFIF Version : 1.01
Exif Byte Order : Little-endian (Intel, II)
Make : Platycam
Camera Model Name : Platycam2000
Orientation : Horizontal (normal)
X Resolution : 72
Y Resolution : 72
Resolution Unit : inches
Software : GIMP 2.10.38
Modify Date : 2024:10:18 14:06:00
Y Cb Cr Positioning : Co-sited
Exposure Time : 1/236
F Number : 1.7
Exposure Program : Not Defined
ISO : 100
Sensitivity Type : Unknown
Recommended Exposure Index : 0
Exif Version : 0220
Date/Time Original : 2024:12:18 21:12:00
Create Date : 2024:12:18 21:12:00
Components Configuration : Y, Cb, Cr, -
Shutter Speed Value : 1/235
Brightness Value : 11.1
Exposure Compensation : 0
Max Aperture Value : 1.0
Metering Mode : Center-weighted average
Light Source : Other
Flash : Off, Did not fire
Focal Length : 2.4 mm
Sub Sec Time : 793
Sub Sec Time Original : 793
Sub Sec Time Digitized : 793
Flashpix Version : 0100
Color Space : sRGB
Exif Image Width : 3696
Exif Image Height : 5731
Exposure Mode : Auto
White Balance : Auto
Digital Zoom Ratio : 1
Focal Length In 35mm Format : 0 mm
Scene Capture Type : Standard
Profile CMM Type : Little CMS
Profile Version : 4.3.0
Profile Class : Display Device Profile
Color Space Data : RGB
Profile Connection Space : XYZ
Profile Date Time : 2024:10:18 12:03:32
Profile File Signature : acsp
Primary Platform : Apple Computer Inc.
CMM Flags : Not Embedded, Independent
Device Manufacturer :
Device Model :
Device Attributes : Reflective, Glossy, Positive, Color
Rendering Intent : Perceptual
Connection Space Illuminant : 0.9642 1 0.82491
Profile Creator : Little CMS
Profile ID : 0
Profile Description : GIMP built-in sRGB
Profile Copyright : Public Domain
Media White Point : 0.9642 1 0.82491
Chromatic Adaptation : 1.04788 0.02292 -0.05022 0.02959 0.99048 -0.01707 -0.00925 0.01508 0.75168
Red Matrix Column : 0.43604 0.22249 0.01392
Blue Matrix Column : 0.14305 0.06061 0.71393
Green Matrix Column : 0.38512 0.7169 0.09706
Red Tone Reproduction Curve : (Binary data 32 bytes, use -b option to extract)
Green Tone Reproduction Curve : (Binary data 32 bytes, use -b option to extract)
Blue Tone Reproduction Curve : (Binary data 32 bytes, use -b option to extract)
Chromaticity Channels : 3
Chromaticity Colorant : Unknown
Chromaticity Channel 1 : 0.64 0.33002
Chromaticity Channel 2 : 0.3 0.60001
Chromaticity Channel 3 : 0.15001 0.06
Device Mfg Desc : GIMP
Device Model Desc : sRGB
Image Width : 3696
Image Height : 5731
Encoding Process : Progressive DCT, Huffman coding
Bits Per Sample : 8
Color Components : 3
Y Cb Cr Sub Sampling : YCbCr4:2:0 (2 2)
Aperture : 1.7
Image Size : 3696x5731
Megapixels : 21.2
Shutter Speed : 1/236
Create Date : 2024:12:18 21:12:00.793
Date/Time Original : 2024:12:18 21:12:00.793
Modify Date : 2024:10:18 14:06:00.793
Focal Length : 2.4 mm
Light Value : 9.4
Hm, seems like they scrubbed the GPS data out of it. Unfortunate. However, we can always reverse image search it. The unique mosaic pattern in the tile is bound to show up on the internet. To do this, we’re going to utilize a simple Yandex Image Search while we are probably not going to find the exact picture, we’ll hopefully find something simlar to it.
The first result I found send me to https://www.flickr.com/photos/31599232@N07/4142304144/, where there was a photo of the Orangery Palace in Potsdam, Germany. After some more searching I was able to match the tile using Google Maps.
Last thing to do, translate the name. Wikipedia is always good for that, and we now know the locals call it the Orangerieschloss, lets lowercase it and call this a success!
FLAG: PP{orangerieschloss}