HackTheBox parsing ID Exposed. In search of Sarah. We continue the analysis of the OSINT laboratory (Level: Easy)
Hello, I continue the series of articles on parsing the OSINT EASY level.
Task
We are looking for Sara Medson Cruz’s last location, where she left a message. We need to find out what this message is! We only have her email: saramedsoncruz@gmail.com
This time the task is to find Sarah (pronounce with a Jewish accent) by mail saramedsoncruz@gmail.com and by her last letters. I will say right away: we are looking for it with our hands, we will not use bots. Otherwise, how will you learn!?
Actually, all the information that we have is e-mail and some information from Sarah herself. This time I will try to publish not ready-made articles describing the work done, but I will try to state my thoughts. Tell me how I came to a particular conclusion. So, we need to find Sarah. If she has Google Mail, then she must have left reviews on Google Maps. Spoiler: we will not find it in Odessa. Let’s start looking for information. We ask Google the following: “find location on maps gmail”
https://support.google.com/maps/answer/7326816?hl=en&co=GENIE.Platform%3DAndroid
So, let’s not get carried away! We need to find information, so we write to Google
Osint: “find a location by email”. But only in English! So more options to find the right solution.
osint find location using email address
Now we get to a video where a person shows how to find an ID by mail in the page code. Especially impressionable, please do not worry! Breathe out, breathe in! We continue.
The eternal question arises: everything is fine, but what to do next? We know how to find the ID in the page code. But this is the id of the account page of the author of the video, not Sarah Madson Cruz. But we also know that Hangouts is still alive. You need to somehow combine these two parameters. But how is not yet clear.
We remember that Google account users can share their location with friends. How to be, because we will not be friends with Sarah! And we somehow need to see its location.
I don’t remember how I found this solution, but it helped me. Who knew it would be on reddit!
Quoting a post from reddit:
Updated Google ID search method by Gmail address (Old method with contacts is fixed)
open hangouts.google.com on your PC and click on your contacts in the left corner.
Click on create a chat and enter the gmail address you want in the search.
Right-click on the name of the account and select Inspect.
4. In the developer tools find the line with hovercard-oid
5. After this phrase is an ID of 21 digits long, copy this ID
Using Google ID
https://get.google.com/albumarchive/GoogleID – replace GoogleID with the numbers you copied, find your account’s picture album.
https://www.google.com/maps/contrib/GoogleID – replace GoogleID with the numbers you copied, find your Google Maps account.
Let’s move on to finding the flag.
Shaking off the dust of millennia with Hangouts and creating a meeting with Sarah there
Let’s start looking at the code. We need to find the ID.
We follow the link https://www.google.com/maps/contrib/GoogleID
Instead of GoogleID, you need to enter the parameter that we found.
We pass on the link generated by us in the reviews.
https://www.google.com/maps/contrib/117395327982835488254
flag
HTB{i_W4S_D_I_S_c_O_v_3_R_3_D}
That’s all, dear friends. This task, though considered simple, but it took me a lot of time. It took me a few more days to describe the thoughts and actions, as well as to come up with jokes. I beg your pardon, but I get bored writing monotonous articles. I decided to add some humor to them in order to somehow stand out among more talented specialists.
Finally for the aftertaste OSINT Google and Social Networks Hacks
The Great and Terrible Sergei Stal
Editor: Alexandra Kalyuzhnaya
