LAripping

import json
import boto3
import botocore
import requests

myIP = requests.get('http://ifconfig.me').text

client = boto3.client('dynamodb', region_name='eu-west-2')

scan_resp = client.scan(TableName='Visitors')

LAripping

Security BSides Athens 2022 - OSINT Challenge Writeup

Intro

The OSINT challenge was released during the live-stream of the Security BSides Athens 2022 event, as part of the talk "Baby, Don't Forget My Number: OSINT using your phone's address book" [^1].

The description was simple, a simple trick discussed in the talk should be used to uncover as much information as possible from social media and instant messaging services for a given "target", for whom we only know the phone number: +30 694 942 2024. When enough information would be revealed, the challenge's goal -cryptically described as "the three wills"- would make sense. All of this was summarised in the slide below:

Note that a short video of this challenge description was played right after the talk and has also been uploaded on YouTube [^2]

LAripping

#! /usr/bin/env python
import re
maps_file = open("/proc/self/maps", 'r')
mem_file = open("/proc/self/mem", 'rb', 0)
output_file = open("self.dump", 'wb')
for line in maps_file.readlines():  # for each mapped region
    m = re.match(r'([0-9A-Fa-f]+)-([0-9A-Fa-f]+) ([-r])', line)
    if m.group(3) == 'r':  # if this is a readable region
        start = int(m.group(1), 16)
        end = int(m.group(2), 16)

LAripping

#!/bin/bash
#set -x
 
if [[ $# -ne 2 ]]; then
    echo "Usage: $0 <grep_regex> <dir>"
    echo "Search for APKs in a directory, extract the dex from them and grep over them for a pattern"
    echo "    <grep_regex> The regex that will be passed to 'grep -ial' upon APKs "
    echo "    <dir>        The directory to 'find' APKs in"
    exit 1
fi