Friday, September 27, 2013

CSAW CTF Quals: Recon All

Jordan Wiens (100):

The Jordan Wiens recon began where 2012's recon ended, at His site gave the hint, "Michael Vario sure does some suspicious signs, hope he doesn't do me."  This led us to Google Michael Vario and find that his name was often associated with the PGP key world. Searching Jordan Wiens in a public PGP key database (, any database works) showed a public key with the User ID "Jordan Wiens (CSAW folks: getting warmer) <>"   it also showed the key having a "user attribute packet" After musing over this hint for far too much time we decided to look into what a "user attribute packet" was. Turns out it is a picture embedded in the public key. We were able to find a database which displays a "user attribute packet" in line with the web page ( Searching Jordan Wiens in this data base resulted in a picture with the key handwritten out.      

Odin (100):

Looking at the Whoami on snOwDIN in the IRC gave the hint linkedin:chinesespies. This lead us to search the user chinesespies on linked in. turned out to me an "Eddie Snowdin" spoof account with the key written out in the Skills & Expertise section. 

Brandon Edwards (100):

Searching Google, we found that Brandon Edwards is often referred to as drraid. Searching drraid in google lead us to his github account. Scrolling through the posts allowed us to find: "Hai Guys, for CSAW CTF Judge responsibility I have to hide a recon key." The key is located in the post at: Github

Julian Cohen (100):

Some googling found that his handle is HockeyInJune. Searching this gave his Wikipedia user page User:HockeyInJune which only displayed "Check out my new website" visiting the site's IP address gave the key 
-wardawg, lilniqy

Theodore Reed (100):

A hint was that it was within 3 clicks of, with that number increasing to 4 due to "asshole" CTF players. I took that last addition to mean that there was some sort of user comment functionality which would allow for this number to change, and require an extra click to get to. I wget'ed off of with
wget -e robots=off --tries=40 -r -H -l 4
This downloaded everything. I then recursively grepped for the key, printing out each file that contained "key=". Looking through the list, I found a youtube link, with a comment as the key.

The youtube comment didn't have "key=" ironically, so I thank the people at youtube for including that somewhere in their code and matching my search term.



  1. Strength of character means the ability to overcome resentment against others, to hide hurt feelings, and to forgive quickly. See the link below for more info.


  2. You have done a great work. Thanks for making this blog. You helped me a lot on my research topic. Keep it up guys!


  3. I really enjoyed reading your article. I found this as an informative and interesting post, so i think it is very useful and knowledgeable. I would like to thank you for the effort you have made in writing this article.

  4. I’m glad I come across this column I found little good stuff and enjoyed reading them. It’s very informative and useful.

  5. Thank you for sharing your thoughts and for inspiring us. Keep it up and continue on what your doing. Visit my site too.

  6. You are an awesome blogger. This is one of the best blog I had visited so far. Hope to read more post from you in the future. Keep it up. God bless.


  7. Love it! Very interesting topics, I hope the incoming comments and suggestion are equally positive. Thank you for sharing this information that is actually helpful.