For context, if you’re coming to this late: I dabble in the Dark Arts of Open-Source Intelligence (OSINT). Kase Scenarios is a phenomenal company bringing affordable and realistic experiential training to the masses through scenario-based learning. “Orkla: Dragon Con” is their latest free offering, once again putting the reader in the seat of a budding OSINT analyst assisting a shadowy figure from the KASE message board, who goes by the nom-de-plume “Orkla.”
This one took me about two hours to work through — there was only one problem that stumped me for a few minutes. This is billed as “beginner-friendly,” and I think that’s an accurate assessment. It might take the brand-new OSINT enthusiast a little longer, but there’s nothing in here you can’t find with critical thinking and a little Google-Fu (Goo-Fu? I think I’m going to start using that).
Enough preamble — lets get into it!
This is an intriguing way to start — okay, Orkla. You appealed to my ego; let’s do this.
I had no idea that these Freestyle machines were a whole thing — I think I’ve seen them at Five Guys before, but clearly that’s not the only place they have them. I was able to gather from the context here that the Freestyle product must have a dedicated online presence. A quick Google search led me to the official Coca-Cola Freestyle website, which has a handy mapping tool. I plugged in the address of the aforementioned hotel, and that gave me the location of the nearest machine.
FLAG:
Firehouse Subs
The audio file mentions that the meetup is at “Outgoing Bongo Skip.” Weird. This one threw me for a loop. I used every Goo-Fu move that I know, and kept missing the target. Eventually, I had an epiphany; there must be some sort of three-word place naming convention. One more google search led me to an app that identifies any geographic location in the world with a three-word code.
HINT:
what3words.com
FLAG:
Trader Vic’s
Ooh, geolocation is fun — one of my favorite things! This was a simple matter of opening Google Maps, finding the appropriate location, and dropping into Street View there. My Goo-Fu is back! We know that the convention is in Atlanta. Finding Baker St. on the map is easy enough, but…what intersection? Look at the sign — there’s a hint built right in there. One thing to keep in mind here is that features in a city, like signs, can change over time. Fortunately, Google Street View tends to have historical imagery in large metropolitan areas.
HINT:
Find the intersection of Baker and Peachtree
FLAG:
Ballet Olympia
A quick Google search of the name of the statue yields tons of photos of the statues, including the plaques at the base about who the sculptor and designer were.
FLAG:
John Portman
Okay, this one was involved, but not “difficult,” per se. A Google Lens search of the image brought me quickly to a higher-resolution version of it. From there, I was able to zoom in and see the year of the race. Armed with that information, I went to the official Boston Marathon website to search the bib number and year, which gives us the runner’s name.
FLAG:
Peter Yuen Man Ngai
This was a short scenario, with only five flags. The thing I enjoyed the most about it was the simple but fun geolocation and image verification exercises. These are critical skills for any investigation, which use freely available open-source tools. I enjoyed it, and can’t wait for their next one! (Shoot…I guess that means I need to stop procrastinating and finally do my report for Sandshark).
Stay hungry. Stay humble.