Image & Geospatial OSINT
In this article, I learn how to use Open Source Intelligence (OSINT) techniques and tools to gather information from image or video files. I can then use this information to geolocate and answer context questions based on visual intelligence alone. This challenge is available on the TryHackMe platform and is titled “Searchlight — IMINT”, created by the user “zewen”.
Challenge 1
Challenge Question & Answer
What is the name of the street where this image was taken?
Looking at the the image, we can see a welcome sign that identifies the name of the street as “Carnaby Street”.
Challenge 2
Challenge Description
The next few challenges will ask multiple questions that you need to answer based on the information you extract from the image.
Challenge Questions & Answer
1. Which city is the tube station located in?
The sign is easily recognizable as the London Underground Metro system.
2. Which tube station do these stairs lead to?
3. Which year did this station open?
4. How many platforms are there in this station?
I can see a partially obscured sign above the stairs that includes the word “circus”. A quick search on google reveals a tube station called “Piccadilly Circus” that was opened in the year 1906 and has four platforms.
Challenge 3
Challenge Description
This challenge will require you to do some ‘Google dorking’ to answer the questions below. Scan the image for data and remember the questions from the introduction — Do you see anything in the image that can be used in a search query or help you narrow down the potential location?
Challenge Questions & Answers
Attempting to open the image file results in an error. I used the Linux file command to check the image and saw that it was a PNG file with a .jpg file extension.
$ file task4.jpg
task4.jpg: PNG image data, 478 x 267, 8-bit/color RGB, non-interlacedChanging the file extension to .png allows me to open the image.
1. Which building is this photo taken in?
I can see a large billboard in the background of the image that has the website domain “yvr.ca” on it. This is the website for Vancouver International Airport, which is the building this photo was taken in.
2. Which country is this building located in?
Vancouver International Airport is located in Canada.
3. Which city is this building located in?
Vancouver International Airport is located in Richmond, Canada
Challenge 4
Challenge Description
A friend of mine contacted me asking if I could help them locate a coffee shop that is supposed to serve the best lunch there is. They told me the coffee shop is somewhere in Scotland, and he sent me these two pictures. Do you think you could locate it and answer the questions below for me?
Challenge Questions & Answers
As seen in challenge 4, I get the same error when trying to open the challenge file. I need to change the file extension to .png instead of .jpg.
Challenge Questions & Answers
1. Which city is this coffee shop located in?
I can see a sign for “The Edinburgh Woolen Mill” in the background of the image. I know the coffee shop is located somewhere in Scotland, so I searched for any “The Edinburgh Woolen Mill” stores located in Scotland.
I checked for any images returned by my search and found one of the “The Edinburgh Woolen Mill” stores located in Blairgowrie that matched the challenge file.
2. Which street is this coffee shop located in?
Since the entrance to the “The Edinburgh Woolen Mill” store is facing the coffee shop in the image, I can see on Google Maps that there is a coffee store located directly across from the store on “Allan Street”.
3. What is their phone number?
Selecting the “Wee Coffee Shop” on Google maps, I can see their phone number under the store’s details.
4. What is their email address?
Performing a quick search for “The Wee Coffee Shop”, I found a TripAdvisor page for the store, which includes an email address link for the store.
5. What is the surname of the owners?
If you look further down on the TripAdvisor page, you will see an Q&A section where someone has asked who the owner is.
It appears the owners first name is “David”. I searched for “The Wee Coffee Shop” and specified the name “David”. I found a travel website that shows the surname of the owners.
Challenge 5
Challenge Description
Perform a reverse image lookup using the task file below and answer the questions.
Challenge Questions & Answers
1. Which restaurant was this picture taken at?
Perform a reverse image lookup using Chrome, I identified the restaurant as “Katz’s Deli”.
2. What is the name of the Bon Appétit editor that worked 24 hours at this restaurant?
I performed a quick google search and found an article on bon appétit titled “What It’s Like to Work at Katz’s Deli for 24 Hours Straight”. I see that the name of the editor who worked there for 24 hours is “Andrew Knowlton”.
Challenge 6
Challenge Description
This challenge will require you to apply some the techniques I have touched on so far: Scanning the image for visual clues, reverse image searching and Google dorking. Tools should not be your primary focus — don’t underestimate how far you can get with dorking and scrolling search results.
Challenge Questions & Answers
1. What is the name of this statue?
Performing a search for “Reindeer Motorcycle Statue” shows similar image results to the challenge file seen above, including a link to this website that provides the name of the statue (“Rudolph the Chrome Nosed Reindeer”).
2. Who took this image?
I performed a reverse image lookup using google and found a link to a travel website called VisitOSLO that provides a list of outdoor sculptures.
The website provides a clickable map that shows you the location of some of the most popular sculptures in Oslo. Based on the information provided by the website seen above in question 1, I know that the status is located in “Tjuvholmen in Oslo, Norway”. On the map, I can see the word “Tjuvholmen” partially obscured by an icon. Clicking this icon provides the same image as the challenge file and the photographer who took the picture.
Challenge 7
Challenge Description
This challenge is a step up in difficulty from the previous challenges and you shouldn’t expect to solve this quickly, especially if you are new to IMINT. While you can certainly apply the techniques and tools you’ve used to s far, this challenge may force you to revise your thinking and your approach while you’re working on solving this challenge.
Challenge Questions & Answers
1. What is the name of the character that the statue depicts?
The statue shows a women blindfolded and holding two scales aloft. This statue represents “Lady Justice”, an allegorical personification of the moral force in judicial systems. Her attributes are a blindfold, scales, and a sword. She often appears as a pair with Prudentia.
2. where is this statue located?
I performed a reverse image lookup of the statue image with Google and saw several visually similar images returned.
Looking through the visually similar images, I found one image that was used in an article by americanprogress.org. The image used on this article included details about where it was.
3. What is the name of the building opposite from this statue?
I used google maps to identify the building opposite the “Albert V. Bryan United States Courthouse” where the statue is located. I can also use street view to confirm this.
Challenge 8
Challenge Description
Download the attached video and answer the question.
Challenge Questions & Answers
1. What is the name of the hotel that my friend is staying in?
Looking at the video, I can see a number of key landmarks that helps me to determine that we are in Singapore.
Using these landmarks, I can use google maps to get an idea of where I am in relation to the other buildings.
Dropping down to street view outside the “Clarke Quay Central”, I can look back across the river and see the hotel from where the video was filmed. I can see that the name of the building is “Novotel”.
Performing a google search for “Novotel” provides the full name of the hotel.
Final Thoughts
I really enjoyed working through this room and getting the opportunity to learn more about image intelligence and geospatial intelligence. The challenge had a nice progression and I learned a lot about gathering information just by analyzing a photo or video. Thank you for reading till the end and keep hacking 😄!
