The following details how I solved the OSINT challenges on HackMyVM.

Challenge 003

Who is she?

The goal of this challenge is to identify who this person is. I used a Google reverse image search to assist with this.

Immediately there were many results of this same mural. Clicking on any of the links will reveal the name of the individual in the mural.

Solution: HMV{gatacattana}

Challenge 006

hackmyvm.eu. 100 IN TXT

To solve this one I used nslookup to query the TXT records of HackMyVM’s DNS configurations. This yielded the flag.

Solution: HMV{sasviyalin}

Challenge 012

HackMyVM{audio}

This challenge provides only an audio file and no real instructions on what to do with it. The audio clip is only a couple of seconds and sounds like gibberish. I managed to solve this by running it through an audio transcription tool. Although it wasn’t as easy as it sounds. Most of the audio transcription tools I ran it through weren’t able to make this out into anything meaningful. It was a lot of trial and error until I found a tool that gave me something that I could work with.

Solution: HMV{ILOVELANGUAGES}

Challenge 026

Country?

The building in the photograph is the biggest giveaway as to which country this is in. The building sign reads “cermodern”. A quick Google search tells us that this is an art gallery in turkey.

Solution: HMV{turkey}

Challenge 029

One of hackmyvm.eu subdomains has the answer.

To find the subdomain that has the flag we will need to use a subdomain enumeration tool. The tool I used for this is Sublist3r which finds subdomains through search engine queries, SSL/TLS certificate logs, and reverse DNS lookups among other methods. This was the output when I ran the tool.

Solution: HMV{publicd0main}

Challenge 034

HMV{country}

This one was pretty straight forward. You just need to identify the country that this flag belongs to. I used AI to check that for me.

Solution: HMV{somalia}

Challenge 036

Find The correct BSSID.

This challenge was a lot of fun. The goal of this one was to identify the BSSID of the network shown in this picture. A BSSID is essentially like a MAC address for a network access point. So, the first step to figure this out is to identify the location in the picture. The only identifiable features in this picture were the logo on front of the building and a sign next to it that read “Sunlive”. I tried to Google “Sunlive”, but that didn’t come up with anything useful, so instead I took a close-up screenshot of the building and did a reverse image search.

That led me to this website:

https://www.homemate-research-supermarket.com/dtl/75000000000000003370/photo_album/

This webpage had several images that seemed to fit with what we saw in the original image.

I removed “/photo_album/” from the URL to bring me to a different section of the website, which conveniently had a link to a Google Maps view of the location. The picture on Google Maps made it abundantly clear that this was the exact same location as the original image.

Now that I had the exact location, all that I needed to do was find the BSSID. For this, I used a wireless network mapping website called Wigle.

After a bit of mapping around the area and some trial-and-error, I discovered the correct BSSID.

Solution: HMV{00:3A:9A:7B:5F:40}

Challenge 048

City?

The “UA” on the license plate suggests it is a Ukraine license plate. With that knowledge, you can look up a list of license plate prefix codes in Ukraine. “AA” corresponds with “Kyiv”.

Solution: HMV{kyiv}

Challenge 075

What’s the name of the place with the empty black board on the right bottom of the image. Flag like: HMV{Xxx_Xxx_Xxxxx}

The first step I took was to reverse image search the painting. I was able to find pictures of this exact street, and noticed that one of the buildings has the name “Odette”.

Using that information, I went to this location on Google Street View.

Navigating back toward the building we were asked to identify in the challenge prompt, we can see that it is called “The Tea Caddy”.

Solution: HMV{The_Tea_Caddy}