Challenge: Kryptic Ransomware

come on… it has not even started yet…

but never mind…any nudges appreciated… for me too … (as soon as this challenge has been published)… … … :wink:

Am I missing something obvious? The only thing I see that could be dug into is a parked domain.
E: Got very basic leads, but not sure what’s in scope…

Tried tracing the domain’s IP but coordinates wouldn’t work…

I have tried like 3 or 4 different coordinates from various ways, nothing works…

Currently stuck…
Tried the GPS coordinates (in DMS format) for city in europe and the building (not in europe) for the big event the leader tweeted about… Anyone got a nudge if I’m barking up the wrong tree or if I’m getting closer?

Done with one hint. Hardest part for me is calulating correct DMS format.
At first i tough: whois creating that strange challenges?
Then i sang a song with bird and cat :wink:

As always we can bruteforce that challenge with two nested for’s loop from 0 to 90 with 0.000001 step. Its only 90 000 000 * 90 000 000 attempts. Easy :wink:

Owned, thanks to @Kucharskov for keeping me in the right direction

Got it. Thanks @clubby789

I found the position but when i get “Sattelite is repositioning…”
Is this a bug or the challenge is not over yet lol ?

@LukuRajad said:

I found the position but when i get “Sattelite is repositioning…”

The website is basically a wrapper for AES decryption, using your coords as the key. That error means that there was an error during decryption. Your coords/format is wrong

i guess challenge got broken.
pm’ed author

Found some interesting

!WHOIS records
but got stuck after that. The coords linked to those weren’t correct so I must be barking up the wrong tree. Time to try harder.

But now its challenge dont work how it must do.
We can’t finish this challenge without help now.
If you need help pm me.

Yeah, the challenge looks broken now for the first step. I solved it a few days ago but when trying to help someone just now, I saw the information has changed now and I don’t think one can get past the first step without help. Needs to be fixed.

The first step is indeed broken, send me a PM if you need help.

Finally got this… thanks to @roaldnefs for the first hint(which is now gone) and the nudge

Any updates? is it still broken?

Thank you @roaldnefs for sending me the right information after it got broken.
That was really fun.

After PM’ing @roaldnefs, I believe I was already past the “broken” part and got the required info. Now I just need to dig deeper for more information I guess. Will update if I manage to get further or solve the challenge.

For now my tips would be:
don’t rely on WHOIS, as that got changed.
remember it’s an OSINT challenge.