Week in OSINT #2023-03

Week in OSINT #2023-03

sock tiktok telegram datasets wordpress disinformation
Another episode with tips and tricks on TikTok and Telegram, and some news on different building databases.

I've been going over some websites, while preparing a workshop, and found out that the online world of building databases have changed. Just like social media, once in a while sites disappear, or re-emerge under a different brand or URL. So it was time to have a look at that, and I also decided to add some personal tips in this episode too. If you have any tips or tricks, do let me know!

  • More on InfoRos
  • Sort for TikTok
  • Sock Puppets
  • Telegram Tip
  • Building Databases
  • WordPress Tip

Article: More on InfoRos

Back in episode 2022-04 I talked about the OpenFacto report on InfoRos. Last week, they presented another report, with even more findings. After the first report InfoRos went silent for a bit, but after some time they resumed operation as usual. A very interesting report, with some interesting findings and a good look on how information plays an important role in geopolitics.

Cover of the InfoRos report by OpenFacto
Cover of the InfoRos report by OpenFacto

Link: https://openfacto.fr/2023/01/16/inforos-historical-networks-of-influence/

Tool: Sort for TikTok

Brecht Castel shared a nifty little tool last week. It is a Chrome extension that enables you to quickly sort all videos within a TikTok profile by popularity. This enables you to quickly focus on the most popular videos first. It works like a charm, and a single click loads and sorts videos within a few seconds, depending on the size of the account. Thank you for sharing this little gem, Brecht!

Sorting TikTok videos by popularity
Sorting TikTok videos by popularity

Link: Chrome extension

Media: Sock Puppets

Over on the TOCP Discord server user ᴋᵒᵍᵃᵐⁱ shared a video he published, where he talks about creating sock puppets. He gives some tips on how to circumvent text verification, by using online services. He also quickly touches on how to fill a social media profile. Of course there is a lot more to building sock puppets than what is featured in this video, but this can be of help for people that have hardly any experience with it.

Link: https://youtu.be/w6sWdSYOHIY

Tip: Telegram Tip

With Telegram desktop it is possible to export chat messages of groups you are a member of, and even public groups without joining them. After exporting the chat messages it is possible to create a list of names via different ways. If you are using macOS or Linux, the easiest way is to go to your download folder, and use the command line to create a list of unique usernames, like this:

cat messages* | grep -A1 "from_name" | cut -f1 -d "<" | sort -u > members.txt

This will do the following:

  • cat will read through the filenames starting with 'messages'
  • grep -A1 will retrieve the line that contains from_name
  • cut -f1 -f will cut off text after < to remove the date it was posted
  • sort -u will sort the names, and keep unique names only
  • > members.txt will save the list of names to the file members.txt

This will not give you the account names, of Telegram IDs, only the display names. To retrieve those, other techniques have to be used, where the information is pulled from the Telegram APIs.

Site: Building Databases

In September 2022 some things have changed in the world of building databases. Emporis was taken offline, and Phorio relaunched as SKYDB, and went into beta in November 2022. SKYDB still has a few issues, for instance it doesn't display the exact city when there are multiple hits.

An abundance of information on buildings
An abundance of information on buildings

But SKYDB isn't the only website out there with information on buildings. Here is a list of websites with building information, like height, amount of floors, location and more:

* Redirects to Skyscrapercenter.com when searching the database

Tip: Wordpress Tip

This tip is well known for years already within the OSINT community, but a lot of people are just starting in this field of work. So I thought it was a good idea to share this.

When diving into Wordpress blogs, it is sometimes possible to retrieve some information on users via the API, if this is enabled. To have a look at a list of users, it is enough to change the URL to the following:

{site}/wp-json/wp/v2/users

This will return a JSON dump of everyone that has an account on the particular site, and might reveal some more interesting information.

Looking under the WordPress hood
Looking under the WordPress hood

The following API 'endpoints' might be worth checking out (replace the users part in the example above):

API Endpoint Information
comments All published comments
media All media within the blog
pages Information with static pages
posts All blog posts that are published
users List of 'authors'

If there are too many results, then feel free to add some pagination, by adding the per_page parameter:

{site}/wp-json/wp/v2/posts/?per_page=100&page=1

FUNINT: It is Solved!

Back in September 2022 I tweeted a link mentioning the Tumblr of mooncalfe1. Showing an image of a TV show, she asked: Who is this? And through the power of the internet, and people with some awesome memories, it was finally found last year too. It took more than 6 years, but it shows: Perseverance is key

Link: https://mooncalfe.tumblr.com/...

Have a good week and have a good search!

Previous Post Next Post