This challenge will be focused on raising awareness on how travel information can also be used in a Open Source Intelligence capacity. We will be doing a little bit of OSINT and see if we can figure out "Jeff Bezos" and "Bill Gates" flight routine, based on the information we can find about their transportation infrastructure. This challenge is designed to show how much "Open Source Information" there is available out there, that can help someone gain information about you.
No information needs to submitted and methods learned are not to be used for any illegal purposes. This challenge is designed to be a walkthrough and basic introduction to "OSINT" for learning purposes.
1. You will be asked to find the private jets of Bill Gates and Jeff Bezos.
2. You will then use the information about these jets to track their flight paths and try to conclude how this information can be used against them.
● Computer with internet connection
● Ability to search on Google
● Access to a web browser
a)Google “Jeff Bezos private jet” and click on images.
b)Look through the images and find the private jet number, use the example below to help you find the number. Write down the number.
a)Google “Bill Gates private jet” and click on images.
b)Look through the images and find the private jet number the same way you did in Step 1.
c)Write down the number.
We will need to find something called “Mode S hex code”, which is a unique 24-bit address assigned to each plane upon registration.
a) Go to “https://opensky-network.org/aircraft-database” in the search bar, type in the private jet number you found in step 1 and push enter.
b) Click on the result
c) Under “registration” find the “Mode S Code (hex)” field and write down the hex number in that field.
Congratulations! you just found the “Mode S hex code” of a private jet that Jeff Bezos owns.
d) Please repeat steps "a)" to "c)" but this time do it for Bill Gates.
Using the “Mode S hex codes” you found, we will now look through a flight path database and see what flight path our two people of interest took.
a) Go to “https://globe.adsbexchange.com/”, welcome to a live view of air traffic. Zoom in and Zoom out just to see how many planes are in the air.
b) We will need to sort through all data the site currently holds and find a flight path specific to our date and plane. Provided the link below, fill in the area in bold replacing the "Xs". Fill in your Jeff Bezos “Mode S code hex” number in place of the bolded "Xs":
c) Paste the URL in your browser and push enter. As you can see you found where Jeff Bezos was flying to on 2020-12-01.
d) Look at the left of the website “history” area and try clicking previous, it will cycle to all known flight paths for that specific day. Jeff Bezos doesn’t fly everyday, but you will see his plane in the air very often.
e) Repeat steps "b)" to "c)" for Bill gates, but this time open a different tab.
Think about how information regarding infrastructure can possibly lead to a security risk for their organizations.
What kind of OPSEC each of the organizations should deploy?
Check out this article below and see how this information was used against one of the organizations:
Check out all these celebrities and see what you can find: