Tags: osint google-apps
Rating:
![](https://gitlab.com/newyork167/ctf/-/raw/main/2022/SDCTF/OSINT/Google%20Ransom/info.png)
The link takes us to a google doc:
![](https://gitlab.com/newyork167/ctf/-/raw/main/2022/SDCTF/OSINT/Google%20Ransom/doc.png)
Google docs have a lot of metadata that is easily parsable with a tool called [xeuledoc](https://github.com/Malfrats/xeuledoc). In this case, we get the following information:
```bash
xeuledoc https://docs.google.com/document/d/1MbY-aT4WY6jcfTugUEpLTjPQyIL9pnZgX_jP8d8G2Uo/edit\?usp\=sharing
Twitter : @MalfratsInd
Github : https://github.com/Malfrats/xeuledoc
Document ID : 1MbY-aT4WY6jcfTugUEpLTjPQyIL9pnZgX_jP8d8G2Uo
[+] Creation date : 2022/01/05 22:58:38 (UTC)
[+] Last edit date : 2022/01/05 23:08:11 (UTC)
Public permissions :
- reader
[+] Owner found !
Name : Amy SDCTF
Email : [email protected]
Google ID : 13481488189780380748
```
Now to send an email! Jumped over to my favorite email site [sharklasers](https://gitlab.com/newyork167/ctf/-/blob/main/sharklasers.com) and sent out a very demanding email to Amy. Had to wait a bit but finally got an email back!
![](https://gitlab.com/newyork167/ctf/-/raw/main/2022/SDCTF/OSINT/Google%20Ransom/email.png)
`Flag: sdctf{0p3n_S0uRCE_1S_aMaz1NG}`