top of page
  • Writer's pictureEPCYBER

Eyes on China: Weibo OSINT

Updated: Nov 2, 2023


Image Credit: Lehel Kovaks

Disclaimer: This article does not endorse hacking, any active operations, or anything unlawful; it only discusses open source intelligence, information publicly available and unconventional approaches to acquiring information online. Majority of western investigators, (such as journalists, PI, Law Enforcement, and anyone who part of their line of work relies on open source intelligence - OSINT) is inevitably facing challenges in working around, and navigating the Chinese ecosystem smoothly, that is specifically major obstacles in understanding context of text, discussions, chatter, "domestic" social & communication platforms, influential factors on the entire process of OSINT delivery such as language, business practices, ethics, cultural, censorship and really anything and everything that influences your job as the "analyst" to collect, identify, and analyze data from Chinese sources of information today.


Our academy offers those individuals, organizations and professionals in the field of OSINT, HUMINT, SOCMINT, IMINT and other practices, an advanced Chinese OSINT Investigator course that gets you from zero to proficient in all aspects and nuances of Chinese OSINT research, collection, development and identification of threats, identification of new sources, analysis of sources and data, characterize sources of information, all that while teaching actual skills that you can take and further develop as you practice and conduct any exercises our academy provides.


Today, we are the only educational institution and academy offering such advanced course. COSINTI (Chinese OSINT Investigator Course) is the most unique, advanced and comprehensive course for Chinese OSINT in the market, that is a fact.


If you got any questions you can reach out to epcyber@epcyber.com or to cyber-academy@falcon-security.us


You can check out some of our publications on the topic of China & OSINT.


On EPCYBER Academy Blog:




On YouTube:




Now, enough marketing for this post, if you're thinking of taking our course for your line of work, or simply interested in the topics we teach and how we teach them, reach out. All our videos and explanations on our website will let you know exactly why you'd want it, where's the value for you, and what's the level of knowledge and skills you can acquire... with US.


You can continue reading trough this blog or watch the video version of this blogpost



Text version:

Let's imagine during your investigation online you found an image online, that image is hosted on the Weibo (weibo.com) servers. You see in the URL of that img that it has format like this (or similar) example:

https://wx1.sinaimg.cn/mw720/0033ImPzly1h05xw7069yj60m81040xj02.jpg

Take the first 8 characters after the / of the first unique identifier in the URL, (see highlighted red).


Open any kind of hexadecimal converter, because the first 8 characters are actually in fact the hexadecimal value of the UID > which leads to the user profile in the Weibo platform with which you can find who posted a particular image.


Conver these 8 chars to decimal (numbers) same way you see in this screeshot, then copy the converted value from row "10" -> this right here is the converted value that represents the user profile identification.



Now open a new tab in the browser, type in "weibo.com/u/value" where "value" is the converted value. so now ideally you identified a user profile on the weibo.com platform which has posted that particular image.


Some next steps:

  1. Crawl images to cross match and verify that the image URL is the same one from the profile images.

  2. You can apply this method to any image hosted via any subdomain on Weibo, to any user, and almost any case scenario using this specific method.

This is just a drop in the ocean example with some of the creative out of the box manual methods that exist out there for conducting OSINT on and within China.


We put a lot of emphasis on "out of the box" approaches and things that are less "conventional" for information gathering, such as combining penetration testing methods and hacker mindset to the typical day to day processes of an OSINT analyst, allowing you to get better, maximized results, all while having a different perspective and lens.



This post is just one example out of many that exist out there and out of those that we teach in our advanced course.


If interested, reach out to us, we're happy to answer all your questions.


Want to learn the advanced stuff? Where to search, How to search like a local, find anything and anyone?https://www.epcyber.com/COSINTI















---- What makes COSINTI course unique is that today it is the only Chinese OSINT course in the market that covers a wide range of topics, blends in unconventional information gathering methods inside China's ecosystem and gives you all the know how to search like the local while truly breaking all the barriers. ---



620 views

Related Posts

See All

コメント


bottom of page