Alpha 0.2 - New Mission (Unity7)

Discussion in 'General' started by Anashel, Feb 5, 2017.

  1. Anashel

    Anashel Puppet Master Staff Member

    I have uploaded a test mission on the Alpha 0.2 server. You won't be able to use the mission center to access it, only the intel below. If you want to give it a shot, it is a hard one.

    I strongly advise the use of multi-tasking attacks. This means multiple terminals in various workspace running at the same time so you can cover more ground.

    ---------

    Mission difficulty: HARD
    Availability: NOW

    BRIEFING:
    We have intercepted a suspicious email between Dr. Nathaniel and a third party. Initial research revealed that Unity7 own a reserved IP block from their ISP. Execute a network recon and report any useful information.

    OBJECTIVES:
    [VERY HARD] - What is the port and the technology used by Unity7 for their SSH services
    [HARD] - What is the model of their IP WebCam

    Unity7.jpg

    Access StingerOS Alpha 0.2 to start your mission now. Good luck! :)
     
    Last edited: Feb 5, 2017
    Anashel, Feb 5, 2017
    #1
    Jimbo9, Cevern, DeiDhena and 4 others like this.
  2. DeiDhena

    DeiDhena Senior Agent

    I am stuck at the beginning. Tried osintscan and sfuzzer for Unity7.com but found nothing. Any hint?
     
    DeiDhena, Feb 5, 2017
    #2
  3. Anashel

    Anashel Puppet Master Staff Member

    Indeed, you don't have any domain name provided, so you will have to find one. Try to explore the IP block Unity7 has bought. In real life, search engine can catch the IP and the Domain when indexing a site. Also, you can even query Bing to reveal all the domain name hosted on the same IP.

    The same logic apply here. Don't forget to multibox your attack. It will be much more fun that way.
     
    Anashel, Feb 5, 2017
    #3
    DeiDhena likes this.
  4. Daemian

    Daemian Active Agent

    I got the ssh port and the technology it's using...I think. Working on the webcam.
     
    Daemian, Feb 5, 2017
    #4
    Anashel and DeiDhena like this.
  5. Anashel

    Anashel Puppet Master Staff Member

    Great job!
     
    Anashel, Feb 5, 2017
    #5
  6. KSI_SYN

    KSI_SYN Active Agent

    Got it solved. Time to add to the Maltego graph !
     
    KSI_SYN, Feb 6, 2017
    #6
  7. DeiDhena

    DeiDhena Senior Agent

    Found the webcam model. Working on the ssh (edit: solved :) ). Some for i ... loop would be nice as well!
     
    Last edited: Feb 6, 2017
    DeiDhena, Feb 6, 2017
    #7
    Anashel likes this.
  8. Silox

    Silox Active Agent

    This was super fun to do, good job!
     
    Silox, Feb 8, 2017
    #8
    DeiDhena and Anashel like this.
  9. GeekyD

    GeekyD Active Agent

    Can I ask for a bit of help here please. I have the camera details, but I can't locate the SSH services.
    I know the IP of the mainframe, and the domain of the webserver but I can't find any other port on the mainframe that help me locate the SSH server. I've guessed at the name and the default SSH port, but that failed.
    I wen back to the rosenbergclinic webmail and brute forced the password, but that hasn't helped me.
    Stuck - please help.
     
    GeekyD, Feb 17, 2017
    #9
  10. Killkeny

    Killkeny Active Agent

    Hello,
    I'm stuck in this mission.
    I have found unity7network.com, but i have use sfuzer and osintscan in that web, and i have found nothing...
    Any help please?
     
    Killkeny, Apr 8, 2017
    #10
  11. Atryx10

    Atryx10 Active Agent

    I honestly don't know how to search the IP block, so that I can find the IP Camera, or domain name or whatever it is I'm looking for.

    Edit: Thanks to the help of fellow agents, I now know how to do it.
     
    Last edited: May 1, 2017
    Atryx10, Apr 17, 2017
    #11
  12. zaelong

    zaelong Moderator

    right now, the way to look through an IP-block, is siply tackling each ip, one by one. you can use portscan and osintscan for this, depending on what you are looking for
     
    zaelong, Apr 27, 2017
    #12

Share This Page