I'm stuck on this bounty--I've turned up a number of subdomains, including one I believe belongs to the Israeli embassy, but none of them seem to have any vulnerabilities. Air Crack, WMI scanning, AD scanning are all useless if you don't have a VPN connection. I wasn't able to find anything that would allow a social media attack. I even tried some of the subdomains as potential interfaces for Hydra. Anybody have a hint?
Spoiler: Spoiler 1 What's the international domain for Israel..... Spoiler: Spoiler 2 sfuzzer isn't always the best approach - sometime the other tool gives more info and another avenue to follow....
Spoiler Well, I've used both tools, and the international domain is what I used to identify which subdomain probably belongs to them. I appended that country code to "canberraembassies" and came up blank.
Spoiler: big hint if you use osintscan on the canberra domain you can see an extra bit of info next to certain sub domains which you can also use in osintscan...
...I think I understand what you're talking about now. I've always ignored that portion of the results before. Thanks. EDIT: Making progress, I think-- Spoiler I found a new subdomain on an entirely different domain (with the same address). It's secure, though. Now searching the root domain. Well, that was a new avenue for me. Thanks!
Nope, the extra info was enough to put me on track for this one, at least! Made it through the last bounty for that line.
Hello agent, I´m doing the second part of this bounty. Any nudge?? Spoiler: Problem I checked the wifi signal and access the phone. I saw the "turrana street" message, so i had look in Google, and it is the address of the embassy. I have try -35.308/149.114 latitude and longitude in the stinger os program, but it gave me no results... Thanks!
Killkeny. You don't need to go through that tool. Each stage of this bounty is built on the previous. In the first stage you found a vulnerable url (you were provided the info of canberraembassies.gov) If you break in there you'll find what you need.
