Canberra Embassies bounty

Discussion in 'Missions Center' started by Enoch52, Nov 6, 2018.

  1. Enoch52

    Enoch52 Active Agent

    I'm stuck on this bounty--I've turned up a number of subdomains, including one I believe belongs to the Israeli embassy, but none of them seem to have any vulnerabilities. Air Crack, WMI scanning, AD scanning are all useless if you don't have a VPN connection. I wasn't able to find anything that would allow a social media attack. I even tried some of the subdomains as potential interfaces for Hydra.

    Anybody have a hint?
  2. AgentZeus

    AgentZeus Senior Agent

    What's the international domain for Israel.....

    sfuzzer isn't always the best approach - sometime the other tool gives more info and another avenue to follow....
  3. Enoch52

    Enoch52 Active Agent

    Well, I've used both tools, and the international domain is what I used to identify which subdomain probably belongs to them. I appended that country code to "canberraembassies" and came up blank.
  4. AgentZeus

    AgentZeus Senior Agent

    if you use osintscan on the canberra domain you can see an extra bit of info next to certain sub domains which you can also use in osintscan...
  5. Enoch52

    Enoch52 Active Agent

    Thanks, I'll check again. I did the first part (fairly deep), but I'll do it again!
  6. Enoch52

    Enoch52 Active Agent

    ...I think I understand what you're talking about now. I've always ignored that portion of the results before. Thanks.

    EDIT: Making progress, I think--
    I found a new subdomain on an entirely different domain (with the same address). It's secure, though. Now searching the root domain.

    Well, that was a new avenue for me. Thanks!
    Last edited: Nov 6, 2018
    AgentZeus likes this.
  7. AgentZeus

    AgentZeus Senior Agent

    if you need another hint just let us know :) and good luck! :D
  8. Enoch52

    Enoch52 Active Agent

    Nope, the extra info was enough to put me on track for this one, at least! Made it through the last bounty for that line.
    AgentZeus likes this.
  9. Killkeny

    Killkeny Active Agent

    Hello agent,
    I´m doing the second part of this bounty. Any nudge??
    I checked the wifi signal and access the phone. I saw the "turrana street" message, so i had look in Google, and it is the address of the embassy. I have try -35.308/149.114 latitude and longitude in the stinger os program, but it gave me no results...
  10. Dgray

    Dgray Active Agent

    Killkeny. You don't need to go through that tool.
    Each stage of this bounty is built on the previous.
    In the first stage you found a vulnerable url (you were provided the info of
    If you break in there you'll find what you need.

Share This Page