General advice of what to do when stuck after VPN connection

Discussion in 'Missions Center' started by VanderSalad, Nov 5, 2018.

  1. VanderSalad

    VanderSalad New Agent

    Long story short: After accepting a bounty and breaking into an address ( using Foxacid and connecting via Turbine C2 Registry, I am trying to find out what to do next. WMI Netscan will not go through with a "VPN Connection Denied" and Aircrack comes up with nothing. I cannot seem to find any other subdomains that I can connect to. Is the Netscan response a bug? Or are there just many other options that I am not thinking of? I have completed the first mission and Academy Missions as well, if I have other options I would appreciate advice. Thanks.
  2. Phaid

    Phaid Active Agent

    Try using MITM to get what you need
  3. Dgray

    Dgray Active Agent

    To expand on what Phaid said,

    Basic rundown of what to do after establishing a VPN connection:
    Check their folders
    Check for cell phones
    Check the websites they're visiting, etc (MITM)
    sfuzz any related vpn networks for new vulnerable subdomains.
  4. cikulisu

    cikulisu New Agent

    sfuzzer -i
  5. Dgray

    Dgray Active Agent

    -i ? im not familiar with that parameter.
    educate me please

  6. zaelong

    zaelong Moderator

    -i is used to filter out all external networks (AKA the ones youve already seen before entering the network), so itll only show you "new" subdomains (subdomains that are only accessible when being connected to that vpn)
  7. cikulisu

    cikulisu New Agent

    ^, many servers do not communicate outside their intranet. once you find a vulnerability and get inside, it's usually worth running sfuzzer {domain} -i -t 60 to find any additional servers that weren't accessible from the wider net.

    -i isn't documented anywhere, but it works.
  8. zaelong

    zaelong Moderator

    it actually is documented
    try typing "help sfuzzer" and read the description

Share This Page