Operation Nitro Winter, Chapter 4

Discussion in 'Missions Center' started by hakr14, Feb 3, 2019.

Tags:
  1. hakr14

    hakr14 Active Agent

    After finding FingrTip, Agent Dylan gives us the AccessBio XKeyScore entity. He then says something about finding a connection between it and... something else. F.A.Y. filtering only gives me the AccessBio entity, and I have no idea what the game expects me to do.
     
  2. Dalamus

    Dalamus Active Agent

    I'm also at the same point. I have the XKEYSCORE entity but I'm not too sure what to do with it. I've tried looking for anything remotely similar to fingrtip online but found nothing.
     
  3. hakr14

    hakr14 Active Agent

    I found the answer, there's a new file in the localhost folder, viewing it gives you another XKeyScore entity. I dont remember Dylan saying anything about localhost, which would explain our confusion.
     
    Dalamus likes this.
  4. Dalamus

    Dalamus Active Agent

    I also don't remember him saying anything about that but thanks a lot!! Checking it out now! ^^
     
  5. andrea

    andrea Active Agent

    i am at the point "find bastek client list"
    /spoiler i am in the system.nexxit.com server. with wmi scanner i find 4 options, the ERP server is vulnerable with Verboten but i cant find a connection..
    No MITM, No wifi, no active directory, im stuck .. :(
     
  6. alphabravo

    alphabravo New Agent

    I can't find a way into the level 4 target's network I've tried osint, sfuzzer, Social engineering but nothing is giving me a foot in the door. Any help?
     
  7. Dgray

    Dgray Active Agent

    Alphabravo. You're trying t access bast___? I think you need to fingerprint them a bit more thoroughly.
    One of the agents will notice the tech being used and recommend another approach
     
  8. alphabravo

    alphabravo New Agent

    I have tried fingerprinting the domain name as osint didn't give any results.
     
  9. Dgray

    Dgray Active Agent

    In my notes I have that after you fingerprint the various urls, you see they're all secure
    But then agent Dylan points out that he may have a way to break into systems running FingrTip
    If you're not finding any urls with osintscan, maybe sfuzzer? (honeslty don't remember)
     

Share This Page