SCP and WMI update

Discussion in 'Closed Beta' started by Anashel, Nov 18, 2017.

Thread Status:
Not open for further replies.
  1. Anashel

    Anashel Puppet Master Staff Member


    This is a followup post regarding the SCP and WMI modules. Based on our internal playtesting we made the following changes:

    SCP Terminal, SSH and SMB Hack:

    Both modules will be merged together. Upon connection, Stinger OS will identify the current protocol and display the right module.

    Linux > NMAP Scanner
    We have decided not to create a Linux only network scanner and intrusion tool.

    New Module > Netscan
    For network scans and intrusion, we are adding tools similar to the Cobalt Strike module in Kali. Once you are connected to a turbine C2 card, you will be able to begin network discovery by querying the ARP protocol. Netscan will map all computer names and IPs in either a Maltego graph or a table display. It will also discover all public share drives so you can connect using the File Terminal. (With either SCP or SMB protocol)

    The second phase is privilege escalation. You will first have to gain access to a computer using various methods:
    • Man in the middle will now have a credential detection module. Similar to the URL Snapper, it will automatically look for any patterns that match credentials or authentication tokens.

    • Foxacid and Netscan will let you inject keyloggers on vulnerable systems.

    • Social engineering, Xkeyscore or HQ can also provide you with intel regarding credential.

    • Finally, you can use a Password Attack to brute force weak credentials.

    From there, Netscan will let you analyze the local processes and inject code to work your way up to root access. In NITE Team 4 you have 3 main levels of access.

    User Level: This gives you very limited permissions on a system. Any code injection will be temporary and lost as soon as you log off.

    System Level: This level is used by the various background services on a system or a network. (Backup, monitoring tools, etc) A process launched using this privilege level will run even after you are logged off.

    Root level: This is the highest level you can reach on a system or network. In many cases, it will enable you to overwrite most privileges and even flash ROM so your rootkit can be automatically reinstalled in the event a system is wiped and restored to a previous state.

    With a fully compromised network, you will be able to intercept email communication, voice data (via VOIP system), access corporate databases and browse local files. You will also be able to impersonate users and send email from their account.

    I will post designs for the new Netscan module next week.

    Your opinion is needed!
    What should be the official name for the netscan module? Post here and if you are selected, you will receive a full bundle of all skins in the game!
    AgentZeus likes this.
  2. Seshemw

    Seshemw Active Agent

  3. AgentZeus

    AgentZeus Senior Agent

    I am going to suggest Ceres or Demeter

    Why? They are both goddesses of the harvest (among other things). And harvesting information is pretty much the job of netscan :)
  4. zaelong

    zaelong Moderator

    what about ANIMo:
    "Advanced Networkmapping Information MOdule"

    also a latin verb meaning: "i breath in life" or "i fill with life/air"
  5. andrea

    andrea Active Agent

  6. Jason

    Jason Active Agent

    I'm really looking forward to giving this a try. :)
  7. Anashel

    Anashel Puppet Master Staff Member

Thread Status:
Not open for further replies.

Share This Page