SEC-9

Discussion in 'Missions Center' started by alphabravo, Nov 9, 2018.

  1. alphabravo

    alphabravo New Agent

    I have done a OSINT and SFUZZER scan found the data. domain but can find anything thing else any tips?
     
  2. Nioreh

    Nioreh Active Agent

    Same problem here!
    Any nudges?
     
  3. Enoch52

    Enoch52 Active Agent

    I'm assuming both the provided intel and objective are encrypted in some way?

    EDIT: never mind...it didn't fully decrypt when I opened the bounty.
    Still not making it further; a search on the revealed domain doesn't turn up anything new, and I wasn't able to find an entry for social engineering.
     
    Last edited: Nov 14, 2018
  4. R4Ki

    R4Ki Active Agent

    Nope, no encryption, at least not that I recall.
     
  5. Enoch52

    Enoch52 Active Agent

    Like I said, it failed to fully decrypt when I opened it. Shut down NT4 and restarted and I got in. Stuck at the same point the others are (discovered the 1st subdomain but can't get further).
     
  6. Nioreh

    Nioreh Active Agent

    What is the next step you normally do after you have found a subdomain?
    Act like you normally do :)
     
  7. Enoch52

    Enoch52 Active Agent

    My first step is usually to fingerprint any identified subdomains, but there were no weaknesses identified. Tried an sfuzzer and osintscan against the revealed domain, and came up empty. Also tried a social engineering attack but was unable to find an entry route.
     
  8. Nioreh

    Nioreh Active Agent

    What do you normally do after the fingerprint if......
     
  9. AgentZeus

    AgentZeus Senior Agent

    gah. logged in and was busy catching up in discord - didn't notice the sec9 bounty straight away..... so started late and didn't have time to finish :( probably never see it again

    if it ever pops again be handy to know
    once you have the MAC addy - tried the usual suspects but i must be missing something obvious or missing out on some logic!
     
  10. Enoch52

    Enoch52 Active Agent

    If...? If it was successful, I'd
    searchsploit it and run a FoxAcid attack. I checked anyway; Searchsploit didn't have this tech in the database, but the "generic" version was, and I ran a FoxAcid attack using alpha exploit and all vectors. No dice.
     
  11. Radeon

    Radeon Active Agent

    I'm looking at a phone with a traceroute log in its notes
    The Black Watchmen
    Division 88
    Station 7491
    No Idea what im supposed to do now. There is a file browser, but i dont know the login.
    Any hints?
     
  12. Phaid

    Phaid Active Agent

    How did you get to that? I have the information from Fingerprint but think I am missing something.
     
  13. AgentZeus

    AgentZeus Senior Agent

    I got completely stuck with it - and it hasn't reappeared for me yet :(

    I got to
    the 'voip' tech which can be searched for in the exploit db, that gives a mac addy, but I couldn't get it to work in the phone tool so no idea what to do
    - perhaps someone can shed some light on it!!
     
  14. Phaid

    Phaid Active Agent

    Can no-one help with this? I have got the mac address but I cannot find any info on what needs to go with it to use the phone backdoor. I have tried all the usual suspects and nothing works so far.
     
  15. Enoch52

    Enoch52 Active Agent

    You're on the right track. It's a custom vendor (not one you'll have seen before).
     
  16. Enoch52

    Enoch52 Active Agent

    As far as I can tell, that "traceroute" is a dead end. I see the phone's connected to a wifi network, but I don't see any way to approach it.
     

Share This Page