Team Information
- Number
- Team 20
- Name
- Indiana Tech Cyber Warriors
- IP Range
- 128.45.126.0/24
- Domain
- team20.isucdc.com
- Current Place
- 25th
- Red Teamer(s)
- James Potratz
Flag Status
| Blue Flags |
|---|
| AD C:\Windows\System32\ TICKETS C:\Windows\System32\ MGMT /etc/ ADMIN C:\Windows\System32\ WWW /etc/ TICKETS Forged ticket MGMT DB Read MGMT Bus service MGMT Train service |
| Red Flags |
|---|
| AD C:\Users\Administrator\ TICKETS C:\Users\Administrator\ MGMT /root/ ADMIN C:\Users\Administrator\ WWW /root/ |
Service Status
| AD LDAP |
| AD RDP |
| AD LDAPS |
| TICKETS HTTP |
| TICKETS RDP |
| MGMT HTTP |
| MGMT SSH |
| ADMIN HTTP |
| ADMIN RDP |
| WWW HTTP |
| WWW SSH |
| ADMIN Login |
| WWW Login |
Nmap
Add content here...
Notable Vulnerabilities
root cause of almost everything was default password on werkzeug debugger console (123456789)
Active directory elevated service account
team20.isucdc.com\svc_monitor
Password1234!
admin server has disguised hostname. can view in AD computers
team20.isucdc.com\svc_monitor
Password1234!
admin server has disguised hostname. can view in AD computers
completely opened up the mgmt server to ssh through werkzeug debugger console
modified user account root | Password1234!
Tickets was down most of the day, once it came back up, was able to rdp in using compromised Active directory user account svc_monitor
Private signing key for tickets:
MIIMVwIBAzCCDBMGCSqGSIb3DQEHAaCCDAQEggwAMIIL/DCCBh0GCSqGSIb3DQEHAaCCBg4EggYKMIIGBjCCBgIGCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAjrudbVtZKWxwICB9AEggTYAAWn6/pbaiuVS8gyKhHzF4NSKnkWqje6WbsRd81vLrR4IxZQBkKrBdVt1v6CssSDhfyu6OmlKsQ47lHfD2oHlqEK+PoyPHdkNtON/aMjZ1viyBGpG+EJ4gF0WXtUBLJkHJ1Yc7Ej1LVTAWDGx5SuLL5MRX6nx/pkQ2/vF9gN8ZTaCUV1HdThvSsk013TBIU/f6hPLCKDp+Oy4A23aaJ9Hsp7XuuLS3q2eNAs7Fci+AF6S28CR1f/ukhEvSmDpwW6+GoJvFJy/h9ZxktLcOSzKi/XZ9PqDbMtgkaizbtk6GarNz1Q6HyyW2AIlPDq7ClttshMdyNtjZLyc4GOJjjWeUG+CzesFWxLyJNvLzzpNhQbBmfUMb1lVEEJGf65DdgKOrdpeW+uhjD+vLiIQ8J9Bn2NjJE4leTPeASCU/WeEmHJbRWX3qpoyuSauKIz3sSFfngQzwO8dLxY5HvfOVs7QZnAXzN45HDWWoDNggPus8/RsXGHpAuaXp+g4eRXss0G85GPqLB/RQyCStKhq+jvHShrq7SrL4fCF4mP26DVmJsDPPev0jUY55QtGxThfige7kBENk6XOzEJEoRiOgUNRkBVLTeX/0vWKpPeNU+rr1f+RhphCeY7DWVzmqAbhD9448dJZVgDVJnOmtd75vb5kCL4ZncgIfYm+Av+VUQijD7fkiSBWcVR3rOyWocc6tS/ldNrvHHEHN/u1+oHuT3We9IdAZJWh/T+Uq4cBLM7PXrNb67d0Ln1YV8wH9pBp+h71UBqOdEGGqFJcQ8n3DkKtvoJKTjFcdtDuku9DI2Mdy+CfHkdwc6AHrrLIj8O+6df36eRy5gCsvY/YgQiYQcfiT8Y+eSPZ2eld0vTGG/dG2mKnsUmviq3GimRP08bQ0osf0mZ+6Yfcg6eQG8dhpbB1MRcBU4viDCrmShrbIXDPSd2k44qg7BKZwW/zDgZnuGHHRhaGYzn7lxohAuHWgLNHg9gEj7Kq25Nx3WRhgHUQ3TYasN26vj7FwNZHuU8jROuVSJoWAOnvzRMjYn3pyOURhwnIeLY10HgqbOqZGcqzL9m5GvGj9L4iuSv7TwbXIoeXWD5p1q8JSx0Y3QvKfe02frQ1aOSwmDHpFVXWgaj4fpMe5H+8MaOHLolscy0+EeLAyCMqko7nSKEFqoYU+s3vlQNoB1JOx1kWS46EKOp7LU0q7v//N6pAmMTKg7ufjNMRt3Wv/YgMNYfBhTLATjAMrLN6v9cdW9NeiK1pRZb8K1IW8PIY3m2Ai3jFl8w5LkPi8HurShvTtNeB+veAoDHR5VfMld823IvhTlXnBuTc+QPkf4PD5U3Aqh7HsSTrIjZUqmveGEEAEj/i7IP1f+yhY0TY/G+V9MwUBls+lqknw1Q86ZeJpmKw+QBvFkil8DnilpoXz+xN21XT2CE4OJNtkShgAttXnqK4HnOwOy9gIVACory0pASQchnofPExQSCB4K8HtrIP4IuwCc9RwEeF69eaF44CE/vbrxWVt76g1BKoVnrENeKL/OxrYCkLPMfFvEwSesbTzuV4J709E9sltnN1DnrjwI3vrnw5kvbRHXMc7aN1nIRY4WfpXwZ8i4SOxuAmQoyBcBGUiLy9PDr1pLpApJA2hX0wWN0aeDYmODdcxTGjaNCajGB8DANBgkrBgEEAYI3EQIxADATBgkqhkiG9w0BCRUxBgQEAQAAADBdBgkqhkiG9w0BCRQxUB5OAHQAcQAtADEAZgBlADYAYwA0ADAAOQAtADYANQA4ADUALQA0ADQAYgA3AC0AOQAzADkAZQAtADkAOABkADgAOABjAGEAMwBlADEAZABmMGsGCSsGAQQBgjcRATFeHlwATQBpAGMAcgBvAHMAbwBmAHQAIABFAG4AaABhAG4AYwBlAGQAIABDAHIAeQBwAHQAbwBnAHIAYQBwAGgAaQBjACAAUAByAG8AdgBpAGQAZQByACAAdgAxAC4AMDCCBdcGCSqGSIb3DQEHBqCCBcgwggXEAgEAMIIFvQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIjPRlIPH6OhMCAgfQgIIFkCWf6YUjztL5wXNrILRVJ+c9tWdVJ/5NJENrPkN/IcGGOYWpG3MUqi3MMwsvfu188RgG7IXu3ZTUEKlw6ukOrrWrNpFaiqu9Fldhubhx7gTu/5DK+vyxp5Kp3EiYBdH/An4k86zps8MngP7DnSggPOmjvhU9txbnGQiY3Jgt6ucYJsec8E2UlOSluyo1JZ2Z+5Zgyw9BsaEOVsPplAWCuNoHjjK2eNXIvwHwDK93hA5fk3n3DNNvltFA3oBLp45ZtdzLx9Vffk60HXKRCc4BLJSvmRgau5hvQeDsCCo2Nj3A/bho1FcJUm8b0tZDb3W8ghwQw2KiM5TR2AojOrtKTJ92+iBtu+ZiIKTkR+afhYeorvFR5l2sXDgTRnh7KL7jZStbzNBVBdgPr23E8ij+qNYr7uicEvcdgPKxlxpalhYzwdYscPG8kUEnxK1yjOoT2r19YdNGkpDw/F4sc0ZqZGA7KoQQCD0L1TAcwSStDRdAOvLBhng2vwh3X0Vmm0sDnF5vjgJjo9GkglUwezMQkiE5NmQe/AJqBySSiLmTb1NtBmGENVW0bWW8/Ph7gYVnQZFoK/myQXcU1k2dzQeRvzUmM7Rnp7Y5TUeM1UdV66JKxCC7y8Df9iMvffqnpal04qXx6f2oZp10xHqLUgu1ktxRTcgDBgUe55qjNgEIYRXOF6DFLPH+ZuF+rt1Nz185eXndnsGI4hYZmPnW3tJtB6dFDHEJNEK1HYNG+y4dEh2yBDLlCJ3Ht+UDxzkuJdYNScH4NsvbyzKf60Irotpz8ecWg3cypQ7972c4NRppOgfB59DWG+P9oIU1aK/PGkePySzD77We8jY97+HtkBzwka2Y117EikY7Zdtvetxiobd5KSzNc21yx8bEFJmqDnRgwoUqHKRaDDBOEEnlOd9FufgyWdu2CSCegqB+GISISON9acjaM8iqHEY4UotDyzwR6MsaEMFQzYSm27KHWwyZIYM53MngR9YtaD3vEQl0eNd6dfWKykxVkDYJ/P1WtydxHwuSak4RfPU61DvYs3rHcSM7VLQh0GUv2iU+Qx2kzqftr7EuXUzdCIQwO4TA6HX5pJwUrA00S0B3kiGD/rNxs7DY/ycCCdd/p/4XLTsVaq0XtrwZnTJ508Prk5eb9886MVIAhjvR8oGpBfnTS2B0p3vYyI4zrAEAePR+U1/zl4NJCRn2gfSwaRkT/WhlzxKR42iAER2Edb1Im5moUNPCjxi4Y0LV/K5b33qf6QyWdvn/OYOD9Yl5SACXDS3Eolo8La43pH+0e9+LvrZ8lod1EBqwcsZmX7bZGIE1b12/armtuOsarPWiue/HEE9XQZKapxyJcyAh+u3kSLHjG+EyMAmnEfyr2wSz04MAP1ZsAUb9epJSDecQhM44dfFqmBF++HtVnYr4xG6mHDUK8eLqT2P0ApAeoP21ddOTVHQST4cr3p+zONFdnzgLBCBFg71qB4wCG7fvZKasAMNJqqqQK2GfglTsrwoMLPvvMmSf+hnYlsE86eVUMUc23Vt+OaeFg9K4nFSo+MgnCTzuMbWQ9E1Na14KEgCrN8pJUwwffeYc0kaTnF+xxQrW+DyZVwBQvfok3Zg44NDXkFgxa7naL/F2t9ZQRnPsJujc6Kt7wbwlAx/IiXXKMNrdldU1GGaAoeXY8NiwEvc7Mr8tOT/y3ltZ+T3WhJ7SlyBBjkO98bf3vQdyG7yyDO0fudC6+X3bNIBcYumNC3CsV5VEAf39kZkVMNzFEJuxDwDDAzIbTO6yGp9C7y0XlaS7DZwrN7IQ8P2UV8MfauuR9PQG6t1n22ZLLV4/7mUKTV61dhG6Laj8w7lHhucPTUzYpFtlx1ghGtrSqAWcf1Jk+1Il7iuuYRnC6uTwUVrzYSq/dBODIdjTMDswHzAHBgUrDgMCGgQUhmYi+XmQ/FtRc6OOeWUmykCuwWgEFInBNKAT8JepJSYOqJby0mhJymk1AgIH0A==
Notable Defenses
Add content here...
Team Spirit Issues
Add content here...