Team 3 Wiki Page

Thanks for competing!
Scores will be moved to IScorE-Last in the near future.
Team Information
Team SecurityDaemons logo
Number
Team 3
Name
SecurityDaemons
IP Range
201.203.200.0/24
Domain
team3.isucdc.com
Current Place
6th
Red Teamer(s)
None
Service Status
Flights
Baggage SSH
FreeIPA DNS
FreeIPA HTTPS
FreeIPA LDAP
FreeIPA SSH
Kiosk HTTP
Kiosk RDP
Traffic HTTP
Traffic SSH
WWW HTTP
WWW SSH
Nmap
Add content here...
Notable Vulnerabilities
^output of LinEnum.sh

ipa in /home/cdc/Downloads/ they have all of their flags downloaded. They all require the permission of root, but if we can get root again, we can get every single flag

root password is tacotacotaco
aanderson password is taco


WWW Hashes

avaberga:$6$Wa7Db1xE$7qdF6FDsSp3HZBsSimbrS.E/DSsTi2D8L45C1ZLWw9Z.hNnTevVfTRVZ/vNpqxbrV9R8Wq88tbqRqeJB82GU2.:18292:0:99999:7:::
alexabe:$6$4D6Zo4ae$gz1bSIPqcPteQmqpOJIv8RRHQr294Z91Zf/gxYO15NRkNWpc.U1sPprQW7n2EyxPhpM.JT8qkzIQr6nlolvuK/:18292:0:99999:7:::
aiaronson:$6$bQmoRHo8$V.5ZOndrTyquvuPXIfZZazVRlpH5cOevwH.p5O6hgC85q1SY1vQupMCojRpv9e2TJKMSqZuqOSa9osX3RnIM5.:18292:0:99999:7:::
ababelman:$6$ElVg.w90$sQfipqCrZ9zdNAKGsP4Y7VY/dD9MowFK4Nfe/DI3shUcJYC.maEoNPr579Ltm.jNVzV22vbiyJmgH.CRnmr/G0:18292:0:99999:7:::
abidvery:$6$qGHfcH2M$nfNgAjpganqdgl1yAT7Q9k4z5okXgXkyZjG80h/kb.eNRel2DmNVNvKGfF/Mi0rMl6VJO.ZVF48C4zT/1HOiV.:18292:0:99999:7:::
amelel:$6$cKw5fKoz$R0WJvUfwBIRZD0J5mWKxYGV3O7IybtIlqjsH7rmZafDvrTeENw8dFVquU7tf39d/ushO3PzaN4pu8Kbs6Emyj.:18292:0:99999:7:::
andaff:$6$cynPocWF$Lb9cS5YkdpSaO9WT89qWSCKI5nxxFGHaZ1ja.pVKuXNY4SEfPgdmnWtzO13AFktzw9tFhF60Z0uZVunxKY0UP/:18292:0:99999:7:::
anthder:$6$ATBf3N1s$bAR4yvkPYaXHAYKoE6XtBaL8TPKPsjlrEoNVOyHz0hmv0v40Fb6cDojSHki4S04FC6RmMXOg3ZAv/jaPBopwG.:18292:0:99999:7:::
aydlix:$6$Xa0.jMHM$yzq3ohrIQyGxWcmhqJ0nuGcBgzXZ6aHKgHV4sBTZ0.Tnm5DHlqwRu08FUprUj7VcxqA/K0op9QHRJdOjZszPX0:18292:0:99999:7:::
aanderson:$6$wPc.ab4t$32Ah7huuHMm08QseeZHkVBq/guAFwEked0VV1ohLeQnDjWokGbFqPebzZdpuZcyw9INViebCODucKaNO2SZm2/:18299:0:99999:7:::

Hashes cracked
avaberga:hit99sug
alexabe:big64kux
aiaronson:nok27caf
ababelman:key83cay
abidvery:joh00nuf
amelel:por71pug
$6$Wa7Db1xE$7qdF6FDsSp3HZBsSimbrS.E/DSsTi2D8L45C1ZLWw9Z.hNnTevVfTRVZ/vNpqxbrV9R8Wq88tbqRqeJB82GU2.:hit99sug
$6$4D6Zo4ae$gz1bSIPqcPteQmqpOJIv8RRHQr294Z91Zf/gxYO15NRkNWpc.U1sPprQW7n2EyxPhpM.JT8qkzIQr6nlolvuK/:big64kux
$6$bQmoRHo8$V.5ZOndrTyquvuPXIfZZazVRlpH5cOevwH.p5O6hgC85q1SY1vQupMCojRpv9e2TJKMSqZuqOSa9osX3RnIM5.:nok27caf
$6$ElVg.w90$sQfipqCrZ9zdNAKGsP4Y7VY/dD9MowFK4Nfe/DI3shUcJYC.maEoNPr579Ltm.jNVzV22vbiyJmgH.CRnmr/G0:key83cay
$6$qGHfcH2M$nfNgAjpganqdgl1yAT7Q9k4z5okXgXkyZjG80h/kb.eNRel2DmNVNvKGfF/Mi0rMl6VJO.ZVF48C4zT/1HOiV.:joh00nuf
$6$cKw5fKoz$R0WJvUfwBIRZD0J5mWKxYGV3O7IybtIlqjsH7rmZafDvrTeENw8dFVquU7tf39d/ushO3PzaN4pu8Kbs6Emyj.:por71pug
aanderson:blah88


usernames on ipa
ababelman  addiguila  alexabe  andaff   avaberga  cdc    roach
abidvery   aiaronson  amelel   anthder  aydlix    chris  todd

moar hashes from www
root:$6$b2x4FqI2$UhELtktctqvgd34ZXS6c6B8Zh6D91VBFSC/JlAKmsL7H0xKwzCfW5fPr.QMaPuKgCZKlO8DkWmHWuWsjeZ/60/:18300:0:99999:7:::
daemon:*:17737:0:99999:7:::
bin:*:17737:0:99999:7:::
sys:*:17737:0:99999:7:::
sync:*:17737:0:99999:7:::
games:*:17737:0:99999:7:::
man:*:17737:0:99999:7:::
lp:*:17737:0:99999:7:::
mail:*:17737:0:99999:7:::
news:*:17737:0:99999:7:::
uucp:*:17737:0:99999:7:::
proxy:*:17737:0:99999:7:::
www-data:*:17737:0:99999:7:::
backup:*:17737:0:99999:7:::
list:*:17737:0:99999:7:::
irc:*:17737:0:99999:7:::
gnats:*:17737:0:99999:7:::
nobody:*:17737:0:99999:7:::
systemd-network:*:17737:0:99999:7:::
systemd-resolve:*:17737:0:99999:7:::
syslog:*:17737:0:99999:7:::
messagebus:*:17737:0:99999:7:::
_apt:*:17737:0:99999:7:::
lxd:*:17737:0:99999:7:::
uuidd:*:17737:0:99999:7:::
dnsmasq:*:17737:0:99999:7:::
landscape:*:17737:0:99999:7:::
pollinate:*:17737:0:99999:7:::
sshd:*:17737:0:99999:7:::
cdc:$6$8Ryj9M/y$IQPMXM2VH8ZZJRlO5lqUXjENYaYtLSZ1rtr.XBJlpRB9nY02aseQGty/EjtxwueR/tVTGnMqBg8/CAceTxlaM.:18300:0:99999:7:::
postgres:*:18264:0:99999:7:::
avaberga:$6$Wa7Db1xE$7qdF6FDsSp3HZBsSimbrS.E/DSsTi2D8L45C1ZLWw9Z.hNnTevVfTRVZ/vNpqxbrV9R8Wq88tbqRqeJB82GU2.:18292:0:99999:7:::
alexabe:$6$LLORSNip$63k0EhW1orXHwPTDZJUM1LzsEY2GbCLPw8hIjdWZxWwwrkIaHhrfoAGsBxnWvPGLTc8UE38eGlNglLROrvtm31:18300:0:99999:7:::
aiaronson:!$6$UBNEjvcJ$7cEYE6OYcYIO1yMYqwXLv1dpQoXC.QdU/TZ8tcNKXZ7GoOaEyb08oE0ub3FX2zK3kBlhFbGNqG7Uz76wXg2la.:18300:0:99999:7:::
ababelman:$6$ElVg.w90$sQfipqCrZ9zdNAKGsP4Y7VY/dD9MowFK4Nfe/DI3shUcJYC.maEoNPr579Ltm.jNVzV22vbiyJmgH.CRnmr/G0:18292:0:99999:7:::
abidvery:$6$qGHfcH2M$nfNgAjpganqdgl1yAT7Q9k4z5okXgXkyZjG80h/kb.eNRel2DmNVNvKGfF/Mi0rMl6VJO.ZVF48C4zT/1HOiV.:18292:0:99999:7:::
amelel:$6$/8E9nAke$nE6exT0Os91fSdECAUhc9d1lJ47J4d011faC4NOMjqNVQtcxEAYA5bG8RJjQ5hjQnEKy8tNs9v.1kfJbgylct0:18300:0:99999:7:::
andaff:$6$cynPocWF$Lb9cS5YkdpSaO9WT89qWSCKI5nxxFGHaZ1ja.pVKuXNY4SEfPgdmnWtzO13AFktzw9tFhF60Z0uZVunxKY0UP/:18292:0:99999:7:::
anthder:$6$ATBf3N1s$bAR4yvkPYaXHAYKoE6XtBaL8TPKPsjlrEoNVOyHz0hmv0v40Fb6cDojSHki4S04FC6RmMXOg3ZAv/jaPBopwG.:18292:0:99999:7:::
aydlix:$6$Xa0.jMHM$yzq3ohrIQyGxWcmhqJ0nuGcBgzXZ6aHKgHV4sBTZ0.Tnm5DHlqwRu08FUprUj7VcxqA/K0op9QHRJdOjZszPX0:18292:0:99999:7:::
aanderson:$6$k4AKHOrf$LclYDBq84KarEqZTQap8j7W2zL1.UMt.ZKyNT3LlMiXC5SyMDgVILM.M3wyANYMG/dt699L/CcGt5SRYkoYOF/:18300:0:99999:7:::


Cracked Hashes:
2:50pm
$6$/8E9nAke$nE6exT0Os91fSdECAUhc9d1lJ47J4d011faC4NOMjqNVQtcxEAYA5bG8RJjQ5hjQnEKy8tNs9v.1kfJbgylct0:ban50jub
$6$LLORSNip$63k0EhW1orXHwPTDZJUM1LzsEY2GbCLPw8hIjdWZxWwwrkIaHhrfoAGsBxnWvPGLTc8UE38eGlNglLROrvtm31:meq29vef



root:$6$ta78ZmBv$0lVLBgNT20qnQX7EL6ePwg6aFaqfSX63ZbrGEZDWQvnP.RL3RY6tKGFmMeLad6qu/Kh88R8jv1z9DdLUYkaIp.:18300:0:99999:7:::
daemon:*:17737:0:99999:7:::
bin:*:17737:0:99999:7:::
sys:*:17737:0:99999:7:::
sync:*:17737:0:99999:7:::
games:*:17737:0:99999:7:::
man:*:17737:0:99999:7:::
lp:*:17737:0:99999:7:::
mail:*:17737:0:99999:7:::
news:*:17737:0:99999:7:::
uucp:*:17737:0:99999:7:::
proxy:*:17737:0:99999:7:::
hotplug::::::::
www-data:*:17737:0:99999:7:::
backup:*:17737:0:99999:7:::
list:*:17737:0:99999:7:::
irc:*:17737:0:99999:7:::
gnats:*:17737:0:99999:7:::
nobody:*:17737:0:99999:7:::
systemd-network:*:17737:0:99999:7:::
systemd-resolve:*:17737:0:99999:7:::
syslog:*:17737:0:99999:7:::
messagebus:*:17737:0:99999:7:::
_apt:*:17737:0:99999:7:::
lxd:*:17737:0:99999:7:::
uuidd:*:17737:0:99999:7:::
dnsmasq:*:17737:0:99999:7:::
landscape:*:17737:0:99999:7:::
pollinate:*:17737:0:99999:7:::
sshd:*:17737:0:99999:7:::
postgres:*:18264:0:99999:7:::
avaberga:$6$gKHLJDO/$OYqwLuYjtUONOsCGK0wqoOOoyyuTpouDDMmVNxXDP9scpSMp89k5V9w7NwbcNpzTGvXuoIwtzuLKDXP6oX29N/:18300:0:99999:7:::
alexabe:$6$oVG8xYFH$EKXbnGX5QHvoN2nj531iODyEafU72fU.5RmsfSwwL7Jr1VPS6ujMcrYVfLQQVkozhGdJVpokFZdk.yjUBoHlY1:18300:0:99999:7:::
aiaronson:$6$bq3/mZ17$YZJzPOK8myCjW47quKNoqGl82TqkfRtMQa2m.rL9hXQAjmtREzvz7Q5GaRFDMj1ja3N09qKy1BBYUloM9615I1:18300:0:99999:7:::
ababelman:$6$x4lzP6DT$YUeChH3Klf0YK7l994rKaNHgaEaEHC2e8yyVx5f65VNPpz1c0aATCADA1WP3LAlvAhvlQD96oNvRxjUzL9jCR/:18300:0:99999:7:::
abidvery:$6$t3savYJB$qyHM8N534CER9TP/9RVwrJBr6RpF2melB3z4f4mwXYvdbSyGq30zVDl6P/wUqbF2sXza2z/lNccmqmNLLgCty0:18300:0:99999:7:::
amelel:$6$lCJu65Y8$KHsC3dfdpS5ZbGlyFHrW.9WipCftOo318en1R40fQotxKzkEBWY7nVbwNCoTQ/0O1mG/FXMnm0VasZKmhPKqt/:18300:0:99999:7:::
andaff:$6$cynPocWF$Lb9cS5YkdpSaO9WT89qWSCKI5nxxFGHaZ1ja.pVKuXNY4SEfPgdmnWtzO13AFktzw9tFhF60Z0uZVunxKY0UP/:18292:0:99999:7:::
anthder:$6$ATBf3N1s$bAR4yvkPYaXHAYKoE6XtBaL8TPKPsjlrEoNVOyHz0hmv0v40Fb6cDojSHki4S04FC6RmMXOg3ZAv/jaPBopwG.:18292:0:99999:7:::
aydlix:$6$Xa0.jMHM$yzq3ohrIQyGxWcmhqJ0nuGcBgzXZ6aHKgHV4sBTZ0.Tnm5DHlqwRu08FUprUj7VcxqA/K0op9QHRJdOjZszPX0:18292:0:99999:7:::
aanderson:$6$k4AKHOrf$LclYDBq84KarEqZTQap8j7W2zL1.UMt.ZKyNT3LlMiXC5SyMDgVILM.M3wyANYMG/dt699L/CcGt5SRYkoYOF/:18300:0:99999:7:::
mouse:$6$Faev/Etj$wmK7r0U/06k3KHHA5EyXvEYx27UeMpd/21YOLhgA0y2rYsTybeP6iQBwaz/7VbbJjpa0a6fbUltTJlDNXi8VS1:18300:0:99999:7:::
ahomie:$6$U3IQf6jm$h0haQMGv9JNkXVXwKoQc1TGTLUisrh08L/mRcvLLB5LZHto0OxMV8Jxci8ukckM73EzUwDqdjr3z7.vZr/dCU/:18300:0:99999:7:::


cdc
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAxbnZ3ZjKyx12XMDOd2x3aNQDsatT6tfpqNxTpvzQYM9wMR5g
DMg4Mf5AUBu9gJfhVn3YNjfy3H0szqk92+zcUjla3Jw1tmlokrm4pLiPNwmjQXjv
cI2U8PeCOcSKBdoSu8c7KoTukcIX3zYG1CrP7HFiBx1KWPzHyLcZJIJiXgURGhi9
z9+sj9WMuyx7IDj3Im0K+y+QFn6mDNl6q8yLzmFDwZXgZjcTcql8Mu8b+dYpKyWf
9tu0yCnFQRh7s8o4qj0tWEIOxhzhq0MTwdue6JkMmmn3/fFcCFedFBbNrjNInPRZ
HBpzM8LRuTpvS8WBiX8bnjwXSja9BlVk2noorwIDAQABAoIBAAz4WwVBP5RBU4FU
GHcXA2I5/iAKeA/AqBAum8IpdVXUZayjLHPKMn19CyT2HOExlVOCH8u2sdSq1WSd
D3S8vdsa7g3opVFY6sYtLqKHhMV8eVwTHcnJT8rawY0eiltF6dKtiAELBUdEbyJy
PdJvGIKPEXob/sOFmWleMWUGtIMsPmQQa/mGbSTqGxrfWsKX7GT87mfC8w9ZQ01l
+G07gQESzSuvaXzj4CfzUwOzxZyozrfDqfwuP368kppV4DNYl2+ggrw5kACux8KE
CNORg2yUcK9YeBTuZyZ0MTZAmbVsh/JUIE7GIgdrqGm6rEoTP+OO0aIWXq0lMyE3
5xbNYzECgYEA5aKsGLUMzLh8DL/bVBYGvtoGEM3jiELNEK/xKP5vzCDJjP+CoVlG
7C6xw3VRGUV5H3lw6+l0gbwiisYAH7CR49YWrl9sTu81D44tbKcH9SkrmDMyrHnY
63tVkANGpL/rGSX/dcP45LRT2M7E0lIIxQgJnn2VjnD4r9Op4tv/TpkCgYEA3G1P
8KzfdXeFU56DQT6O8B1yvpZCoevZ6zFccxJrrm8jONfV11uzDbq9ILYRN/mX9/lh
Ox491RR66VJGmMxylT9XXSoBJZf5t/Q/FAsGsmB0lbQkzzbFuLt+xBeNpXIbzK6C
37e9d4nfh4MT5IIw28e+bLKassy+mdO/Ube1JocCgYB5Ns8lE5y4C8HfcP6zehUB
dVCyWhv691gLsPPZscUNuVjqxo0L4nZfgZ5wEGNItbVj+dSzkr3fJZIOMsop8Chy
XbYHQXOIjxgxJ9muetTmgl7yrkPXa1InqyjVJgWKPYw58CbS4SlmgBGqZira4lai
usVpFd12HQgIt+/7QimYMQKBgFYGj2FFhnxIpg8JWP5YlN5fD84TxHN/IXAptoPu
V3ofQ6bGjV1cG1grXe5rP/MRhN6xQ+IXnlgPgxyWEJlHiRx4OPdSElqComHJf+ip
mPZ6sGVQheEc5jN/cSzEaHJ+Qx0xqj/3bIk/lK5FWLkgmkLcBJRVbAyF3YkZW5xf
zuH3AoGACOgDb8xD8ltKtipFmPqBhNUejDY5FD0alUszpRS+2VP3S4plbCHPUMno
mtdydiLWwIX6j+fmr8YY4S4QEWzDl+BHTq3/f8b/LPigLRn/wW53unQNCHWSoTXL
n5/v8hDu4BhrRiYUU8lQRzhzXPi/j1c+Ta3hjAa8kRa0uDNzOsE=
-----END RSA PRIVATE KEY-----








Notable Defenses
Took www box down after flag capture and fixed default passwords before bringing back up.

Implemented a network based firewall.
Team Spirit Issues
whack a mole... don't seem to be doing any audits, just keep killing the box, resetting configs, and bringing it back up -mejaredbrees

continues to whack a mole when a normal user is logged into the machine and just running ls on the system and not doing malicious activities

was logged on as aiaronson, cdc user kicked it out and changed their password. However, the same password works on every box, but ipa now. User is TSI admin user

# whack a mole all day long