Team 1 Wiki Page

Signup Login

Number: Team 1
Name: The Phishermen
IP Range: 64.39.3.0/24
Domain: team1.isucdc.com
Current Place: 1st
Red Teamer(s): None

Blue Flags
AD C:\Windows\System32\ TICKETS C:\Windows\System32\ MGMT /etc/ ADMIN C:\Windows\System32\ WWW /etc/ TICKETS Forged ticket MGMT DB Read MGMT Bus service MGMT Train service

Red Flags
AD C:\Users\Administrator\ TICKETS C:\Users\Administrator\ MGMT /root/ ADMIN C:\Users\Administrator\ WWW /root/

AD LDAP

AD RDP

AD LDAPS

TICKETS HTTP

TICKETS RDP

MGMT HTTP

MGMT SSH

ADMIN HTTP

ADMIN RDP

WWW HTTP

WWW SSH

ADMIN Login

WWW Login

──────────────────────────────────────────────────────────
TEAM 01
────────────────────────────────────────────────────────────
[Team 01] [08:37:37] ⟶ Probing MGMT backend at http://mgmt.team1.isucdc.com:5000/auth/login
[Team 01] MGMT backend unreachable — MGMT checks skipped, continuing with other services
[Team 01] [08:37:52] ⟶ Probing TICKETS service at http://tickets.team1.isucdc.com:5000/api/tickets/help
[Team 01] Tickets service unreachable (no response)
[Team 01] [08:38:18] ⟶ Probing Admin UI at http://admin.team1.isucdc.com/login
[Team 01] Admin UI unreachable (no response)
[Team 01] [08:38:33] ⟶ Probing WWW frontend at http://www.team1.isucdc.com
[Team 01] WWW frontend unreachable (no response)
[Team 01] [08:38:49] ⟶ Starting MySQL attack on mgmt.team1.isucdc.com:3306
[Team 01] [08:38:49] ⟶ Connecting MySQL mgmt.team1.isucdc.com:3306 as cdc/cdc
[Team 01] MySQL: port closed or credentials changed
[Team 01] [08:39:04] ⟶ Checking code-server (unauthenticated root shell) at http://www.team1.isucdc.com:67
[Team 01] Code-server: not accessible (patched or port blocked)
[Team 01] [08:39:19] ⟶ Starting SSH flag grabs on WWW and MGMT machines
[Team 01] [08:39:19] ⟶ Starting RDP credential checks on Windows machines
[Team 01] [08:39:19] ⟶ RDP credential check on AD (ad.team1.isucdc.com)
[Team 01] [08:39:19] ⟶ RDP trying Administrator:cdc on AD
[Team 01] [08:39:19] ⟶ RDP trying cdc:cdc on AD
[Team 01] [08:39:20] ⟶ RDP trying scrat:cdc on AD
[Team 01] [08:39:20] ⟶ RDP trying Administrator:Password1234! on AD
[Team 01] RDP AD: no default creds worked
[Team 01] [08:39:20] ⟶ RDP credential check on ADMIN (admin.team1.isucdc.com)
[Team 01] [08:39:20] ⟶ RDP trying Administrator:cdc on ADMIN
[Team 01] [08:39:20] ⟶ RDP trying cdc:cdc on ADMIN
[Team 01] [08:39:20] ⟶ RDP trying scrat:cdc on ADMIN
[Team 01] [08:39:20] ⟶ RDP trying Administrator:Password1234! on ADMIN
[Team 01] RDP ADMIN: no default creds worked
[Team 01] [08:39:20] ⟶ RDP credential check on TICKETS (tickets.team1.isucdc.com)
[Team 01] [08:39:20] ⟶ RDP trying Administrator:cdc on TICKETS
[Team 01] [08:39:20] ⟶ RDP trying cdc:cdc on TICKETS
[Team 01] [08:39:20] ⟶ RDP trying scrat:cdc on TICKETS
[Team 01] [08:39:20] ⟶ RDP trying Administrator:Password1234! on TICKETS
[Team 01] RDP TICKETS: no default creds worked
[Team 01] Werkzeug RCE skipped — MGMT unreachable
[Team 01] Team 01 complete

Team 1 Wiki Page

Team Information

Flag Status

Service Status

Nmap

Notable Vulnerabilities

Notable Defenses

Team Spirit Issues