Hacking, Barbecue, & Drinking...

When: March 31st, 2018 April 7th, 2018
Time: 11am to 8pm+
Where: INIT_6's place. DM for address.

Food:

  • I'll be providing Hamburgers, chips, dips, etc
  • BYOB - Bring Your Own Booze

Rules:

  • Must participate. Researching for others counts
  • If you find a vulnerability it's yours.
  • If there is a bug bounty you get to choose what to do with the money. Sponsor next event or keep it. Maybe a little of both.
  • A quick vape inside is fine, Long sessions step outside.
  • Smoking analog step outside.
  • Targets are on 192.168.66.0/24 network stay there :)
  • Don't be a dick.

Prize's:

  • Most found CVE's - $50 Gift Card to Amazon
  • Best vulnerability found - $50 Gift Card to Amazon
  • Community MVP - $25 Gift Card to Amazon
  • Miss Congeniality - $25 Gift Card to Amazon

Hacking:

Details of targets

  • Domain Server and General Info

    • HOST
      • Domain Controller Windows Server 2016
      • IP: 192.168.66.5
      • Domain: blackmarble.sh
      • Admin: administrator
      • Pass: ][Password][
      • Other users:
        • fox.zero
        • fox.one
        • ...
        • fox.ten
      • Has a fun MFA thing to hack on ;)
      • Global Share: \WIN-8CJ4M00PQSL\Data
        • has install files and some notes.
        • gray folder has some .net decompiler programs
        • cfr_0_122.jar is used to decompile java
        • Feel free to put whatever here.
  • ManageEngine AD360

    • HOST
      • Windows 2016 Server
      • IP: 192.168.66.6
      • Hostname: MANAGEENGINE-01
      • User: administrator
      • Pass: ][Password][
      • Share for AD360, ADFree Tools, ADManager Plus, ADSelfService Plus: \MANAGEENGINE-01\ManageEngine
      • Share for ADUdit Plus: \MANAGEENGINE-01\ManageEngine2
      • Each program has a folder called output what has the decompiled java source code.
    • Software
  • ManageEngine Password Manager Pro

    • HOST
      • Ubuntu Server 16.04.4 LTS
      • IP: 192.168.66.25
      • Hostname: pmp
      • User: fox
      • Pass: ][Password][
    • Software
  • Jira

    • HOST
      • CentOS 7
      • IP: 192.168.66.10
      • User: root
      • Pass: ][Password][
    • Software
      • http://192.168.66.25:8080
      • User: fox
      • Pass: ][Password][
      • Data locations
        • /var/atlassian/application-data/jira
        • /opt/atlassian/jira
        • output has the decompiled java source code
        • Settings -> Application page has a spot to Upload an application which is where I want to start.
  • Cylance

    • HOST
      • Windows 10 Pro
      • IP: 192.168.66.23
      • Hostname: Cylance-01.blackmarble.sh
      • User: Administrator
      • Pass: ][Password][