Hacking, Barbecue, & Drinking...

When: March 31st, 2018 April 7th, 2018
Time: 11am to 8pm+
Where: INIT_6's place. DM for address.

Food:

• I'll be providing Hamburgers, chips, dips, etc
• BYOB - Bring Your Own Booze

Rules:

• Must participate. Researching for others counts
• If you find a vulnerability it's yours.
• If there is a bug bounty you get to choose what to do with the money. Sponsor next event or keep it. Maybe a little of both.
• A quick vape inside is fine, Long sessions step outside.
• Smoking analog step outside.
• Targets are on 192.168.66.0/24 network stay there :)
• Don't be a dick.

Prize's:

• Most found CVE's - $50 Gift Card to Amazon
• Best vulnerability found - $50 Gift Card to Amazon
• Community MVP - $25 Gift Card to Amazon
• Miss Congeniality - $25 Gift Card to Amazon

Hacking:

• ManageEngine AD360
• ManageEngine Password Manager Pro
• Atlassian Jira
• tryGhost
• Cylance CylancePROTECT
• Cylance CylanceOPTICS
• MFA details provided at event.
• These are all VM's I can reset them if needed.

Details of targets

• Domain Server and General Info  HOST  Domain Controller Windows Server 2016 IP: 192.168.66.5 Domain: blackmarble.sh Admin: administrator Pass: ][Password][ Other users:  fox.zero fox.one ... fox.ten   Has a fun MFA thing to hack on ;) Global Share: \WIN-8CJ4M00PQSL\Data  has install files and some notes. gray folder has some .net decompiler programs cfr_0_122.jar is used to decompile java Feel free to put whatever here.      
• ManageEngine AD360  HOST  Windows 2016 Server IP: 192.168.66.6 Hostname: MANAGEENGINE-01 User: administrator Pass: ][Password][ Share for AD360, ADFree Tools, ADManager Plus, ADSelfService Plus: \MANAGEENGINE-01\ManageEngine Share for ADUdit Plus: \MANAGEENGINE-01\ManageEngine2 Each program has a folder called output what has the decompiled java source code.   Software  AD360  http://192.168.66.6:8082   AD360 Manager Plus  http://192.168.66.6:8080   ADAudit Plus  http://192.168.66.6:8081   ADSelfService Plus  http://192.168.66.6:8888      
• ManageEngine Password Manager Pro  HOST  Ubuntu Server 16.04.4 LTS IP: 192.168.66.25 Hostname: pmp User: fox Pass: ][Password][   Software  PMP  http://192.168.66.25:7272 Location: /home/fox/ManageEngine/PMP output folder has the decompiled source code.  /home/fox/ManageEngine/PMP/output /home/fox/ManageEngine/PMP/lib/output   What I have done so far https://init6.me/manageengine-password-pro/      
• Jira  HOST  CentOS 7 IP: 192.168.66.10 User: root Pass: ][Password][   Software  http://192.168.66.25:8080 User: fox Pass: ][Password][ Data locations  /var/atlassian/application-data/jira /opt/atlassian/jira output has the decompiled java source code Settings -> Application page has a spot to Upload an application which is where I want to start.      
• Cylance  HOST  Windows 10 Pro IP: 192.168.66.23 Hostname: Cylance-01.blackmarble.sh User: Administrator Pass: ][Password][