Cyber Ranges Discussion

mgrapes

Dear All,

I'd like to get some discussions going for ICS/SCADA cyber range lab (lightsout).

In particular I am interested in hints for getting Flag 5.

Via apache logs I got that engineering and management are valid usernames. From sql DB I got the password hashes of these two accounts, but the wordlists on the machine cannot break them. Not sure if I am going down the rabbit hole with this approach. 

Is anyone working on this?

Thanks a lot.

Cheers+

mgrapes

(spoiler alert) Now I can confirm that these two users are the only ones that are able to login to the 'secure' URL:

        <Directory "/var/www/mgmtsrvr.com/html/secure">                         

        AuthType Basic                                                          

        AuthName "Restricted Content"                                           

        AuthUserFile /etc/apache2/.htpasswd                                     

        Require valid-user                                                      

        </Directory>        

(4) Skillset Labs> cat .htpasswd                                                

engineering:$apr1$YwKtP5Nv$9TFBSdXIfrVwVa5Z0P4pD/                               

management:$apr1$PmmMFBIb$Ym.tA10I2a6e.TtrIO0/P1        

However, it boils down to cracking the hashes or I am wrong here?

Thank you.