Options
Cyber Ranges Discussion
mgrapes
Member Posts: 2 ■■□□□□□□□□
Dear All,
I'd like to get some discussions going for ICS/SCADA cyber range lab (lightsout).
In particular I am interested in hints for getting Flag 5.
Via apache logs I got that engineering and management are valid usernames. From sql DB I got the password hashes of these two accounts, but the wordlists on the machine cannot break them. Not sure if I am going down the rabbit hole with this approach.
Is anyone working on this?
Thanks a lot.
Cheers+
I'd like to get some discussions going for ICS/SCADA cyber range lab (lightsout).
In particular I am interested in hints for getting Flag 5.
Via apache logs I got that engineering and management are valid usernames. From sql DB I got the password hashes of these two accounts, but the wordlists on the machine cannot break them. Not sure if I am going down the rabbit hole with this approach.
Is anyone working on this?
Thanks a lot.
Cheers+
Comments
-
Optionsmgrapes
Member Posts: 2 ■■□□□□□□□□
(spoiler alert) Now I can confirm that these two users are the only ones that are able to login to the 'secure' URL:
<Directory "/var/www/mgmtsrvr.com/html/secure">
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
</Directory>
(4) Skillset Labs> cat .htpasswd
engineering:$apr1$YwKtP5Nv$9TFBSdXIfrVwVa5Z0P4pD/
management:$apr1$PmmMFBIb$Ym.tA10I2a6e.TtrIO0/P1
However, it boils down to cracking the hashes or I am wrong here?
Thank you.