================================

|| OPEN IN CASE OF EMERGENCY!!||

================================
Hey backup!

If you're reading this then there's a high chance that something really bad has
happened while I'm on vacations at Cancun :P sorry for that...

Well here's some info that you might find usefull.

::::::ENVIRONMENT::::::
=======================
1. Fisrt things first... Don't panic!!
2. This is a pivot machine that will give you access to a small portion of the
production environment, specifically to the eComerce site application:
* WebServer (192.168.75.22). This is an IIS hosted on a Windows 2008 R2
server. I won't give you the administrator credentials but there is a
restricted "backup" user with pass "B4ckup_2018" that will give you access to most
of the things you'll need.
* DBServer (192.168.75.23). This is a MySql Database server used by the
webapp. As you can imagine the databases hosted here are a little
sensitive :). You can access it with the same "backup" user and same pass
"B4ckup_2018" as the webserver. I don't have the credentials for the database,
though...
* RHDocker (192.168.75.21). This is a RedHat 7.2 machine used to host Docker
applications and things like that. It also has the "backup" user
and pass "B4ckup_2018"

::::::WARNINGS (and by that I mean DON'T DO THIS!!::::::

========================================================
1. DevOps team setup an FTP server on the WebServer machine. Don't touch it! If it
gets blocked the full application may fail due to the CI process they
use to mantain it updated. No matter what the problem may be, this FTP must ALWAYS
ALWAYS ALWAYS AND ALWAYS BE UP AND RUNNING! (It has a lot of security
issues but those guys don't want us around it).
2. A guy from Trend Micro... Oscar Castro I think, came the other day to start a
PoC but I was about to leave so we made just some initial configurations.
I didn't get to learn too much about this Deep Security solution but if you need to
configure something or use it to solve something you can access it
with these credentials (don't share them please, I haven't got time to create
custom users):
https://192.168.75.75:4119
user: masteradmin
pass: 4droneForMe!
If you use it, document everything please, it might help us justify to buy it :)
3. NEVER NEVER NEVER RESTART A SERVER. All changes have to be aproved and our core
applications are very sensitive to network disconnections so NEVER
restart a machine.
4. DONT'T CHANGE THE DEFAULT FIREWALL RULES ON ANY SERVER. Some servers have a
firewall profile already, don't change anything!!!

==>FLAG: 4765745265616479
ecb0ae19

ups!
what??????????
the flag didn't worked?????????
so sad :(
work your way through it come on!! You can make it work!!
and just so you know.... the flag is NOT encrypted so don't waste your time looking
for keys
I mean... if you think about it... if it's not encrypted... then it is enc....
easy right?

housecall