README file:
Sombra True Random Number Generator (STRNG) is a QEMU-based emulated
hardware device developed by Sombra for Blizzard CTF 2017.
STRNG's QEMU can be run with the following command:
./qemu-system-x86_64 -m 1G \
-device strng \
-hda my-disk.img \
-hdb my-seed.img \
-nographic \
-L pc-bios/ \
-enable-kvm \
-device e1000,netdev=net0 \
-netdev user,id=net0,hostfwd=tcp::5555-:22
The flag is located at /root/flag on the host. The host uses the same image
as the guest as base image.
You can access the guest over SSH at 10.0.2.163:5555. The
username is "ubuntu" and password "passw0rd". The guest is reset every 10
minutes.
#############
root@kali2:~# snmp-check -t 10.0.2.10
snmpcheck v1.8 - SNMP enumerator
Copyright (c) 2005-2011 by Matteo Cantoni (www.nothink.org)
[*] Try to connect to 10.0.2.10
[*] Connected to 10.0.2.10
[*] Starting enumeration at 2017-11-05 09:13:52
[*] Error: No response from remote host "10.0.2.10".
Signal USR1 received in thread 1, but no signal handler set. at /usr/bin/snmp-check line 320.
root@kali2:~# snmp-check -t 10.0.2.33 -p 161
snmpcheck v1.8 - SNMP enumerator
Copyright (c) 2005-2011 by Matteo Cantoni (www.nothink.org)
[*] Try to connect to 10.0.2.33
[*] Connected to 10.0.2.33
[*] Starting enumeration at 2017-11-05 09:25:29
[*] System information
-----------------------------------------------------------------------------------------------
Hostname : basic
Description : Linux basic 4.4.0-97-generic #120-Ubuntu SMP Tue Sep 19 17:28:18 UTC 2017 x86_64
Uptime system : 19 minutes, 48.35
Uptime SNMP daemon : 19 minutes, 39.76
Contact : nobody@example.org
Location : blizzard{p@5$w0rd.txt}
Motd : -
[*] Devices information
-----------------------------------------------------------------------------------------------
Id Type Status Description
196608 Processor Running GenuineIntel: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
196609 Processor Running GenuineIntel: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
262145 Network Running network interface lo
262146 Network Running network interface ens160
786432 Coprocessor Unknown Guessing that there's a floating point co-processor
[*] Storage information
-----------------------------------------------------------------------------------------------
Physical memory
Device id : 1
Device type : Ram
Filesystem type : LinuxExt2
Device units : 1024
Memory size : 993M
Memory used : 575M
Memory free : 418M
[*] Processes
-----------------------------------------------------------------------------------------------
Total processes : 116
Process type : 1 unknown, 2 operating system, 3 device driver, 4 application
Process status : 1 running, 2 runnable, 3 not runnable, 4 invalid
Process id Process name Process type Process status Process path
1 systemd 4 2 /sbin/init
10 watchdog/0 2 2
1003 atd 4 2 /usr/sbin/atd
1006 vmtoolsd 4 2 /usr/bin/vmtoolsd
1008 rsyslogd 4 2 /usr/sbin/rsyslogd
1009 cron 4 2 /usr/sbin/cron
1014 accounts-daemon 4 2 /usr/lib/accountsservice/accounts-daemon
1015 systemd-logind 4 2 /lib/systemd/systemd-logind
1017 lxcfs 4 2 /usr/bin/lxcfs
1026 dbus-daemon 4 2 /usr/bin/dbus-daemon
1074 acpid 4 2 /usr/sbin/acpid
1079 snapd 4 2 /usr/lib/snapd/snapd
1090 mdadm 4 2 /sbin/mdadm
1094 polkitd 4 2 /usr/lib/policykit-1/polkitd
11 watchdog/1 2 2
1121 kworker/1:1H 2 2
1189 sshd 4 2 /usr/sbin/sshd
1191 named 4 2 /usr/sbin/named
1193 php 4 2 /usr/bin/php
1195 php 4 2 /usr/bin/php
1198 python 4 2 /usr/bin/python
12 migration/1 2 2
1217 iscsid 4 2 /sbin/iscsid
1218 iscsid 4 2 /sbin/iscsid
1278 atftpd 4 2 /usr/sbin/atftpd
1284 inetutils-inetd 4 2 /usr/sbin/inetutils-inetd
1287 irqbalance 4 2 /usr/sbin/irqbalance
1299 agetty 4 2 /sbin/agetty
13 ksoftirqd/1 2 2
1315 snmpd 4 1 /usr/sbin/snmpd
1382 systemd-network 4 2 /lib/systemd/systemd-networkd
14 kworker/1:0 2 2
148 mpt_poll_0 2 2
149 mpt/0 2 2
15 kworker/1:0H 2 2
150 kpsmoused 2 2
16 kdevtmpfs 2 2
17 netns 2 2
18 perf 2 2
180 scsi_eh_2 2 2
181 scsi_tmf_2 2 2
182 bioset 2 2
183 ttm_swap 2 2
19 khungtaskd 2 2
2 kthreadd 2 2
20 writeback 2 2
2017 sh 4 2 sh
2018 ping 4 2 ping
2079 kworker/u4:2 2 2
21 ksmd 2 2
2142 kworker/1:1 2 2
2167 sshd 4 2 sshd: unknown [priv]
2168 sshd 4 2 sshd: unknown [net]
2170 sshd 4 2 sshd: [accepted]
2171 sshd 4 2 sshd: [net]
22 khugepaged 2 2
23 crypto 2 2
24 kintegrityd 2 2
25 bioset 2 2
26 kblockd 2 2
268 raid5wq 2 2
27 ata_sff 2 2
28 md 2 2
29 devfreq_wq 2 2
292 kdmflush 2 2
293 bioset 2 2
3 ksoftirqd/0 2 2
30 kworker/u4:1 2 2
302 kdmflush 2 2
303 bioset 2 2
32 kworker/0:1 2 2
321 bioset 2 2
34 kswapd0 2 2
345 jbd2/dm-0-8 2 2
346 ext4-rsv-conver 2 2
35 vmstat 2 2
36 fsnotify_mark 2 2
37 ecryptfs-kthrea 2 2
395 kworker/0:1H 2 2
399 iscsi_eh 2 2
4 kworker/0:0 2 2
408 systemd-journal 4 2 /lib/systemd/systemd-journald
412 kworker/1:2 2 2
424 kauditd 2 2
438 ib_addr 2 2
440 ib_mcast 2 2
441 ib_nl_sa_wq 2 2
442 lvmetad 4 2 /sbin/lvmetad
443 ib_cm 2 2
449 iw_cm_wq 2 2
451 rdma_cm 2 2
468 systemd-udevd 4 2 /lib/systemd/systemd-udevd
5 kworker/0:0H 2 2
53 kthrotld 2 2
54 acpi_thermal_pm 2 2
55 bioset 2 2
56 bioset 2 2
57 bioset 2 2
58 bioset 2 2
59 bioset 2 2
60 bioset 2 2
61 bioset 2 2
62 bioset 2 2
63 scsi_eh_0 2 2
64 scsi_tmf_0 2 2
65 scsi_eh_1 2 2
66 scsi_tmf_1 2 2
7 rcu_sched 2 2
72 ipv6_addrconf 2 2
8 rcu_bh 2 2
843 ext4-rsv-conver 2 2
867 systemd-timesyn 4 2 /lib/systemd/systemd-timesyncd
87 deferwq 2 2
88 charger_manager 2 2
89 bioset 2 2
[*] Network interfaces
-----------------------------------------------------------------------------------------------
Interface : [ up ] lo
Interface Speed : 10 Mbps
IP Address : 10.0.2.33
Netmask : 255.255.255.0
MTU : 65536
Bytes In : 13033 (13K)
Bytes Out : 13033 (13K)
Interface : [ up ] VMware VMXNET3 Ethernet Controller
Hardware Address : 00:0c:29:d1:04:53
Interface Speed : 4294.967295 Mbps
IP Address : 127.0.0.1
Netmask : 255.0.0.0
MTU : 1500
Bytes In : 23843778 (23M)
Bytes Out : 11290971 (11M)
[*] Routing information
-----------------------------------------------------------------------------------------------
Destination Next Hop Mask Metric
0.0.0.0 10.0.2.254 0.0.0.0 1
[*] Listening TCP ports and connections
-----------------------------------------------------------------------------------------------
Local Address Port Remote Address Port State
0.0.0.0 12345 0.0.0.0 - Listening
0.0.0.0 22 0.0.0.0 - Listening
0.0.0.0 4848 0.0.0.0 - Listening
10.0.2.33 12345 10.0.4.93 42558 Established
10.0.2.33 22 10.0.4.192 55360 Established
10.0.2.33 22 10.0.4.84 7821 Established
10.0.2.33 4848 10.0.4.121 60157 Close wait
10.0.2.33 4848 10.0.4.93 816 SYN received
10.0.2.33 53 0.0.0.0 - Listening
127.0.0.1 53 0.0.0.0 - Listening
[*] Listening UDP ports
-----------------------------------------------------------------------------------------------
Local Address Port
0.0.0.0 161
0.0.0.0 39876
0.0.0.0 52793
0.0.0.0 69
10.0.2.33 53
[*] Mountpoints
-----------------------------------------------------------------------------------------------
/
/run
/dev/shm
/run/lock
/sys/fs/cgroup
/boot
[*] Enumerated 10.0.2.33 in 3.85 seconds
Signal USR1 received in thread 1, but no signal handler set. at /usr/bin/snmp-check line 230.
root@kali2:~# nmap -sV 10.0.2.33 -p- -T4
Starting Nmap 7.01 ( https://nmap.org ) at 2017-11-05 09:34 PST
Nmap scan report for 10.0.2.33
Host is up (0.00033s latency).
Not shown: 65532 filtered ports
PORT STATE SERVICE VERSION
22/tcp open tcpwrapped
4848/tcp open appserv-http?
12345/tcp open netbus?
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 132.44 seconds
root@kali2:~# ping 10.0.2.33
PING 10.0.2.33 (10.0.2.33) 56(84) bytes of data.
64 bytes from 10.0.2.33: icmp_seq=1 ttl=63 time=0.484 ms
64 bytes from 10.0.2.33: icmp_seq=2 ttl=63 time=0.465 ms
64 bytes from 10.0.2.33: icmp_seq=3 ttl=63 time=0.464 ms
64 bytes from 10.0.2.33: icmp_seq=4 ttl=63 time=0.528 ms
^C
--- 10.0.2.33 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3002ms
rtt min/avg/max/mdev = 0.464/0.485/0.528/0.030 ms
[*] Network information
-----------------------------------------------------------------------------------------------
IP forwarding enabled : no
Default TTL : 64
TCP segments received : 63274
TCP segments sent : 56762
TCP segments retrans. : 133
Input datagrams : 447293
Delivered datagrams : 434967
Output datagrams : 428890
[*] Network interfaces
-----------------------------------------------------------------------------------------------
Interface : [ up ] lo
Interface Speed : 10 Mbps
IP Address : 10.0.2.33
Netmask : 255.255.255.0
MTU : 65536
Bytes In : 12361 (13K)
Bytes Out : 12361 (13K)
Interface : [ up ] VMware VMXNET3 Ethernet Controller
Hardware Address : 00:0c:29:d1:04:53
Interface Speed : 4294.967295 Mbps
IP Address : 127.0.0.1
Netmask : 255.0.0.0
MTU : 1500
Bytes In : 44268065 (43M)
Bytes Out : 46057596 (44M)
[*] Routing information
-----------------------------------------------------------------------------------------------
Destination Next Hop Mask Metric
0.0.0.0 10.0.2.254 0.0.0.0 1
[*] Listening TCP ports and connections
-----------------------------------------------------------------------------------------------
Local Address Port Remote Address Port State
0.0.0.0 12345 0.0.0.0 - Listening
0.0.0.0 22 0.0.0.0 - Listening
0.0.0.0 4848 0.0.0.0 - Listening
[*] Listening UDP ports
-----------------------------------------------------------------------------------------------
Local Address Port
0.0.0.0 161
0.0.0.0 39876
0.0.0.0 52793
0.0.0.0 69
10.0.2.33 53
[*] Mountpoints
-----------------------------------------------------------------------------------------------
/
/run
/dev/shm
/run/lock
/sys/fs/cgroup
/boot
/run/user/1001
[*] Enumerated 10.0.2.33 in 2.71 seconds
Signal USR1 received in thread 1, but no signal handler set. at /usr/bin/snmp-check line 230.
root@kali2:~# snmp-check -t 10.0.2.33 -c private
snmpcheck v1.8 - SNMP enumerator
Copyright (c) 2005-2011 by Matteo Cantoni (www.nothink.org)
[*] Try to connect to 10.0.2.33
[*] Connected to 10.0.2.33
[*] Starting enumeration at 2017-11-05 13:54:05
[*] Error: No response from remote host "10.0.2.33".
Signal USR1 received in thread 1, but no signal handler set. at /usr/bin/snmp-check line 320.
root@kali2:~# snmpwalk -v2c -c public 10.0.2.33
iso.3.6.1.2.1.1.1.0 = STRING: "Linux basic 4.4.0-97-generic #120-Ubuntu SMP Tue Sep 19 17:28:18 UTC 2017 x86_64"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.8072.3.2.10
iso.3.6.1.2.1.1.3.0 = Timeticks: (11722) 0:01:57.22
iso.3.6.1.2.1.1.4.0 = STRING: "nobody@example.org"
iso.3.6.1.2.1.1.5.0 = STRING: "basic"
iso.3.6.1.2.1.1.6.0 = STRING: "blizzard{p@5$w0rd.txt}"
iso.3.6.1.2.1.1.7.0 = INTEGER: 72
iso.3.6.1.2.1.1.8.0 = Timeticks: (2) 0:00:00.02
iso.3.6.1.2.1.1.9.1.2.1 = OID: iso.3.6.1.6.3.11.3.1.1
iso.3.6.1.2.1.1.9.1.2.2 = OID: iso.3.6.1.6.3.15.2.1.1
iso.3.6.1.2.1.1.9.1.2.3 = OID: iso.3.6.1.6.3.10.3.1.1
iso.3.6.1.2.1.1.9.1.2.4 = OID: iso.3.6.1.6.3.1
iso.3.6.1.2.1.1.9.1.2.5 = OID: iso.3.6.1.6.3.16.2.2.1
iso.3.6.1.2.1.1.9.1.2.6 = OID: iso.3.6.1.2.1.49
iso.3.6.1.2.1.1.9.1.2.7 = OID: iso.3.6.1.2.1.4
iso.3.6.1.2.1.1.9.1.2.8 = OID: iso.3.6.1.2.1.50
iso.3.6.1.2.1.1.9.1.2.9 = OID: iso.3.6.1.6.3.13.3.1.3
iso.3.6.1.2.1.1.9.1.2.10 = OID: iso.3.6.1.2.1.92
iso.3.6.1.2.1.1.9.1.3.1 = STRING: "The MIB for Message Processing and Dispatching."
iso.3.6.1.2.1.1.9.1.3.2 = STRING: "The management information definitions for the SNMP User-based Security Model."
iso.3.6.1.2.1.1.9.1.3.3 = STRING: "The SNMP Management Architecture MIB."
iso.3.6.1.2.1.1.9.1.3.4 = STRING: "The MIB module for SNMPv2 entities"
iso.3.6.1.2.1.1.9.1.3.5 = STRING: "View-based Access Control Model for SNMP."
iso.3.6.1.2.1.1.9.1.3.6 = STRING: "The MIB module for managing TCP implementations"
iso.3.6.1.2.1.1.9.1.3.7 = STRING: "The MIB module for managing IP and ICMP implementations"
iso.3.6.1.2.1.1.9.1.3.8 = STRING: "The MIB module for managing UDP implementations"
iso.3.6.1.2.1.1.9.1.3.9 = STRING: "The MIB modules for managing SNMP Notification, plus filtering."
iso.3.6.1.2.1.1.9.1.3.10 = STRING: "The MIB module for logging SNMP Notifications."
iso.3.6.1.2.1.6.13.1.4.10.0.2.33.22.10.0.4.81.36638 = IpAddress: 10.0.4.81
iso.3.6.1.2.1.6.13.1.4.10.0.2.33.22.10.0.4.233.47448 = IpAddress: 10.0.4.233
iso.3.6.1.2.1.25.1.4.0 = STRING: "BOOT_IMAGE=/vmlinuz-4.4.0-97-generic root=/dev/mapper/basic--vg-root ro
"
iso.3.6.1.2.1.25.2.3.1.2.62 = OID: iso.3.6.1.2.1.25.2.1.4
iso.3.6.1.2.1.25.2.3.1.3.1 = STRING: "Physical memory"
iso.3.6.1.2.1.25.2.3.1.3.3 = STRING: "Virtual memory"
iso.3.6.1.2.1.25.2.3.1.3.6 = STRING: "Memory buffers"
iso.3.6.1.2.1.25.2.3.1.3.7 = STRING: "Cached memory"
iso.3.6.1.2.1.25.2.3.1.3.8 = STRING: "Shared memory"
iso.3.6.1.2.1.25.2.3.1.3.10 = STRING: "Swap space"
iso.3.6.1.2.1.25.2.3.1.3.31 = STRING: "/"
iso.3.6.1.2.1.25.2.3.1.3.37 = STRING: "/run"
iso.3.6.1.2.1.25.2.3.1.3.39 = STRING: "/dev/shm"
iso.3.6.1.2.1.25.2.3.1.3.40 = STRING: "/run/lock"
iso.3.6.1.2.1.25.2.3.1.3.41 = STRING: "/sys/fs/cgroup"
iso.3.6.1.2.1.25.2.3.1.3.59 = STRING: "/boot"
iso.3.6.1.2.1.25.2.3.1.3.61 = STRING: "/run/user/1003"
iso.3.6.1.2.1.25.2.3.1.3.62 = STRING: "/run/user/1001"
iso.3.6.1.2.1.25.2.3.1.4.1 = INTEGER: 1024
iso.3.6.1.2.1.25.3.2.1.1.196608 = INTEGER: 196608
iso.3.6.1.2.1.25.3.2.1.1.196609 = INTEGER: 196609
iso.3.6.1.2.1.25.3.2.1.1.262145 = INTEGER: 262145
iso.3.6.1.2.1.25.3.2.1.1.262146 = INTEGER: 262146
iso.3.6.1.2.1.25.3.2.1.1.786432 = INTEGER: 786432
iso.3.6.1.2.1.25.3.2.1.2.196608 = OID: iso.3.6.1.2.1.25.3.1.3
iso.3.6.1.2.1.25.3.2.1.2.196609 = OID: iso.3.6.1.2.1.25.3.1.3
iso.3.6.1.2.1.25.3.2.1.2.262145 = OID: iso.3.6.1.2.1.25.3.1.4
iso.3.6.1.2.1.25.3.2.1.2.262146 = OID: iso.3.6.1.2.1.25.3.1.4
iso.3.6.1.2.1.25.3.2.1.2.786432 = OID: iso.3.6.1.2.1.25.3.1.12
iso.3.6.1.2.1.25.3.2.1.3.196608 = STRING: "GenuineIntel: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
iso.3.6.1.2.1.25.3.2.1.3.196609 = STRING: "GenuineIntel: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
iso.3.6.1.2.1.25.3.2.1.3.262145 = STRING: "network interface lo"
iso.3.6.1.2.1.25.3.2.1.3.262146 = STRING: "network interface ens160"
iso.3.6.1.2.1.25.3.2.1.3.786432 = STRING: "Guessing that there's a floating point co-processor"
iso.3.6.1.2.1.25.3.8.1.1.10 = INTEGER: 10
iso.3.6.1.2.1.25.3.8.1.1.11 = INTEGER: 11
iso.3.6.1.2.1.25.3.8.1.1.29 = INTEGER: 29
iso.3.6.1.2.1.25.3.8.1.1.31 = INTEGER: 31
iso.3.6.1.2.1.25.3.8.1.1.32 = INTEGER: 32
iso.3.6.1.2.1.25.3.8.1.2.1 = STRING: "/"
iso.3.6.1.2.1.25.3.8.1.2.7 = STRING: "/run"
iso.3.6.1.2.1.25.3.8.1.2.9 = STRING: "/dev/shm"
iso.3.6.1.2.1.25.3.8.1.2.10 = STRING: "/run/lock"
iso.3.6.1.2.1.25.3.8.1.2.11 = STRING: "/sys/fs/cgroup"
iso.3.6.1.2.1.25.3.8.1.2.29 = STRING: "/boot"
iso.3.6.1.2.1.25.3.8.1.2.31 = STRING: "/run/user/1003"
iso.3.6.1.2.1.25.3.8.1.2.32 = STRING: "/run/user/1001"
iso.3.6.1.2.1.25.3.8.1.3.1 = ""
iso.3.6.1.2.1.25.4.2.1.2.1 = STRING: "systemd"
iso.3.6.1.2.1.25.4.2.1.2.2 = STRING: "kthreadd"
iso.3.6.1.2.1.25.4.2.1.2.3 = STRING: "ksoftirqd/0"
iso.3.6.1.2.1.25.4.2.1.2.4 = STRING: "kworker/0:0"
iso.3.6.1.2.1.25.4.2.1.2.5 = STRING: "kworker/0:0H"
iso.3.6.1.2.1.25.4.2.1.2.6 = STRING: "kworker/u4:0"
iso.3.6.1.2.1.25.4.2.1.2.7 = STRING: "rcu_sched"
iso.3.6.1.2.1.25.4.2.1.2.8 = STRING: "rcu_bh"
iso.3.6.1.2.1.25.4.2.1.2.9 = STRING: "migration/0"
iso.3.6.1.2.1.25.4.2.1.2.10 = STRING: "watchdog/0"
iso.3.6.1.2.1.25.4.2.1.2.11 = STRING: "watchdog/1"
iso.3.6.1.2.1.25.4.2.1.2.12 = STRING: "migration/1"
iso.3.6.1.2.1.25.4.2.1.2.13 = STRING: "ksoftirqd/1"
iso.3.6.1.2.1.25.4.2.1.2.14 = STRING: "kworker/1:0"
iso.3.6.1.2.1.25.4.2.1.2.15 = STRING: "kworker/1:0H"
iso.3.6.1.2.1.25.4.2.1.2.16 = STRING: "kdevtmpfs"
iso.3.6.1.2.1.25.4.2.1.2.17 = STRING: "netns"
iso.3.6.1.2.1.25.4.2.1.2.18 = STRING: "perf"
iso.3.6.1.2.1.25.4.2.1.2.19 = STRING: "khungtaskd"
iso.3.6.1.2.1.25.4.2.1.2.20 = STRING: "writeback"
iso.3.6.1.2.1.25.4.2.1.2.21 = STRING: "ksmd"
iso.3.6.1.2.1.25.4.2.1.2.22 = STRING: "khugepaged"
iso.3.6.1.2.1.25.4.2.1.2.23 = STRING: "crypto"
iso.3.6.1.2.1.25.4.2.1.2.24 = STRING: "kintegrityd"
iso.3.6.1.2.1.25.4.2.1.2.25 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.26 = STRING: "kblockd"
iso.3.6.1.2.1.25.4.2.1.2.27 = STRING: "ata_sff"
iso.3.6.1.2.1.25.4.2.1.2.28 = STRING: "md"
iso.3.6.1.2.1.25.4.2.1.2.29 = STRING: "devfreq_wq"
iso.3.6.1.2.1.25.4.2.1.2.30 = STRING: "kworker/u4:1"
iso.3.6.1.2.1.25.4.2.1.2.31 = STRING: "kworker/1:1"
iso.3.6.1.2.1.25.4.2.1.2.32 = STRING: "kworker/0:1"
iso.3.6.1.2.1.25.4.2.1.2.34 = STRING: "kswapd0"
iso.3.6.1.2.1.25.4.2.1.2.35 = STRING: "vmstat"
iso.3.6.1.2.1.25.4.2.1.2.36 = STRING: "fsnotify_mark"
iso.3.6.1.2.1.25.4.2.1.2.37 = STRING: "ecryptfs-kthrea"
iso.3.6.1.2.1.25.4.2.1.2.53 = STRING: "kthrotld"
iso.3.6.1.2.1.25.4.2.1.2.54 = STRING: "acpi_thermal_pm"
iso.3.6.1.2.1.25.4.2.1.2.55 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.56 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.57 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.58 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.59 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.60 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.61 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.62 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.63 = STRING: "scsi_eh_0"
iso.3.6.1.2.1.25.4.2.1.2.64 = STRING: "scsi_tmf_0"
iso.3.6.1.2.1.25.4.2.1.2.65 = STRING: "scsi_eh_1"
iso.3.6.1.2.1.25.4.2.1.2.66 = STRING: "scsi_tmf_1"
iso.3.6.1.2.1.25.4.2.1.2.67 = STRING: "kworker/u4:2"
iso.3.6.1.2.1.25.4.2.1.2.68 = STRING: "kworker/u4:3"
iso.3.6.1.2.1.25.4.2.1.2.72 = STRING: "ipv6_addrconf"
iso.3.6.1.2.1.25.4.2.1.2.73 = STRING: "kworker/0:2"
iso.3.6.1.2.1.25.4.2.1.2.75 = STRING: "kworker/u4:4"
iso.3.6.1.2.1.25.4.2.1.2.87 = STRING: "deferwq"
iso.3.6.1.2.1.25.4.2.1.2.88 = STRING: "charger_manager"
iso.3.6.1.2.1.25.4.2.1.2.89 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.148 = STRING: "mpt_poll_0"
iso.3.6.1.2.1.25.4.2.1.2.149 = STRING: "mpt/0"
iso.3.6.1.2.1.25.4.2.1.2.150 = STRING: "kpsmoused"
iso.3.6.1.2.1.25.4.2.1.2.180 = STRING: "scsi_eh_2"
iso.3.6.1.2.1.25.4.2.1.2.181 = STRING: "scsi_tmf_2"
iso.3.6.1.2.1.25.4.2.1.2.182 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.183 = STRING: "ttm_swap"
iso.3.6.1.2.1.25.4.2.1.2.268 = STRING: "raid5wq"
iso.3.6.1.2.1.25.4.2.1.2.292 = STRING: "kdmflush"
iso.3.6.1.2.1.25.4.2.1.2.293 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.302 = STRING: "kdmflush"
iso.3.6.1.2.1.25.4.2.1.2.303 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.321 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.345 = STRING: "jbd2/dm-0-8"
iso.3.6.1.2.1.25.4.2.1.2.346 = STRING: "ext4-rsv-conver"
iso.3.6.1.2.1.25.4.2.1.2.395 = STRING: "kworker/0:1H"
iso.3.6.1.2.1.25.4.2.1.2.399 = STRING: "iscsi_eh"
iso.3.6.1.2.1.25.4.2.1.2.407 = STRING: "kworker/0:3"
iso.3.6.1.2.1.25.4.2.1.2.408 = STRING: "systemd-journal"
iso.3.6.1.2.1.25.4.2.1.2.412 = STRING: "kworker/1:2"
iso.3.6.1.2.1.25.4.2.1.2.424 = STRING: "kauditd"
iso.3.6.1.2.1.25.4.2.1.2.438 = STRING: "ib_addr"
iso.3.6.1.2.1.25.4.2.1.2.440 = STRING: "ib_mcast"
iso.3.6.1.2.1.25.4.2.1.2.441 = STRING: "ib_nl_sa_wq"
iso.3.6.1.2.1.25.4.2.1.2.442 = STRING: "lvmetad"
iso.3.6.1.2.1.25.4.2.1.2.443 = STRING: "ib_cm"
iso.3.6.1.2.1.25.4.2.1.2.449 = STRING: "iw_cm_wq"
iso.3.6.1.2.1.25.4.2.1.2.451 = STRING: "rdma_cm"
iso.3.6.1.2.1.25.4.2.1.2.468 = STRING: "systemd-udevd"
iso.3.6.1.2.1.25.4.2.1.2.629 = STRING: "kworker/1:3"
iso.3.6.1.2.1.25.4.2.1.2.843 = STRING: "ext4-rsv-conver"
iso.3.6.1.2.1.25.4.2.1.2.867 = STRING: "systemd-timesyn"
iso.3.6.1.2.1.25.4.2.1.2.1003 = STRING: "atd"
iso.3.6.1.2.1.25.4.2.1.2.1006 = STRING: "vmtoolsd"
iso.3.6.1.2.1.25.4.2.1.2.1008 = STRING: "rsyslogd"
iso.3.6.1.2.1.25.4.2.1.2.1009 = STRING: "cron"
iso.3.6.1.2.1.25.4.2.1.2.1014 = STRING: "accounts-daemon"
iso.3.6.1.2.1.25.4.2.1.2.1015 = STRING: "systemd-logind"
iso.3.6.1.2.1.25.4.2.1.2.1017 = STRING: "lxcfs"
iso.3.6.1.2.1.25.4.2.1.2.1022 = STRING: "kworker/1:4"
iso.3.6.1.2.1.25.4.2.1.2.1026 = STRING: "dbus-daemon"
iso.3.6.1.2.1.25.4.2.1.2.1074 = STRING: "acpid"
iso.3.6.1.2.1.25.4.2.1.2.1079 = STRING: "snapd"
iso.3.6.1.2.1.25.4.2.1.2.1090 = STRING: "mdadm"
iso.3.6.1.2.1.25.4.2.1.2.1094 = STRING: "polkitd"
iso.3.6.1.2.1.25.4.2.1.2.1121 = STRING: "kworker/1:1H"
iso.3.6.1.2.1.25.4.2.1.2.1189 = STRING: "sshd"
iso.3.6.1.2.1.25.4.2.1.2.1191 = STRING: "named"
iso.3.6.1.2.1.25.4.2.1.2.1193 = STRING: "php"
iso.3.6.1.2.1.25.4.2.1.2.1195 = STRING: "php"
iso.3.6.1.2.1.25.4.2.1.2.1198 = STRING: "python"
iso.3.6.1.2.1.25.4.2.1.2.1217 = STRING: "iscsid"
iso.3.6.1.2.1.25.4.2.1.2.1218 = STRING: "iscsid"
iso.3.6.1.2.1.25.4.2.1.2.1235 = STRING: "kworker/0:4"
iso.3.6.1.2.1.25.4.2.1.2.1278 = STRING: "atftpd"
iso.3.6.1.2.1.25.4.2.1.2.1284 = STRING: "inetutils-inetd"
iso.3.6.1.2.1.25.4.2.1.2.1287 = STRING: "irqbalance"
iso.3.6.1.2.1.25.4.2.1.2.1299 = STRING: "agetty"
iso.3.6.1.2.1.25.4.2.1.2.1315 = STRING: "snmpd"
iso.3.6.1.2.1.25.4.2.1.2.1374 = STRING: "systemd-network"
iso.3.6.1.2.1.25.4.2.1.2.1472 = STRING: "sshd"
iso.3.6.1.2.1.25.4.2.1.2.1615 = STRING: "systemd"
iso.3.6.1.2.1.25.4.2.1.2.1626 = STRING: "(sd-pam)"
iso.3.6.1.2.1.25.4.2.1.2.1704 = STRING: "sshd"
iso.3.6.1.2.1.25.4.2.1.2.1705 = STRING: "bash"
iso.3.6.1.2.1.25.4.2.1.2.1888 = STRING: "sshd"
iso.3.6.1.2.1.25.4.2.1.2.1907 = STRING: "systemd"
iso.3.6.1.2.1.25.4.2.1.2.1908 = STRING: "(sd-pam)"
iso.3.6.1.2.1.25.4.2.1.2.1941 = STRING: "sshd"
iso.3.6.1.2.1.25.4.2.1.2.1942 = STRING: "lshell"
iso.3.6.1.2.1.25.4.2.1.2.2033 = STRING: "sh"
iso.3.6.1.2.1.25.4.2.1.2.2034 = STRING: "nc"
iso.3.6.1.2.1.25.4.2.1.3.1 = OID: ccitt.0
iso.3.6.1.2.1.25.4.2.1.4.408 = STRING: "/lib/systemd/systemd-journald"
iso.3.6.1.2.1.25.4.2.1.4.412 = ""
iso.3.6.1.2.1.25.4.2.1.4.424 = ""
iso.3.6.1.2.1.25.4.2.1.4.438 = ""
iso.3.6.1.2.1.25.4.2.1.4.440 = ""
iso.3.6.1.2.1.25.4.2.1.4.441 = ""
iso.3.6.1.2.1.25.4.2.1.4.442 = STRING: "/sbin/lvmetad"
iso.3.6.1.2.1.25.4.2.1.4.443 = ""
iso.3.6.1.2.1.25.4.2.1.4.449 = ""
iso.3.6.1.2.1.25.4.2.1.4.451 = ""
iso.3.6.1.2.1.25.4.2.1.4.468 = STRING: "/lib/systemd/systemd-udevd"
iso.3.6.1.2.1.25.4.2.1.4.629 = ""
iso.3.6.1.2.1.25.4.2.1.4.843 = ""
iso.3.6.1.2.1.25.4.2.1.4.867 = STRING: "/lib/systemd/systemd-timesyncd"
iso.3.6.1.2.1.25.4.2.1.4.1003 = STRING: "/usr/sbin/atd"
iso.3.6.1.2.1.25.4.2.1.4.1006 = STRING: "/usr/bin/vmtoolsd"
iso.3.6.1.2.1.25.4.2.1.4.1008 = STRING: "/usr/sbin/rsyslogd"
iso.3.6.1.2.1.25.4.2.1.4.1009 = STRING: "/usr/sbin/cron"
iso.3.6.1.2.1.25.4.2.1.4.1014 = STRING: "/usr/lib/accountsservice/accounts-daemon"
iso.3.6.1.2.1.25.4.2.1.4.1015 = STRING: "/lib/systemd/systemd-logind"
iso.3.6.1.2.1.25.4.2.1.4.1017 = STRING: "/usr/bin/lxcfs"
iso.3.6.1.2.1.25.4.2.1.4.1022 = ""
iso.3.6.1.2.1.25.4.2.1.4.1026 = STRING: "/usr/bin/dbus-daemon"
iso.3.6.1.2.1.25.4.2.1.4.1074 = STRING: "/usr/sbin/acpid"
iso.3.6.1.2.1.25.4.2.1.4.1079 = STRING: "/usr/lib/snapd/snapd"
iso.3.6.1.2.1.25.4.2.1.4.1090 = STRING: "/sbin/mdadm"
iso.3.6.1.2.1.25.4.2.1.4.1094 = STRING: "/usr/lib/policykit-1/polkitd"
iso.3.6.1.2.1.25.4.2.1.4.1121 = ""
iso.3.6.1.2.1.25.4.2.1.4.1189 = STRING: "/usr/sbin/sshd"
iso.3.6.1.2.1.25.4.2.1.4.1191 = STRING: "/usr/sbin/named"
iso.3.6.1.2.1.25.4.2.1.4.1193 = STRING: "/usr/bin/php"
iso.3.6.1.2.1.25.4.2.1.4.1195 = STRING: "/usr/bin/php"
iso.3.6.1.2.1.25.4.2.1.4.1198 = STRING: "/usr/bin/python"
iso.3.6.1.2.1.25.4.2.1.4.1217 = STRING: "/sbin/iscsid"
iso.3.6.1.2.1.25.4.2.1.4.1218 = STRING: "/sbin/iscsid"
iso.3.6.1.2.1.25.4.2.1.4.1235 = ""
iso.3.6.1.2.1.25.4.2.1.4.1278 = STRING: "/usr/sbin/atftpd"
iso.3.6.1.2.1.25.4.2.1.4.1284 = STRING: "/usr/sbin/inetutils-inetd"
iso.3.6.1.2.1.25.4.2.1.4.1287 = STRING: "/usr/sbin/irqbalance"
iso.3.6.1.2.1.25.4.2.1.4.1299 = STRING: "/sbin/agetty"
iso.3.6.1.2.1.25.4.2.1.4.1315 = STRING: "/usr/sbin/snmpd"
iso.3.6.1.2.1.25.4.2.1.4.1374 = STRING: "/lib/systemd/systemd-networkd"
iso.3.6.1.2.1.25.4.2.1.4.1472 = STRING: "sshd: sombra [priv]"
iso.3.6.1.2.1.25.4.2.1.4.1615 = STRING: "/lib/systemd/systemd"
iso.3.6.1.2.1.25.4.2.1.4.1626 = STRING: "(sd-pam)"
iso.3.6.1.2.1.25.4.2.1.4.1704 = STRING: "sshd: sombra@pts/0"
iso.3.6.1.2.1.25.4.2.1.4.1705 = STRING: "-bash"
iso.3.6.1.2.1.25.4.2.1.4.1888 = STRING: "sshd: tracer [priv]"
iso.3.6.1.2.1.25.4.2.1.4.1907 = STRING: "/lib/systemd/systemd"
iso.3.6.1.2.1.25.4.2.1.4.1908 = STRING: "(sd-pam)"
iso.3.6.1.2.1.25.4.2.1.4.1941 = STRING: "sshd: tracer@pts/1"
iso.3.6.1.2.1.25.4.2.1.4.1942 = STRING: "/usr/bin/python"
iso.3.6.1.2.1.25.4.2.1.4.2033 = STRING: "/bin/sh"
iso.3.6.1.2.1.25.4.2.1.4.2034 = STRING: "nc"
iso.3.6.1.2.1.25.4.2.1.5.407 = ""
iso.3.6.1.2.1.25.4.2.1.5.408 = ""
iso.3.6.1.2.1.25.4.2.1.5.412 = ""
iso.3.6.1.2.1.25.4.2.1.5.424 = ""
iso.3.6.1.2.1.25.4.2.1.5.438 = ""
iso.3.6.1.2.1.25.4.2.1.5.440 = ""
iso.3.6.1.2.1.25.4.2.1.5.441 = ""
iso.3.6.1.2.1.25.4.2.1.5.442 = STRING: "-f"
iso.3.6.1.2.1.25.4.2.1.5.443 = ""
iso.3.6.1.2.1.25.4.2.1.5.449 = ""
iso.3.6.1.2.1.25.4.2.1.5.451 = ""
iso.3.6.1.2.1.25.4.2.1.5.468 = ""
iso.3.6.1.2.1.25.4.2.1.5.629 = ""
iso.3.6.1.2.1.25.4.2.1.5.843 = ""
iso.3.6.1.2.1.25.4.2.1.5.867 = ""
iso.3.6.1.2.1.25.4.2.1.5.1003 = STRING: "-f"
iso.3.6.1.2.1.25.4.2.1.5.1006 = ""
iso.3.6.1.2.1.25.4.2.1.5.1008 = STRING: "-n"
iso.3.6.1.2.1.25.4.2.1.5.1009 = STRING: "-f"
iso.3.6.1.2.1.25.4.2.1.5.1014 = ""
iso.3.6.1.2.1.25.4.2.1.5.1015 = ""
iso.3.6.1.2.1.25.4.2.1.5.1017 = STRING: "/var/lib/lxcfs/"
iso.3.6.1.2.1.25.4.2.1.5.1022 = ""
iso.3.6.1.2.1.25.4.2.1.5.1026 = STRING: "--system --address=systemd: --nofork --nopidfile --systemd-activation"
iso.3.6.1.2.1.25.4.2.1.5.1074 = ""
iso.3.6.1.2.1.25.4.2.1.5.1079 = ""
iso.3.6.1.2.1.25.4.2.1.5.1090 = STRING: "--monitor --pid-file /run/mdadm/monitor.pid --daemonise --scan --syslog"
iso.3.6.1.2.1.25.4.2.1.5.1094 = STRING: "--no-debug"
iso.3.6.1.2.1.25.4.2.1.5.1121 = ""
iso.3.6.1.2.1.25.4.2.1.5.1189 = STRING: "-D"
iso.3.6.1.2.1.25.4.2.1.5.1191 = STRING: "-f -u bind"
iso.3.6.1.2.1.25.4.2.1.5.1193 = STRING: "-S 0.0.0.0:4848 -t /home/pingpwn/www"
iso.3.6.1.2.1.25.4.2.1.5.1195 = STRING: "-S 0.0.0.0:12345 -t /home/agentdb/www"
iso.3.6.1.2.1.25.4.2.1.5.1198 = STRING: "/root/listen.py"
iso.3.6.1.2.1.25.4.2.1.5.1217 = ""
iso.3.6.1.2.1.25.4.2.1.5.1218 = ""
iso.3.6.1.2.1.25.4.2.1.5.1235 = ""
iso.3.6.1.2.1.25.4.2.1.5.1278 = STRING: "--daemon --tftpd-timeout 60 --retry-timeout 5 --maxthread 200 --verbose=5 --port=52793 /srv/tftp"
iso.3.6.1.2.1.25.4.2.1.5.1284 = ""
iso.3.6.1.2.1.25.4.2.1.5.1287 = STRING: "--pid=/var/run/irqbalance.pid"
iso.3.6.1.2.1.25.4.2.1.5.1299 = STRING: "--noclear tty1 linux"
iso.3.6.1.2.1.25.4.2.1.5.1315 = STRING: "-Lsd -Lf /dev/null -u snmp -g snmp -I -smux mteTrigger mteTriggerConf -p /run/snmpd.pid"
iso.3.6.1.2.1.25.4.2.1.5.1374 = ""
iso.3.6.1.2.1.25.4.2.1.5.1472 = ""
iso.3.6.1.2.1.25.4.2.1.5.1615 = STRING: "--user"
iso.3.6.1.2.1.25.4.2.1.5.1626 = ""
iso.3.6.1.2.1.25.4.2.1.5.1704 = ""
iso.3.6.1.2.1.25.4.2.1.5.1705 = ""
iso.3.6.1.2.1.25.4.2.1.5.1888 = ""
iso.3.6.1.2.1.25.4.2.1.5.1907 = STRING: "--user"
iso.3.6.1.2.1.25.4.2.1.5.1908 = ""
iso.3.6.1.2.1.25.4.2.1.5.1941 = ""
iso.3.6.1.2.1.25.4.2.1.5.1942 = STRING: "/usr/bin/lshell"
iso.3.6.1.2.1.25.4.2.1.5.2033 = STRING: "-c nc -nlvp 8888"
iso.3.6.1.2.1.25.4.2.1.5.2034 = STRING: "-nlvp 8888"
