+ Reply to Thread
Page 3 of 5 First 123 45 Last
Results 51 to 75 of 109
  1. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #51
    DAY 25

    Study time: 14 hours (and counting), total: 100 hours
    Boxes rooted: 5, total 20/?

    Summary:

    I'm currently in the middle of a marathon session, but I thought I'd stop and take a few minutes to write down what I've done today. I'm currently 14 hours in and multiple energy drinks deep. So far, I've rooted FC4, Helpdesk, Hotline, Core, and Kevin. FC4 was by far the hardest for me. I had a shell pretty much right away, but the escalation took forever. I was close the entire time, but failed to pay attention to the small details. I just wrapped up Core and went down a rabbit hole that was definitely exploitable, but I could not figure out for the life of me. So, I moved on to a different service and was able to exploit.

    I've now hit my goal of 20 machines in 30 days. I have 5 days to spare, so hopefully I can find some time to catch up. I'm starting to run out of machines in the public network. I believe there are 39 total. Alpha has a write up on the forums and doesn't count, so I've been avoiding it. A couple of machines I've poked at have big dependencies on machines in other networks, so I cannot root them. Thus, I have somewhere around 16 machines left, which include the hard ones: Bethany, Gamma, Pain, Humble, Gh0st, and Sufferance. I have a feeling I'm about to slow way down on rooting, but who knows. If I can knock those machines out, I'll be incredibly confident moving forward. I actually started on Pain today and noped out of there in about 30 minutes. Perhaps tomorrow I'll have the energy.

    Overall, it has been my best day in the labs. I'm going to get back at it before sleep hits me. This has been good practice for the exam endurance in my opinion.

    Tip of the day:

    Pay attention to the small details. Also, know what web servers you are attacking and think about the types of languages they run. Some run multiple.
    Rooted (20): Alice, Barry, Bob, Core, DJ, FC4, Helpdesk, Hotline, JD, Joe, Kevin, Kraken, Master, Mike, Payday, Phoenix, Ralph, Sherlock, Susie, Tophat
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Jul 2015
    Location
    Liverpool, UK
    Posts
    187

    Certifications
    A+, Net+, ITIL v3, MCSA:2008/2012, MCITP:EDST/EDA
    #52
    Out of curiosity, are you able to lab at work? 14 hours is a long time haha
    Reply With Quote Quote  

  4. Junior Member
    Join Date
    Feb 2016
    Posts
    28

    Certifications
    eMAPT, CEH, MCP, Qualys Certified Specialist
    #53
    Great progress, you are a real inspiration!
    Reply With Quote Quote  

  5. Member Hornswoggler's Avatar
    Join Date
    Jun 2017
    Posts
    56

    Certifications
    A+, MCSE NT 4.0, CCNA, MCSE Win2k, CISSP, GCIH, CCSK, GPEN, OSCP
    #54
    I'm shooting for November 13th but might move it forward if I have good progress in the labs.
    Reply With Quote Quote  

  6. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #55
    Quote Originally Posted by Pseudonym View Post
    Out of curiosity, are you able to lab at work? 14 hours is a long time haha
    I was able to "work from home" for the last 3 days of the work week. I was on 3 weeks of consecutive travel and argued that I couldn't work on my course during that time. Manager went for it.


    Quote Originally Posted by ottucsak View Post
    Great progress, you are a real inspiration!
    Thank you! I appreciate it.


    Quote Originally Posted by Hornswoggler View Post
    I'm shooting for November 13th but might move it forward if I have good progress in the labs.
    At the rate you're going, I can see you moving it up.
    Reply With Quote Quote  

  7. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #56
    DAY 26

    Study time: 10 hours (and counting), total: 110 hours

    Boxes rooted: 3, total 23/?

    Summary:

    I finished off another 5 hours in the labs yesterday/this morning before calling it quits for the night. I was able to get 2 more machines, making it 7 roots in 19 hours. Those two were Leftturn and Oracle. Oracle was very straight forward and I used MSF to root. I need to go back and work on writing the manual exploit. I think I'm going to spend time on my upcoming work travel writing exploits, organizing previous exploits/files, cracking passwords, and begin to make my own checklists/field manual for the exam. This means I'll probably take a week off from actually exploiting anything, which is similar to what I did last time I was on travel. So, the more machines I can root in the next week and a half, the better.

    Leftturn was a bit of a challenge. It taught me some old school tricks to privilege escalation that I did not know about.

    I'm about 5 hours into a session right now as I decided to spend time with my girlfriend today and work when she went to sleep. I started prodding a bit at some of the tougher (in my opinion) machines. I messed with Tricia, Dotty, Pain, Humble, and Gh0st. None of them were generally holding my interesting and I was hitting wall after wall. Until I started on Gh0st.

    What I liked about Gh0st was that there was only one obvious method of attack from the start. It allows me to laser focus and at least know I'm not down too terrible of a rabbit hole. The machine was very similar to a CTF style machine and not really real-world practical in my opinion. However, I learned some nifty tricks through enumeration and spent hours writing an exploit I was sure was going to work, but could not get it to. I was about to give up on it when I realized an error in my code. Needless to say, Gh0st has been owned.

    I'm likely going to continue my session for at least another 8 hours. I'm definitely slowing down a bit in the public network. I'm still avoiding the other networks, but it's becoming more apparent that I will need to start attacking them sooner or later. 23 down of 39, two to three have dependencies on other machines, and alpha doesn't count...so I have about 12 real machines left in the public network before I have to move on. Half of those are known for their sheer difficulty. Wish me luck....


    Rooted (23): Alice, Barry, Bob, Core, DJ, FC4, Gh0st, Helpdesk, Hotline, JD, Joe, Kevin, Kraken, Leftturn, Master, Mike, Oracle, Payday, Phoenix, Ralph, Sherlock, Susie, Tophat
    Reply With Quote Quote  

  8. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #57
    DAY 27
    Study time: 11 hours (and counting), total: 121 hours
    Boxes rooted: 2, total 25/?

    Summary:

    In the middle of another long session. It's unfortunate that I have to get back on schedule and be back to work on Monday as I'm really starting to enjoy the complexity of the labs.

    My two victories today were pretty good: Pain and Sufferance. Pain was relatively painless. I had a low privilege shell on it in about 15 minutes and full root within an hour. There are much harder boxes in the network than this one. Nonetheless, a win is a win.

    Sufferance was everything you've read online and more. This box took me about 8-9 hours to root completely. The box seems to be the most realistic, real-world box I've encountered thus far in the labs. Enumeration just to get a low privilege shell took almost 6 hours. Privilege escalation took another 2, but many claim it can be done in much less. Probably so, but Linux is not my strong suit. But hey, I got there and from what I've read, the exam boxes are easier than this.

    3 of the 4 big boys down in just about 24 hours. I may go pick on some easier fruit before attempting Humble.

    Rooted (25): Alice, Barry, Bob, Core, DJ, FC4, Gh0st, Helpdesk, Hotline, JD, Joe, Kevin, Kraken, Leftturn, Master, Mike, Oracle, Pain, Payday, Phoenix, Ralph, Sherlock, Sufferance, Susie, Tophat
    Reply With Quote Quote  

  9. Member
    Join Date
    Jun 2015
    Posts
    31

    Certifications
    Security+ eJPT
    #58
    You are amazing man. I tried the OSCP a while back and get burned so hard. Please keep updating this thread and I wish you the best of luck.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #59
    Quote Originally Posted by adrenaline19 View Post
    Find the lab book syllabus and start researching each chapter now. The actual pdf and videos you receive with the course won't teach you anything. It's garbage.

    All of the real learning happens in the lab, by yourself.
    I can't agree with you on this. I've hacked a few VM's from vulnhub, had decent scripting knowledge and some decent konwledge of nmap, nikto, dirbuster, sqlmap, etc....


    I think the PDF is very well laid out and covers some good points, and is a good reference for the future. I've made a lot of notes from them.


    I do find the videos sometimes a bit tedious, e.g. it's kind of just repeating what you've read. HOWEVER, in certain times they do cover valuable things. On buffer overflows they were valuable as it was good to actually see it working and have a voice talking you through it. It made it clearer.


    The exercises - I really really don't like them. In fact I'm very close to just not doing them. Often the exercise will ask you to something quite out of scope which doesn't make any sense. It also frustrates me that they often don't provide any guidance or answers. I know it's all about "Try Harder", and I am, but it's a lab book, a training guide, a reference, so it would be nice if it tested you and also walked through the answer and reasoning. Even if you got it right, it's nice to know that.
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #60
    I'm tempted to make my own thread on the OSCP. I am 3 weeks into my 90 day course now. I'm stunned by how quickly you've gone through the materials.

    My plan was:


    Weeks 1-4: Read the PDF, watch videos and make notes... come up with enumeration checklist and some scripts
    Weeks 5-12: Do the labs and improve checklist, work on skills and get faster with the machines

    ...

    I'm on page 280 of 375 and a bit behind due to not being well. I found the buffer overflows quite difficult and after about 2 days I moved on as I needed a break. I will go back at some point when I'm fresh and re-do them. I got the overflows to work, but didn't quite grasp each step and how the debugger was working, and the different registries.

    As stated in my post above, the exercises are annoying in my view. I was naturally doing them without realising at first, as it would teach you say, nmap scans which i was trying as I read and learned. The exercise would then say 1) do the nmap scans and record results.... but it would also ask you to do something really weird which wasn't covered and was out of scope with where you were in the course. The fact it offers 5 extra points is a bit silly in my view.

    I have the whole of next week off work, so I really want to finish the PDF and Videos by Sunday, meaning that I have ALL of next week to start with the labs. I hope to do around 6 hours per day.

    I'm very keen now to start the labs as I feel I'm getting a bit lost in more and more tools and syntax. I know when I start I will become far more fluent, my enumeration will start to flow better, etc... At the minute it's entirely theoretical, even when you try the exercises as they're all set up to work and be exploited.
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #61
    Sorry, one more post - best of luck to you with the course, sounds like you're doing very well.

    Just one question, when you started the labs did you do large network wide scans for vulnerabilities and exploits? E.g. running an nmap script over the entire network for an easy target? Or did you just pick a box and start hacking it?

    Thanks and good luck again
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  13. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #62
    Quote Originally Posted by Khohezion View Post
    You are amazing man. I tried the OSCP a while back and get burned so hard. Please keep updating this thread and I wish you the best of luck.
    Thank you sir, I appreciate the kind words

    Quote Originally Posted by CyberCop123 View Post
    Sorry, one more post - best of luck to you with the course, sounds like you're doing very well.

    Just one question, when you started the labs did you do large network wide scans for vulnerabilities and exploits? E.g. running an nmap script over the entire network for an easy target? Or did you just pick a box and start hacking it?

    Thanks and good luck again
    Thank you


    I made it my goal to push through the lab materials as quickly as possible as I wanted as much time in the labs as I could have. I believe I was able to work through the material so fast because I had studying up a little bit on coding, ethical hacking, and knew some tools from the CEH course. The buffer overflow section is a beast, but just keeping pushing through it. I'm on Slack all the time if you ever have questions pertaining to the exercise. My understanding is one of the exam boxes is pretty much like the exercise, but I haven't taken the exam, so take that with a grain of salt.


    When I started the labs, I did not do any vulnerability scanning outside of what was required in the exercises. I kind of picked what looked "easy" (i.e. had only a service or two running), but even then, that's not always accurate. Some of the boxes with a lot of services open are much easier. I just like the narrow focus of having a single port or two to enumerate. I definitely shied away from attacking any web services as I feared that these were going to be full of SQL injections and other shenanigans that I was not comfortable with. It turns out, most of the web boxes have been pretty easy. You run Nikto or Dirbuster on them and enumerate what services are running. There generally tends to be some sort of vulnerability there.


    You'll start to notice the easy targets as you go. My advice is to avoid using any vulnerability scanner outside of maybe NSE. MSF auxiliary isn't really allowed outside of one box on the exam and the other scanners (i.e. Nessus, OpenVAS) are prohibited. I also highly advise using Metasploit where you can. This may be against what others say, but it'll help you pin point you exploit and execute it. You can always read the code later and rewrite the exploit to work manually. I've heard the exam has the BoF box and a super easy MSF rooted box. Again, grain of salt. However, if true, you could knock out 2/5 boxes in an hour or two then focus on the other 3.
    Reply With Quote Quote  

  14. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #63
    DAY 28-30
    Study time: 9 hours, total: 130 hours
    Boxes rooted: 1, total 26/?

    Summary:

    I've taken the last few days to relax after the hacking marathon I went through. I've mostly been working through cleaning up any notes I have, writing manual exploits to an extent, making checklists, re-checking machine dependencies, and cracking passwords. I just needed a few days to tidy up before getting back into the swing of things.

    I was able to take down Beta on Saturday. Quite the fun box, with some unique challenges that I have yet to see in the labs. The real important thing to mention is that I have scheduled my exam for November 10th. This will be somewhere around day 70. My thoughts behind this were that I am already feeling pretty comfortable in the labs. When I first started, I asked myself what was the bare minimum that I would accept before taking the exam? My answer to that was 30 boxes with the 3/4 of the big boys down. I'm currently sitting at 26/30 with 3/4 big boys down in 30 days. This allows me to use this next 30 days to really understand what it is that I am doing, write exploits, make checklists, and go back over some of the course material again. It will also give me time to write my lab guide for the exam and hack some extra boxes. If I am at 40 boxes by the exam, I will be genuinely happy. 14 more boxes in 40 days doesn't seem like much, but I am dealing with mostly hard boxes now.

    Another reason I intend to take the exam early is that it will leave me lab time to focus on where I went wrong if I fail. I'll have about 20 days of lab left and a retake is only $60, which is awesome. This saves me from doing the full 90, failing, and having to purchase more lab time. At this point, I feel like I could take the exam in a couple weeks, but I will be travling 4 out of the next 6, so I don't have time in my schedule right now.

    Tip of the day:
    Take days off. Don't get burnt out. It's really easy to do and coming back from a day off feels amazing, truly. Plus, your friends and family will appreciate you spending time with them and you'll appreciate it too.

    Rooted (26): Alice, Barry, Beta, Bob, Core, DJ, FC4, Gh0st, Helpdesk, Hotline, JD, Joe, Kevin, Kraken, Leftturn, Master, Mike, Oracle, Pain, Payday, Phoenix, Ralph, Sherlock, Sufferance, Susie, Tophat
    Reply With Quote Quote  

  15. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #64
    DAY 31

    Study time: 8 hours, total 138 hours
    Boxes rooted: 2, total 28/?

    Summary:

    Took down another 2 boxes today. Pedro and Mail are now mine. Neither were that complicated. Privesc on Mail took a while and Pedro was all enumeration. Can't really say much else on the topic, unfortunately.

    I'm heading on travel next week and my girlfriend is having her wisdom teeth out this weekend, so I'll be busy again shortly. On top of it all, all of my military commissioning just went through, so I have to start back up attending monthly drills starting this month.

    Short and sweet update tonight as I've already written a lot earlier. Until next time...

    Rooted (2: Alice, Barry, Beta, Bob, Core, DJ, FC4, Gh0st, Helpdesk, Hotline, JD, Joe, Kevin, Kraken, Leftturn, Mail, Master, Mike, Oracle, Pain, Payday, Pedro, Phoenix, Ralph, Sherlock, Sufferance, Susie, Tophat
    Last edited by m4v3r1ck; 10-04-2017 at 06:01 AM.
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #65
    Quote Originally Posted by m4v3r1ck View Post
    I made it my goal to push through the lab materials as quickly as possible as I wanted as much time in the labs as I could have. I believe I was able to work through the material so fast because I had studying up a little bit on coding, ethical hacking, and knew some tools from the CEH course. The buffer overflow section is a beast, but just keeping pushing through it. I'm on Slack all the time if you ever have questions pertaining to the exercise. My understanding is one of the exam boxes is pretty much like the exercise, but I haven't taken the exam, so take that with a grain of salt.


    When I started the labs, I did not do any vulnerability scanning outside of what was required in the exercises. I kind of picked what looked "easy" (i.e. had only a service or two running), but even then, that's not always accurate. Some of the boxes with a lot of services open are much easier. I just like the narrow focus of having a single port or two to enumerate. I definitely shied away from attacking any web services as I feared that these were going to be full of SQL injections and other shenanigans that I was not comfortable with. It turns out, most of the web boxes have been pretty easy. You run Nikto or Dirbuster on them and enumerate what services are running. There generally tends to be some sort of vulnerability there.


    You'll start to notice the easy targets as you go. My advice is to avoid using any vulnerability scanner outside of maybe NSE. MSF auxiliary isn't really allowed outside of one box on the exam and the other scanners (i.e. Nessus, OpenVAS) are prohibited. I also highly advise using Metasploit where you can. This may be against what others say, but it'll help you pin point you exploit and execute it. You can always read the code later and rewrite the exploit to work manually. I've heard the exam has the BoF box and a super easy MSF rooted box. Again, grain of salt. However, if true, you could knock out 2/5 boxes in an hour or two then focus on the other 3.
    Thanks for the useful advice there.


    Interesting advice about Metasploit, I'm glad you've mentioned that as I was going to try to avoid using it as it's not allowed in the exam, but it makes COMPLETE sense to try it, then reverse engineer what you did to really learn how to do it manually. I'd probably be lost otherwise.


    Yea like you said, I don't plan on using OpenVAS or Nessus at all. I'm sticking to the standard tools like nikto, nmap, dirbuster, hydra, etc...


    I've made my own blog now so I don't hijack yours... if you're bored, it's here:


    CyberCop's OSCP blog
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  17. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #66
    Quote Originally Posted by CyberCop123 View Post
    Thanks for the useful advice there.


    Interesting advice about Metasploit, I'm glad you've mentioned that as I was going to try to avoid using it as it's not allowed in the exam, but it makes COMPLETE sense to try it, then reverse engineer what you did to really learn how to do it manually. I'd probably be lost otherwise.


    Yea like you said, I don't plan on using OpenVAS or Nessus at all. I'm sticking to the standard tools like nikto, nmap, dirbuster, hydra, etc...


    I've made my own blog now so I don't hijack yours... if you're bored, it's here:


    CyberCop's OSCP blog
    Yeah and Metasploit is real-world, so it's good to know how to use it.

    I'll give you a follow. Good luck on your journey!
    Reply With Quote Quote  

  18. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #67
    DAY 32

    Study time: 12 hours, total 150 hours
    Boxes rooted: 0, total 28/?

    Summary:

    Today was a cleanup day as I move closer towards exam prep. I spent most of the morning/early afternoon working on my lab report. Now that my formatting is done, it seems to be coming together a lot faster. I have reports written for 3/10 machines. I hope to wrap up the other 7 tomorrow.

    I spent the last 5 hours or so trying to get a sqlmap exercise to work. I was sure I had the right machine and the right syntax, only to have sqlmap fail to get shell. Finally, I decided that maybe sqlmap is broken and it was. As soon as I used a newer version, I was able to get shell immediately. Frustrating and a waste of time.

    I feel the urge to take the exam soon. Like this weekend soon. However, the girlfriend is having her wisdom teeth out this weekend, so that's out. Next weekend is also out as I will be working. So, I scheduled it for the 20th of this month. I should have all my loose ends tied by then.

    Tip of the day:

    If something isn't working the way you should, consider updating! No brainer, right? Apparently not to me

    Rooted ( 28 ): Alice, Barry, Beta, Bob, Core, DJ, FC4, Gh0st, Helpdesk, Hotline, JD, Joe, Kevin, Kraken, Leftturn, Mail, Master, Mike, Oracle, Pain, Payday, Pedro, Phoenix, Ralph, Sherlock, Sufferance, Susie, Tophat
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #68
    Quote Originally Posted by m4v3r1ck View Post
    I spent most of the morning/early afternoon working on my lab report. Now that my formatting is done, it seems to be coming together a lot faster. I have reports written for 3/10 machines. I hope to wrap up the other 7 tomorrow.
    Can you explain what you mean by this?


    I understand that many get a report prepared in advance, but what machines are you referring to as obviously you haven't had any access to the exam machines yet.


    Is there lab machines that are also supposed to be documented in the report or something?
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  20. There is no spoon. p@r0tuXus's Avatar
    Join Date
    Nov 2016
    Location
    KCMO
    Posts
    519

    Certifications
    ITIL-F, A+, S+, CCNA
    #69
    Quote Originally Posted by CyberCop123 View Post
    Can you explain what you mean by this?


    I understand that many get a report prepared in advance, but what machines are you referring to as obviously you haven't had any access to the exam machines yet.


    Is there lab machines that are also supposed to be documented in the report or something?
    CyberCop123 -

    Bonus points towards your Exam can be earned by preparing a lab report which documents your work through some of the lab machines. I believe the awarded point value has decreased just recently so I couldn't tell you what it is. However, right below is a good thread on some resources for that final report.

    OSCP Lab/Exam Report

    Completed: ITIL-F, A+, S+, CCENT, CCNA R|S
    In Progress: Linux+/LPIC-1, Python, Bash
    Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE
    Reply With Quote Quote  

  21. Member Hornswoggler's Avatar
    Join Date
    Jun 2017
    Posts
    56

    Certifications
    A+, MCSE NT 4.0, CCNA, MCSE Win2k, CISSP, GCIH, CCSK, GPEN, OSCP
    #70
    I put 100+ pages of exercises in my lab report but once I got to the part about creating Metasploit modules I quit. I'll put that 5 points worth of effort towards exam prep. If I can't use Metasploit on the exam (except for one box) I'm not going to fill my brain with it at this time.
    Reply With Quote Quote  

  22. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #71
    Quote Originally Posted by p@r0tuXus View Post
    CyberCop123 -

    Bonus points towards your Exam can be earned by preparing a lab report which documents your work through some of the lab machines. I believe the awarded point value has decreased just recently so I couldn't tell you what it is. However, right below is a good thread on some resources for that final report.

    OSCP Lab/Exam Report
    This is exactly correct. You need 10 machines (any 10) in your lab report. I'm taking the easy way out and doing all machines which required no privesc :P

    You get 5 points for submitting the lab report and exercises. It used to be 10.
    Reply With Quote Quote  

  23. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #72
    DAY 33

    Study time: 10 hours, total 160 hours
    Boxes rooted: 0, total 28/?

    Summary:

    Another day of cleanup for me. I've got my lab report 95% done with the exception of one exercise I've been putting off. I'm up to 170 pages and counting. It has taken me approximately 25 hours to write. Part of this was because I had to redo some scans and re-root some machines to get specific details that I missed when first attacking the labs. Even still, I believe this report takes about 20 hours to write, so expect that. I'd assume the exam report takes a good 8-10 hours to write, but I could be faster now that I know the entire process.

    I'm going to try and hit the labs hard today/this weekend. I'm at the doctors as week speak waiting for my girlfriend to get out of surgery. I'll definitely spend some time taking care of her this weekend.

    Now that all of my reports are done, I only have to worry about attacking the labs and taking notes. I think I will take the week off leading up to my Friday exam, so that I can focus on hacking every last box that I can. I'm still shooting for 40 machines, but I'd be happy with 35 at this point as I've cut my exam date by nearly 3 weeks.

    Trying to end this madness as quickly as possible :P

    Rooted ( 28 ): Alice, Barry, Beta, Bob, Core, DJ, FC4, Gh0st, Helpdesk, Hotline, JD, Joe, Kevin, Kraken, Leftturn, Mail, Master, Mike, Oracle, Pain, Payday, Pedro, Phoenix, Ralph, Sherlock, Sufferance, Susie, Tophat
    Reply With Quote Quote  

  24. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,359

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #73
    Quote Originally Posted by m4v3r1ck View Post
    Trying to end this madness as quickly as possible :P
    Until you start the next madness that is OSCE
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, BSBA - University of Florida, MSISA - WGU
    Currently Working On: MS Cybersecurity, Learning Python
    Next Up:​ None
    Reading:​ Python Crash Course
    Reply With Quote Quote  

  25. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #74
    Quote Originally Posted by JoJoCal19 View Post
    Until you start the next madness that is OSCE
    Let's not get ahead of ourselves, JoJo :P
    Reply With Quote Quote  

  26. Member
    Join Date
    Aug 2017
    Posts
    66

    Certifications
    A+, Net+, Sec+, Linux+, LPIC-1, C|EH, CCNA R&S
    #75
    DAY 34-35

    Study time: 14 hours, total 174 hours
    Boxes rooted: 2, total 30/?

    Summary:

    Been back at it for a couple of days now. Managed to take down another 2 boxes, including my first in the IT network. Yesterday, I took down Dotty, which was a pain in the side box. It took me forever to figure out why my reverse shell wasn't working, but eventually I got it with a helpful hint from another student. After that, privesc took just a couple of minutes. Definitely a fantastic box to navigate through multiple exploits and admin limitations. I wanted to break some stuff at one point.

    Today, I wanted to learn pivoting. It's a topic to me that seems like sorcery. A few students have tried to explain it, but I'm still struggling with the topic. I will get it eventually, I hope. I managed to attack a box, Brett, that I had a bit of information on through exploiting other machines in the labs. Unfortunately, there was a student today who kept reverting the middle machine and really not following the unspoken protocol when it comes to not reverting machines in a certain time frame. He reverted me probably 8 times in the span of 4 hours. Thankfully, I was able to figure out what needed to be done for privesc, write the exploit on my machine, and then pop it back on the machine fast enough to get root. He reverted me shortly after.

    I've reached my initial goal of 30 machines. If I can find time, I'd like to take down Bethany and Humble before it's all said and done. After today, I believe I have two full days in the labs that I can use to work fully. From Monday until the following Monday, I have work. Then I have training the two days prior to my Friday exam. Not feeling as confident as I would if I could go in there fresh, but still going to give it a go. Worst thing that can happen is I fail with 45 lab days remaining.

    Tip of the day:

    Learn about payload encoding. Consider using it always if you have the chance.

    Rooted (30): Alice, Barry, Beta, Bob, Brett, Core, DJ, Dotty, FC4, Gh0st, Helpdesk, Hotline, JD, Joe, Kevin, Kraken, Leftturn, Mail, Master, Mike, Oracle, Pain, Payday, Pedro, Phoenix, Ralph, Sherlock, Sufferance, Susie, Tophat
    Reply With Quote Quote  

+ Reply to Thread
Page 3 of 5 First 123 45 Last

Social Networking & Bookmarks