+ Reply to Thread
Page 4 of 4 First 1234
Results 76 to 92 of 92
  1. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #76
    Quote Originally Posted by Mooseboost View Post
    Looking forward to seeing your "I passed" post.
    Me too!
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #77
    WEEK 12 - UPDATE

    Not been a great week so far. Not had much chance to do much work and what I have done hasn't been productive.

    I'm really stuck on one machine - it's not a hard one, in fact I think it's one of the easier ones but the privilege escalation is just a MASSIVE WEAK POINT for me.

    With this particular machine I know the route in to escalate privileges but just can't figure out exactly how to.

    It's ridiculous sometimes on the OSCP that some of the more difficult things are easy, yet you have blindness to the easier ones. It's happened before, where you struggle on a really simple thing because you're just thinking way too much about it.

    Anyway, I will try again tonight and possibly forget it and move on as I've wasted about 12 hours on this particular machine.

    Got the whole of Saturday and Sunday to work on it so hopefully I can up my numbers.

    My lab time expires in 10 days time. I will buy another 30 days as money is very tight and I can't afford much more. I'm planning my first exam attempt towards the end of January.
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  4. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #78
    Quote Originally Posted by CyberCop123 View Post
    WEEK 12 - UPDATE

    Not been a great week so far. Not had much chance to do much work and what I have done hasn't been productive.

    I'm really stuck on one machine - it's not a hard one, in fact I think it's one of the easier ones but the privilege escalation is just a MASSIVE WEAK POINT for me.

    With this particular machine I know the route in to escalate privileges but just can't figure out exactly how to.

    It's ridiculous sometimes on the OSCP that some of the more difficult things are easy, yet you have blindness to the easier ones. It's happened before, where you struggle on a really simple thing because you're just thinking way too much about it.

    Anyway, I will try again tonight and possibly forget it and move on as I've wasted about 12 hours on this particular machine.

    Got the whole of Saturday and Sunday to work on it so hopefully I can up my numbers.

    My lab time expires in 10 days time. I will buy another 30 days as money is very tight and I can't afford much more. I'm planning my first exam attempt towards the end of January.
    Just keep at it man!

    I've spend the last week or so working on the big 4. I've rooted HUMBLE, PAIN, and Gh0st ... but Sufferance is .... well .... making me suffer

    I don't think I am ready for the exam yet ... but I think I am going to schedule it for Dec 12 only because my lab time expires the next day, which should tell me if I need to renew or not.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #79
    Quote Originally Posted by BuzzSaw View Post
    Just keep at it man!

    I've spend the last week or so working on the big 4. I've rooted HUMBLE, PAIN, and Gh0st ... but Sufferance is .... well .... making me suffer

    I don't think I am ready for the exam yet ... but I think I am going to schedule it for Dec 12 only because my lab time expires the next day, which should tell me if I need to renew or not.
    thanks dude!

    thats brilliant you've done those machines. I've not started them but planning on humble and gh0st after christmas as I have an entire week to dedicate to it.

    If I don't end up getting sufferance I won't be too upset. It sounds a really tough one.

    Its now getting to the stage where I just want to do and pass the exam. The labs are great but tiring!

    Good plan for the exam. I obviously want to pass but I'm treating my first attempt as a chance to see what it involves. So if I fail then that's fine it's just part of the prep.

    Hope you get into sufferance!
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #80
    WEEK 12 UPDATE

    6 days of lab access left
    This weekend was incredibly frustrating and my motivation levels were low. As a result I barely did much except a few half hearted attempts with two boxes which are still really confusing me. No obvious access points or vulnerabilities. They have ports open that don't mean anything to me and Google results doesn't through up much at all. I've even trried a few Metasploit attacks but nothing at all has come of it.

    I spent most of the weekend on an unrelated project as I was a bit fed up.

    I posted before about one machine that is killing me and that is JOE. I've seriously had it with it, I've spent about 15 hours now on the machine trying to escalate privilege and can't. I know the weak point in the system but just can't get it to work and continually just get the same access level shell back. This was kind of what really sapped my motivation to be honest.

    Anyway, today I've managed about 5 hours work.

    One good thing is I FINALLY managed to get a shell on GAMMA. Seriously this is a really really difficult machine. People go on about PAIN, SUFFERENCE, HUMBLE (I've only got 1/3 of them) but I swear Gamma must be up there as one of the most difficult ones. I'm not trying to get privilege escalation. I know the weak point again but it's something that I'm finding confusing so I will have to read up on it and learn some stuff before looking at this.

    I also got a full shell with SUSIE which actually was very easy and refreshing to have something less challenging.

    Renewing my lab time

    I will have to renew my lab time. I can't really afford to do longer than a month at the minute, so will just do that for now. That will take me up to early January. I have time off over Christmas. I'm hoping to do my first exam attempt at the end part of January.

    I am 22 machines down so far. I feel really CONFIDENT, especially in Windows Privilege Escalation.

    If I have any chance of passing an exam I seriously need to improve in that area. Anyway, it's hard going at the minute, but will keep going and hopefully make progress in the next week or two.


    Rooted (22): Alice, Alpha, Barry, Beta, Bethany, Bob, Dotty, Helpdesk, Kevin, JD, Lefturn, Mail, Mike, Oracle, Pain, Payday, Pheonix, Ralph, Sean, Sherlock, Susie, Tophat
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #81
    Just a quick update. Managed to fully root GAMMA. It was weird as I was struggling and looked in the forum and a lot of people are talking about one specific technique to achieve System level access.

    I found an exploit online, compiled it and after running I had full system access. Guess it shows there's many ways to get there.

    Going to go back to JEFF now - one machine that I just can't understand...


    Rooted (23): Alice, Alpha, Barry, Beta, Bethany, Bob, Dotty, Gamma, Helpdesk, Kevin, JD, Lefturn, Mail, Mike, Oracle, Pain, Payday, Pheonix, Ralph, Sean, Sherlock, Susie, Tophat
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  8. Senior Member shoey's Avatar
    Join Date
    Jun 2016
    Location
    Knowhere
    Posts
    108

    Certifications
    Life
    #82
    Keep up the good work man!! Quick question for ya: Do you reset machines right off the bat, or will you wait (and if you wait, how long on average before you decide to reset the machine)?
    "I have missed more than 9,000 shots in my career. I have lost almost 300 games. 26 times, I've been trusted to take the game winning shot and missed. I've failed over and over and over again in my life. And that is why I succeed." - Michael Jordan
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #83
    Quote Originally Posted by shoey View Post
    Keep up the good work man!! Quick question for ya: Do you reset machines right off the bat, or will you wait (and if you wait, how long on average before you decide to reset the machine)?
    Good question!


    If I am starting a new set of scans, like at the very beginning of enumeration I will always revert so that I get an accurate set of results.


    A lot of my approach to reverts depends on the type of day I'm having. For example, days where I am intending to spend ALL DAY on the OSCP I will be a bit cautious with the reverts as I may need them if I get to the exploiting stage.


    Reverts I've found are very valuable when:


    1) You first scan the machine for ports and services
    2) You launch an exploit or one fails, this often causes the service to crash or become unresponsive
    3) You gain entry and don't want to see spoilers or have other issues affect you




    I won't revert if I'm doing something like looking at the website of the host as it doesn't seem worth it.


    In terms of reverts, I also try to revert late at night (before the midnight cut off point) and then run a scan then.


    That means the next day I have the full amount of reverts left, and have all the results from the scans from the previous night. As opposed to doing this the next day and burning 1-2 reverts scanning a couple of machines.


    I've said on other posts that I have around 5-6 machines which I'm actively hacking away at, and I flick between them every few hours/days until I make progress.
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #84
    WEEK 12 - UPDATE

    Managed to root two more hosts yesterday and this morning - JEFF and NIKY.

    In terms of Jeff that was achieved with Metasploit. I haven't looked at the manual exploit too much but may try to go back to do that.

    4 days access to labs left.



    Rooted (25): Alice, Alpha, Barry, Beta, Bethany, Bob, Dotty, Gamma, Helpdesk, Kevin, JD, Jeff, Lefturn, Mail, Mike, Niky, Oracle, Pain, Payday, Pheonix, Ralph, Sean, Sherlock, Susie, Tophat
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #85
    WEEK 12 - UPDATE

    Managed to root DJ last night which wasn't too difficult as there was a lot of similarities with another machine I'd previously dealt with. Funnily I gained low privilege shell, then went to sleep. I woke up about midnight and the answer of how to get root access dawned on me so I jumped up and went straight to computer and it worked.

    I spent about 2-3 hours trying to look for an access point into another machine. I then checked the forum for a hint and the first thread said to avoid the machine as it's not directly vulnerable. Annoying to "waste" the time, but as they say, the OSCP does try to represent real life so that's the way it goes I guess.

    I'm now starting to seriously look at exam dates for the middle of January. I'm going to try to book this in within the next few days.


    Finally, I'm trying my best to avoid Humble and Sufference! Actually, to be honest I'm putting it off until I have time off work as I want to concentrate as much time as I can to them rather than 1-2 hours each night.



    Rooted (26): Alice, Alpha, Barry, Beta, Bethany, Bob, DJ, Dotty, Gamma, Helpdesk, Kevin, JD, Jeff, Lefturn, Mail, Mike, Niky, Oracle, Pain, Payday, Pheonix, Ralph, Sean, Sherlock, Susie, Tophat
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  12. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #86
    Keep up the good work! I've rooted Humble and Sufferance, and I can say that they do take some time. I spent an entire week working on "the big 4" ... but in the end it was worth it! Let me know when you are taking the exam! My exam date is rapidly approaching
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #87
    Thanks Buzzsaw - I've PM'd you.

    WEEK 12 - UPDATE

    Not much to update on, no more roots achieved. But I have booked my exam! I did originally plan for the end of January. However, my lab extension takes me up to 10th January, and so I've booked my exam in for the 11th January, so there's no big gaps and no further need at that point to extend my lab access.

    I'm taking 2 days off work in order to do the exam and recover/rest.

    The exam starts at 12pm, so that hopefully will allow me to sleep more and not rush early in the morning, especially as I struggle at times to sleep.
    I'm also off work Saturday, Sunday, Monday, Tuesday, Wednesday. So that's some solid time I have to dedicate to more lab work. I'm going to probably start my attempts at Humble and Sufferance this weekend. I'd also like to try attacking some of the other networks, particularly the IT network which I already gained access to.
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  14. Junior Member
    Join Date
    Jul 2017
    Posts
    24
    #88
    Quote Originally Posted by CyberCop123 View Post
    Thanks Buzzsaw - I've PM'd you.

    WEEK 12 - UPDATE

    Not much to update on, no more roots achieved. But I have booked my exam! I did originally plan for the end of January. However, my lab extension takes me up to 10th January, and so I've booked my exam in for the 11th January, so there's no big gaps and no further need at that point to extend my lab access.

    I'm taking 2 days off work in order to do the exam and recover/rest.

    The exam starts at 12pm, so that hopefully will allow me to sleep more and not rush early in the morning, especially as I struggle at times to sleep.
    I'm also off work Saturday, Sunday, Monday, Tuesday, Wednesday. So that's some solid time I have to dedicate to more lab work. I'm going to probably start my attempts at Humble and Sufferance this weekend. I'd also like to try attacking some of the other networks, particularly the IT network which I already gained access to.
    Wishing you all the best of luck!
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #89
    Quote Originally Posted by katawia View Post
    Wishing you all the best of luck!
    Thanks Katawia, appreciate that and thank you for reading!!!
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #90
    WEEK 13 (Extension 1) - UPDATE

    As planned, I have extended for 1 month. That takes me right up to my exam date and should allow me some more time to get a few more machines and finish lab report. I'm still not planning on writing up exercises, I will have to sacrifice the 5 points on offer there.

    The last few days have been dedicated entirely to rooting HUMBLE which I have just done. It was extremely difficult and frustrating. It took me around 15-20 hours to gain a limited shell and about 20 minutes to escalate. If Sufference is as hard as that then wow, I don't want to know!

    I'm off work the next two days, but one of those I will be christmas shopping, so I will dedicate one day entirely to the OSCP to try to bring down another few machines.


    Rooted (27): Alice, Alpha, Barry, Beta, Bethany, Bob, DJ, Dotty, Gamma, Helpdesk, Humble, Kevin, JD, Jeff, Lefturn, Mail, Mike, Niky, Oracle, Pain, Payday, Pheonix, Ralph, Sean, Sherlock, Susie, Tophat
    Last edited by CyberCop123; 12-11-2017 at 07:23 AM.
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  17. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #91
    Hey fellow suffering of pain

    Keep up the good work!

    Also, I hate to say it, but I actually thought sufferance was harder than Humble ... I know you don't want to hear that ....

    I know how it goes though. I spent an entire week working on the big four, and it probably equaled about 7-9 hours a day. It's rough because you get so focused, yet you also get thirsty to solve the puzzle!
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #92
    WEEK 13 - UPDATE

    Managed to root Gh0st - it was a bit of an odd machine and totally different to the rest of the ones I've dealt with. It was an important lesson in just digging and looking into things thoroughly.

    Privilege Escalation was pretty easy and a silly mistake meant it took me about 2 hours when it should have taken me about 5 minutes! Lesson learned though.

    26 days until my exam. Not sure how I feel about it. To be brutally honest I just want to get my OSCP and not have the pressure of it on me all the time.

    Rooted (29): Alice, Alpha, Barry, Beta, Bethany, Bob, DJ, Dotty, Gamma, Gh0st, Helpdesk, Humble, Kevin, JD, Jeff, Joe, Lefturn, Mail, Mike, Niky, Oracle, Pain, Payday, Pheonix, Ralph, Sean, Sherlock, Susie, Tophat
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

+ Reply to Thread
Page 4 of 4 First 1234

Social Networking & Bookmarks