+ Reply to Thread
Page 2 of 2 First 12
Results 26 to 41 of 41
  1. Junior Member
    Join Date
    Jan 2017
    Location
    Africa
    Posts
    14

    Certifications
    OSCP, CISSP, CEH, PCNSE7, MCP...
    #26
    Quote Originally Posted by Higgsx View Post
    Thank you for replying.

    I've question:

    Are exploiting master and slave servers different from rest of the machines? I think I need specific knowledge like how kerberos and ldap works, kerberos ticket hacking or something fancy like that.
    You will get a foothold into both of these as you progress through the lab. It should be obvious when you see it.
    Last edited by deadjoe; 03-14-2018 at 08:30 AM.
    Reply With Quote Quote  

  2. SS
  3. Member
    Join Date
    Dec 2015
    Posts
    59

    Certifications
    GCIH
    #27
    Month 1

    I rooted 8 machine and got low privilege shell on 'sufferance'.

    rooted machines: alice, ralph, mike, leftturn.local, payday, pain, barry, phoenix
    low priv shell: sufferance

    In summary I worked on 9 machines. I suffered 2 days on sufferance and got low priv shell yesterday, I will try to root that too today.

    As I read many reviews on lab machines I realized that I have very bad progress. Some people exploits 20-30 boxes in 1 month and I exploited only 9 machines
    I started with 10.11.1.5 and went through 50 incrementally. I didn't try to find low hanging fruits - maybe this is reason why I just did 9 machines in 1 month or maybe because I don't like switching between boxes when one box is hard to exploit. If I can't exploit box I don't like switching to another. I dedicate whole days,hours on that 1 box.

    sufferance was really HARD.

    Now, I'm trying to find and exploit low hanging fruits.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Nov 2016
    Location
    Iowa
    Posts
    115

    Certifications
    OSCP, OSWP, CISSP, CCNA Cyber Ops, Sec+
    #28
    First of all, you cannot judge and compare your progress with other students. Everyone brings a different level of experience and time commit to the course. You are going at a fine rate if you're learning things, honing your methodology, and feeling better about it.

    You've also opted to tackle sufferance (and Pain earlier), which is always going to skew your time and frustrations higher than usual. I think most students leave these for later.

    I sympathize with sticking to one box until you get it. For the most part, I did the same thing with two notable exceptions (Pain and Ghost). But, do keep in mind that you have 24 hours to do 5 boxes in the exam. You're going to have to skip around and keep a few balls in the air. Also, if you run into a box in the labs that can only be solved by looking at another box, you're in for some serious frustration if you don't move on.

    It's not bad that you think about the boxes often. I'm pretty sure I rooted a few boxes in my sleep, woke up, and next time I sat down to work on the box, I indeed had dreamt the correct solution. Just make sure you're taking some time for mental and physical breaks, otherwise you're going to burn out.

    Did you finish the course materials?

    I also suggest doing the exercises, you'll learn a lot, and all of it can be applied to the lab at some point. Yes, it will take time, but in reviewing your notes and such, you may learn a lot, which I think is your biggest gain just from judging by your posts.

    Don't agonize over any domain-connected machines. Go over the material, look at them again, and do your enumeration. You'll be fine. Try to not make this harder than it is.

    And make no mistake, pen testing and exploiting vulnerabilities like this is indeed hard. Is the course advanced? It's more advanced than most security folks ever get, for sure, but it's just the tip of the iceberg in the greater world of offensive security.
    -------------------------------------------------------
    Security Engineer/Analyst/Geek, Pen Testing
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    317

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #29
    +1 for Loner's response. Sounds like you are doing just fine Higgs, enjoy the journey!
    Reply With Quote Quote  

  6. Member
    Join Date
    Dec 2015
    Posts
    59

    Certifications
    GCIH
    #30
    Quote Originally Posted by LonerVamp View Post
    First of all, you cannot judge and compare your progress with other students. Everyone brings a different level of experience and time commit to the course. You are going at a fine rate if you're learning things, honing your methodology, and feeling better about it.

    You've also opted to tackle sufferance (and Pain earlier), which is always going to skew your time and frustrations higher than usual. I think most students leave these for later.

    I sympathize with sticking to one box until you get it. For the most part, I did the same thing with two notable exceptions (Pain and Ghost). But, do keep in mind that you have 24 hours to do 5 boxes in the exam. You're going to have to skip around and keep a few balls in the air. Also, if you run into a box in the labs that can only be solved by looking at another box, you're in for some serious frustration if you don't move on.

    It's not bad that you think about the boxes often. I'm pretty sure I rooted a few boxes in my sleep, woke up, and next time I sat down to work on the box, I indeed had dreamt the correct solution. Just make sure you're taking some time for mental and physical breaks, otherwise you're going to burn out.

    Did you finish the course materials?

    I also suggest doing the exercises, you'll learn a lot, and all of it can be applied to the lab at some point. Yes, it will take time, but in reviewing your notes and such, you may learn a lot, which I think is your biggest gain just from judging by your posts.

    Don't agonize over any domain-connected machines. Go over the material, look at them again, and do your enumeration. You'll be fine. Try to not make this harder than it is.

    And make no mistake, pen testing and exploiting vulnerabilities like this is indeed hard. Is the course advanced? It's more advanced than most security folks ever get, for sure, but it's just the tip of the iceberg in the greater world of offensive security.
    Thank you for this long reply I appreciate that. yes I finished course materials both pdf and videos. But i didn't finish metasploit chapter I just skipped it, gonna read and watch it soon. Also I have to brush up some password cracking stuff I don't remember some of the stuff and on one machine I'm stucked in password cracking.

    Blucodex
    Thanks

    ----
    UPDATE:

    So so.
    yesterday I rooted sufferance. I spotted something unusual and I remembered one vulnhub machine and then priv esc was so easy. Also I rooted "Kevin" so soon, in about 30 minutes without metasploit and also unclocked IT department so happy.

    My summary:
    Rooted(11): alice, phoenix, barry, mike, ralph, leftturn, kevin, pain, sufferance, mail, payday

    I don't have any machine with low priv shell. Every machine I exploit eventually got rooted

    So, vulnhub and HTB machines helps so much also experience in linux to spot unusual behaviours, files, permissions and so on...

    And notes,notes,notes, very important. I didn't take notes on some of the machines listen above and I forgot which machine I exploited and I thought i exploited 9-10 but actually I exploited 11 machines!

    Confidence level is very very high

    P.S I'm little bit impatient person so patience was important to exploit boxes.
    Reply With Quote Quote  

  7. Member
    Join Date
    Dec 2015
    Posts
    59

    Certifications
    GCIH
    #31
    I rooted 3 more boxes: sean, kraken, bob
    bob was so so easy for me.Priv esc wasn't difficult, I managed to root in 1 hour.

    BUT:

    I need advice, when should I take exam? I understand I should take exam after lab time ending but question is how many weeks after i should take exam?
    my lab time ends on 19 April and I booked exam on 26 May. Is it preferable? or should I just take exam quickly after lab time ending(for example: 20-21 April)? while lab experience is still fresh in my mind.
    Reply With Quote Quote  

  8. Junior Member Registered Member
    Join Date
    Jun 2017
    Location
    Chicago
    Posts
    2

    Certifications
    OSCP, CISSP, CCSP, CISM, AWS:SAA/DVA/SOA, CCNA (Expired)
    #32
    Unless you're going to be doing supplemental work afterward, I would suggest taking the exam as soon as you can once your time is up (or if your feeling ready/adventurous, take it before your time is up). Also at $60/retake, it isn't a terrible investment just to take it and see where you are at that point; you could surprise yourself
    Reply With Quote Quote  

  9. Member
    Join Date
    Dec 2015
    Posts
    59

    Certifications
    GCIH
    #33
    Day 38


    Rooted humble,master,slave and core on recent days. Recent days I had really terrible times when I was doing Humble, for me it was the most hardest machine I had ever met in PWK labs, It took 5-6 days. Master and Slave boxes were super easy. I decided to schedule my exam after 1 month from lab time ending. I scheduled exam on 26 May, lab time ends on 19 April. I'm not sure if I made correct decision but good thing is that I can change that time up to 3 times. So I may take exam a bit early I don't know for this moment

    I rooted boxes(20): Alice, phoenix, master, pain, slave, sufferance, humble, mike, mail, core, barry, kraken, kevin, sean, susie, ralph, payday, lefturn, bob, susie

    I have root privileges on all of them, no boxes with low priv shell and that's good. To be honest I didn't expect that I would made that far progress in just 38 days. I almost gave up on 'humble', it was driving me crazy, it was stressing me out that I had a one day fever. But I didn't give up! I made a promise to myself that I would do ALL boxes in PWK labs in just 60 days and I will do it!

    Remember, yes enumeration is a key but personally I think that PATIENCE is the most important key to success. It is very easy to lost patience when you are doing this machines.

    I WILL BE BACK
    Reply With Quote Quote  

  10. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,521

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, AWS CCP, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #34
    Awesome progress Higgs!
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, AWS CCP, CEHv8, CHFIv8, ITIL-F, BSBA - UF, MSISA - WGU
    Currently Working On: MS Cybersecurity, AWS Certified Security - Specialty, Learning Linux & Python
    Next Up:​ AWS Certified Solutions Architect - Associate
    Reading:​ A Cloud Guru, Code Academy
    Reply With Quote Quote  

  11. Junior Member
    Join Date
    Jan 2017
    Posts
    16
    #35
    Continue pwning done everything manually I guess?
    Reply With Quote Quote  

  12. Member
    Join Date
    Dec 2015
    Posts
    59

    Certifications
    GCIH
    #36
    Quote Originally Posted by BlueMushroom View Post
    Continue pwning done everything manually I guess?
    I used metasploit on just 2 boxes.
    ---

    Thanks guys
    Reply With Quote Quote  

  13. Junior Member Registered Member
    Join Date
    Apr 2017
    Posts
    2
    #37
    Good progress Higgsx, any update?
    Reply With Quote Quote  

  14. Member
    Join Date
    Dec 2015
    Posts
    59

    Certifications
    GCIH
    #38
    Hello all.
    Long time I haven't updated this thread.

    My lab time ended today at 04:00 AM.

    Rooted boxes(31): alice, phoenix, mike, ralph, payday, sufferance, mail, pain, barry, lefturn, kevin, sean, kraken, bob, susie, humble, core, master, gh0st, helpdesk, bethany, joe, dotty, beta, gamma, jd, dj, tophat, hotline, FC4, alpha(without looking at walkthrough)


    'alpha' was my last box that I rooted 3 hours before lab time ending. I was sure I was able to root all box in lab but expectations and reality is sometimes different, I couldn't do all box because of time, personal life, and I wasn't experienced enough, I confess sometimes I was very lazy and tired of this words: "Try Harder", "enumerate more" - this sentences killed me almost But in summary It was great experience, I learned a lot, I learned many technical stuff but I also learned how to manage stress which I think is very important if you do pentesting. Buffer overflow sections wasn't difficult at all. I was already experienced in it before enrolling in PWK training. As I said earlier in this thread, patience is very important, I almost gave up on humble,alpha and sufferance but with enough time dedication and passion I was able to root them.

    Big bosses: pain,sufferance,humble,gh0st - pain was easy, sufferance and humble was the most hardest boxes for me, I don't remember about gh0st

    I scheduled my exam on 26 may 11:00 PM. I'm going to invest time on vulnhub machines, got list of all OSCP like boxes and I will start rooting them too until 26 May.

    I didn't lab and exercises report, simply because it has just 5 point and decided to not make reports for them. I decided to spend all my time actually attacking boxes.I'm not saying this is correct and everyone should do it.

    I used metasploit on just 2 boxes. I didn't read metasploit chapter in pdf simply because I was going to use less metasploit and decided to learn metasploit after my lab time. I think manual exploitation gives you much much more knowledge and experience than simply opening ./msfconsole,filling numbers and run.

    and yeah, multi/handler and netcat was my little friends I love them

    I just unlocked IT department and rooted sean. I wasn't able to get to dev and admin network. I wanted to root all boxes in public network

    Unfortunately I'm not going to take OSCE this year because of finances, as I said earlier expectations and reality is different

    So,that's it

    I hope I will pass exam on first attempt.
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    317

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #39
    Great work Higgs!
    Reply With Quote Quote  

  16. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    676

    Certifications
    CEH, CCNA: R&S, eJPT, JNCIS-SEC, CompTIA CSA+, CompTIA Security+, CompTIA Network+
    #40
    Great progress in the lab! Looks like you are setup pretty good for a first time pass on the exam based on your performance so far. I suspect we will see a pass post at the end of may.
    Reply With Quote Quote  

  17. Junior Member
    Join Date
    Oct 2016
    Location
    North Carolina
    Posts
    29

    Certifications
    CISSP, GPEN, CEHv7, Sec+, ITILv3
    #41
    Congrats and good luck on the exam dude!!!
    Reply With Quote Quote  

+ Reply to Thread
Page 2 of 2 First 12

Social Networking & Bookmarks