Compare cert salaries and plan your next career move
Ghostrider007 wrote: » Wow ! That is some amazing work ! You seem to be plowing through it. Well done saraguru ! I know you said you were a pro programmer but do you have any experience in the offensive side as well ?
saraguru wrote: » Sorry Ghostrider007, I somehow forget to reply to you. Actually, i was a competitive programmer so basically I have decent knowledge about Algorithms & Data Structures. However, I didn't have any experience on the offensive side when I was in my college. After completing my degree ( about 10 months ago ), I started to explore the security field.Before signing up for OSCP, I have done about 10-15 VMs in vulnhub, had a basic knowledge about web app security, linux, networking and also took part in few CTFs for fun .
saraguru wrote: » Hello All, I am back with my review for the last week..Last week was actually of the most dullest days in my OSCP journey. Monday I got a low privilege shell on a machine and on Tuesday I was able to obtain root for that same machine...That was not a hard one and I would say it is a very basic Linux Privilege Escalation technique. And from Wednesday to Friday work got too much in my way and I couldn't even find time to enter into the lab. So, I was eagerly waiting for the weekend so that I can play in the labs as much as I can. On Saturday I got a low privilege shell on machine, which was a windows box and I came to know about a very coool tool in kali which I didn't know earlier. And for Privilege Escalation, I needed a push from my friend without whom I wouldn't have got the SYSTEM for this box. Later, after rooting this I found some very valuable information which can be used against one other box in the public network. One of the most important things which I OSCP taught me is the importance of Post Exploitation. In the beginning of the course I never really cared about Post Exploitation because of which I am having lot of trouble now. So, my advice to who ever is starting their OSCP in future is "do proper post enumeration and spend some time on the box once you have got root/system on it. don't be in a hurry and jump to the next box". And on Sunday, I decided to do one more machine from the public network itself. This particular machine which I was trying had at the maximum of only 2 open ports. Proper enumeration was the key in getting this box. Once, you the required information then you get a straight SYSTEM for this machine!! Yes, direct SYSTEM And soon after rooting this box, I remember seeing a machine with similar ports open and back then I didn't do proper enumeration for that machine and just moved to the other machine. So, I decided to revisit that old machine and beat him up with the new skills I have gained. As I had guessed, this was a very similar box to the one which I had done today and I didn't have much difficulty in owning him. So, it was two boxes in a day So friends, by the end of this week, I am having 24 full shells and 3 limited shells in my hands. I am thinking of doing few more machines in the public network before attacking the IT and DEV network. One reason for doing so is we have less that 10 machines in each of the network and I already have one machine from each of them. I will be taking 2-3 days off from my work for my preparation, so hope I will be back with much BIGGER and SWEETER update next week!!
paul78 wrote: » I'm really enjoying following your updates. Good luck and I hope to read more. Question - I see you were a software engineer/programmer. Is that what you do for a living? I'm curious about your professional background and why you decided to take on the OSCP.
TankerT wrote: » I as well am reading all of your updates. Please keep them coming!
Dr. Fluxx wrote: » Great stuff, Keep us posted!
saraguru wrote: » Thanks all for reading this.
saraguru wrote: » Hello Everyone, I actually thought of posting an update only a week later. But after getting a reverse shell on this particular machine I just couldn't resist myself without posting my experience. I will try not to disclose any information which I am not supposed to. This particular machine ( let us say X ) has to be obtained by using a client side attack and had a dependency ( let us say Y ). Y was a very easy machine and got him yesterday. After getting the Y, and doing some post exploitation work, it became clear of what to do to get X. However, the method I tried to get the shell was not successful at all. It was like "I was able to smell the shell but didn't have the opportunity to taste it". I set up my netcat listener with the hope that X would visit me. But X refused to connect with me. Having lost hope, I went to the forums and few people suggested to few different ways of delivering the payload to X and not stick to one method. After reading this, an idea popped up in my head . So, I did that thing which popped in my mind, and with my fingers crossed again I was just starring at my terminal which said "nc -lvp 443". Anddddddddd finally Mr.X connected to me . That moment when I saw the shell, I felt like shouting loud. This has been the best moment in my OSCP journey so far. That feel of waiting for a shell for a long time and getting it is nondescribeable. This whole time I was feeling like a small kid who has been refused to give Icecream which he likes the most, which is just in front of him. And on monday, I attacked PAIN considered one of the three most difficult machines in the lab. I got a limited shell easily and proper enumeration was the key for it. However, I was stuck with privilege escalation and I think that is the part which makes him call PAIN. I decided to do that part later and went on to other machines. Well, that's it what I wanted to share with you all for now!!
Ghostrider007 wrote: » Wow ! Great update sara ! Everytime I read your updates, I'm get more eager to get started in a week on this journey... You're definitely such a positive influence on this seemingly tough journey ! Keep the updates coming, good luck with PAIN (i've heard some cool stuff about it too ) !
LonerVamp wrote: » I really enjoyed your background bit just above. Very exciting and sounds like the right doors opened up for you based on your hard work. Good job!! You should join up on the Discord other TE OSCP students have around here!
darioosh wrote: » I should work and instead I'm reading updates! I'm planning OSCP too and this post is just awesome!
SaSkiller wrote: » Saraguru, How d you know what you need to modify in the various exploits? I as working trough a vulnhub and while I figure that at some points I would have had an idea of what needed to be fixed , ultimately its only through searching and finding guides to the specific exercise was I able to get through it. I feel like i'm missing something.
jtoca wrote: » Nice! Keep up the good work.
saraguru wrote: » I am not quite sure what kind of exploits you are talking about SaSkiller. If you are talking about privilege escalation exploits, I found that, most of the time the error messages which you get while compiling or running are a good point to start googling for. Those errors might be due to some missing libraries or incompatible ones. In rare cases I have to go through the code and it will require only very little or no modification in 90% of the cases. If you have any specific scenario, then if you describe it, may be I can provide you more information
sesha437 wrote: » Sorry to hear Your preparation and efforts are good. You can easily clear next time. Have a break and try again.
Compare salaries for top cybersecurity certifications. Free download for TechExams community.
