Trouble applying theory to actions

Shane2Shane2 Member Posts: 65 ■■■□□□□□□□
in Other Security Certifications
Hey guys,

I'm finishing up my CEH, and decided to download some Vulnhub VMs to try my luck. A part from getting some flags on Mr Robot1, and exploiting VSFTP to root Metasploitable 2, I am having a tough time with success. I'm probably going to take the eJPT to brigde the gap between theory and practice.

Do you guys have any other suggestions? I will say, I spent 5 hours yesterday trying to access a VM, and while I have yet to root it, I had a ton of fun.

Any suggestions are appreciated.
· Share on FacebookShare on Twitter

Comments

  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    Ah the fun and adrenaline rush of rooting a machine. I rooted my first VM yesterday too outside of the lab environment for the eJPT.

    Their method works and what i find that is starting to sink in after more and more practice is the one advice that everyone recommends, enumerate, enumerate, enumerate. Many times i was getting stuck on trying to exploit a vulnerability with no success only to find out that you can try and exploit other ones, don't just get stuck in one. After getting over thay mindset, was able to have even more fun.
    · Share on FacebookShare on Twitter
  • JasminLandryJasminLandry Member Posts: 601 ■■■□□□□□□□
    As TheFORCE said, the key is to enumerate.
    · Share on FacebookShare on Twitter
  • LonerVampLonerVamp Member Posts: 518 ■■■■■■■■□□
    There are walkthroughs available for those boxes. Rather than read through all the answers, try to a) read through only enough to get you past a certain spot, or b) go through the actions yourself as you read through. You'll still learn a lot!
    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
    · Share on FacebookShare on Twitter
Sign In or Register to comment.