OSCP - aka: Running head first into a brick wall - a journey

2»

Comments

  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    Redacted
    ROOTED: 12
  • CyberCop123CyberCop123 Member Posts: 338 ■■■■□□□□□□
    BuzzSaw wrote: »
    Popped "Oracle"

    It was far too easy which makes me think I need to go back and do it the hard way ...

    ROOTED: 12


    Yea i did I the same as you I think using metasploit.

    There is a python script that does the same thing with minor changes.

    I may go back but for now ive just carried on
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2021: CCSP
    2022: OSWE (hopefully)
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    Redacted
    ROOTED: 13
  • CyberCop123CyberCop123 Member Posts: 338 ■■■■□□□□□□
    BuzzSaw wrote: »
    Quick tips: you will slowly build up a good enumeration workflow

    Yea that's very true.

    At first I was really beating myself up about not having any methodology but slowly it's come just naturally. I'm still very disorganised at times but generally I'm following the same process each time.

    My note taking starts off good with each box, but I then start just throwing different exploits and don't note which I've tried.

    Additionally, as I've enumerated more and more lab machines, I've seen the same things each time, e.g. some ports come up a lot but aren't valuable, you quickly can identify when a port is not really going to go anywhere.

    So I think in that respect you start to get an instinct and an idea early on about which direction things are going in

    Good work for only 3 weeks in! Keep it up
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2021: CCSP
    2022: OSWE (hopefully)
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    Oh, something else fun I did ...

    I took over a big white board at work that is in a common area. I'm writing my hit list on it and crossing out names! It looks cool, and is good motivation to be able to cross off names on a board the next morning after my exploits at night :)
  • CyberCop123CyberCop123 Member Posts: 338 ■■■■□□□□□□
    Hey,

    As you've seen on my blog I've also had 1-2 weeks of not doing much due to general life being in the way, so I know exactly how you're feeling.

    I'm similar to you, I don't mind repeating some steps. It's funny as the further I get into this, the more I look back on earlier boxes and see how poor my appraoch was, and how all over the place my notes are. So I fully expect and I'm happy to go back to some of them - especially for post exploitation, and have a better look at IP configurations, network layouts, etc...

    I'm really keen to try to break out of the public network if I can.

    Haha, that's funny about the white board, do your colleagues know what you're up to? I hope so or they'll start worrying about you just writing "SUFFERENCE" in massive letters and GH0ST

    Keep up the good work!
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2021: CCSP
    2022: OSWE (hopefully)
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
  • HornswogglerHornswoggler Member Posts: 63 ■■□□□□□□□□
    Keep up the great work!!!
    2018: Linux+, eWPT/GWAPT
  • hal9k2hal9k2 Member Posts: 77 ■■■□□□□□□□
    @BuzzSaw My I ask you about you about your technical background and experience in pen test?
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
  • CyberCop123CyberCop123 Member Posts: 338 ■■■■□□□□□□
    Buzz saw - was the new machine you hacked with Metasploit ORACLE?
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2021: CCSP
    2022: OSWE (hopefully)
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    Buzz saw - was the new machine you hacked with Metasploit ORACLE?


    I'll PM you
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
  • CyberCop123CyberCop123 Member Posts: 338 ■■■■□□□□□□
    BuzzSaw wrote: »
    ROOTED PAIN!

    I dug in and rooted PAIN tonight. It was a great learning experience and probably more closely resembles a real world example.

    Some Tips for PAIN:
    - As with all servers, you should have write access to atleast one place in the file system
    - Make sure when you are trying your exploit you know what it is actually doing ... I had to stare at C code for awhile before it clicked with me!


    Updated hit list:

    ROOTED 16


    ALICE | MIKE | BOB | BOB2 | BARRY | PAYDAY | RALPH | PAIN | TOPHAT | DJ | ORACLE | KRAKEN | MASTER | CORE | JD | NINA


    Hi Buzz,


    I logged on to respond to your PM and then saw this post - well done!


    This is exactly like me... I think I actually posted on my thread that it taught me to at least have a flick through the code and just see roughly how it's laid out. It's also made me want to start properly learning C as it's coming up so frequently.


    Good progress, you've overtaken me though - I will have to try to overtake you or at least catch you up!
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2021: CCSP
    2022: OSWE (hopefully)
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
  • CyberCop123CyberCop123 Member Posts: 338 ■■■■□□□□□□
    BuzzSaw wrote: »
    This was the first machine I ran linuxprivchecker against.

    Weirdly... me too! I'd heard about it, but I ran it.

    I even stumbled through a few of the results and then sort of felt I was losing my way.

    A bit like you I went back and it jumped off the page when I actually looked at the code and comments! Lesson learned
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2021: CCSP
    2022: OSWE (hopefully)
  • McxRisleyMcxRisley Member Posts: 494 ■■■■■□□□□□
    Just a fair warning, you are revealing a little too much about some of the lab systems in these posts. Please delete this info so that it doesnt spoil it for others and to not draw the attention of offsec, they have admins who lurk here.
    I'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect.
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    McxRisley wrote: »
    Just a fair warning, you are revealing a little too much about some of the lab systems in these posts. Please delete this info so that it doesnt spoil it for others and to not draw the attention of offsec, they have admins who lurk here.

    there ya go ......

    Might want to go chase down the 965 blog posts on the interwebs too and let them know ........
  • McxRisleyMcxRisley Member Posts: 494 ■■■■■□□□□□
    Just saying, you should respect the rules of this forum and Offsec. You devalue thier training by giving up too much about the lab systems.
    I'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect.
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    McxRisley wrote: »
    Just saying, you should respect the rules of this forum and Offsec. You devalue their training by giving up too much about the lab systems.

    Sure thing -- Didnt mean to reveal too much
  • McxRisleyMcxRisley Member Posts: 494 ■■■■■□□□□□
    Thank you, it's ok to talk about rooting the box, you just have to avoid being too specific like not mentioning the language the exploit is in or certain tools that you used. Because a lot of times, these can be dead giveaways for those who are in the labs and scouring for hints. I know I spent countless hours searching the web for even the smallest of clues sometimes lol
    I'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect.
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    ** no more updates to follow **
  • CyberCop123CyberCop123 Member Posts: 338 ■■■■□□□□□□
    McxRisley wrote: »
    Just a fair warning, you are revealing a little too much about some of the lab systems in these posts. Please delete this info so that it doesnt spoil it for others and to not draw the attention of offsec, they have admins who lurk here.

    im a bit confused tbh as what has been discussed is on the OSCP forums themselves. I also feel that Buzz has been very diplomatic with his posts

    Thats just my take on it

    I'm pretty eagle eyed about giving too much away and only 2 days ago I emailed OFFSEC about a GitHub account which had a walkthrough for some of the lab machines
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2021: CCSP
    2022: OSWE (hopefully)
Sign In or Register to comment.