HackTheBox - Pro Labs / Rasta Labs review

BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
After completing my OSCP, I decided to attack the pro lab offering from Hack The Box. I did it a bit on a whim but am glad I did!

The lab is built and administered by RastaMouse, but is hosted on the HTB platform. The lab consists of an up to date Domain / Active Directory environment. the targets are 2016 Server, and Windows 10 with various levels of end point protection. The lab also features segregated networks that will require you to carefully route through the network to achieve different goals.

The ultimate goal is to achieve perimeter level access into the network, work your way through the network, and ultimately hack your way into Domain Admin. There are flags to obtain along the way.

The lab will challenge you to learn new techniques, learn tools you may not be used to using, and to learn how to think more like a red team member.

This lab provides MANY MANY learning opportunities, and can be bought one month at a time. In my experience, I was able to fully hack the environment with a 1 month ticket (aside from the ROP challenge ....)

I'd highly recommend this lab for those that would like to attack a more modern network!



  • LonerVampLonerVamp Member Posts: 518 ■■■■■■■■□□
    Not fishing for spoilers, but they mention 16 flags. Is that roughly 16 machines in that environment? I'm just looking to gauge the size of that network.

    I believe I read that you solved all of the PWK labs (I did as well!). How would you compare the difficulty, scope, or realism between rastalabs and going through the comparable parts of the OSCP? (domain, but mostly pivoting through networks)

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    So, there are actually 17 flags. But admittedly, the main goal is domain admin. The flags are basically the mechanism in use to be able to allow it to exist in the HTB framework. Some of the flags are on the attack path, some are not.

    The network size can be seen here: https://zeropointsecurity.co.uk/docs/RastaLabs-Info.pdf

    As for realism, I think its a pretty realistic lab. I am not a redteamer by trade, but I can say that the domain environment presented in this lab is much more secure than most of the customers I work with. In that regard, its a pretty decent model of what a secure domain could look like in the real world.

    It's hard to compare the two. The OSCP lab is great at teaching certain lessons. But over all, its more about teaching a way of thinking. Obviously that carried over well into this lab. However, this lab will require more recent attack vectors. The OSCP works mostly on dated exploits and methods. Further, aside from a select few, none of the OSCP labs are in the same domain trust.

    I'll just say it this way. The OSCP was pretty much the greatest learning experience of my life. But there were times it felt useless in that Rasta Labs. NOT BECAUSE THE OSCP IS BAD or somehow "worthless" - but because the nature of the two are different.
  • LonerVampLonerVamp Member Posts: 518 ■■■■■■■■□□
    Thank you, that's an absolutely excellent response!

    I may have to stick my foot in there sometime yet this year. And it may work as a place to point people with an OSCP towards. Often, it seems students get through the course and wonder (yearn) for what's next, especially those that don't have a daily offense job. Other than diving into far more expensive in-person courses, the options beyond exploit development (SLAE/OSCE) are few.

    This, at least, might be a nice bridging point, it sounds like.

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
  • aakashc1aakashc1 Member Posts: 41 ■■□□□□□□□□
    I want too to start the rastalabs but it need highly skills level.I believe if i get a good path which help me to solve rastalabs then i definately learn myself by following path.Thats mean i need guidance.
    I also did OSCP this month.
  • yoba222yoba222 Member Posts: 1,237 ■■■■■■■■□□
    Thanks for posting this review. Maybe I missed it but I couldn't find a page with a price for the pro labs anywhere.

    I'm on the lookout for good training materials and I'll likely using Virtual Hacking Labs instead as of now, but this looks promising.

    EDIT: Looks like $125/month. A bit pricey.
    A+, Network+, CCNA, LFCS,
    Security+, eJPT, CySA+, PenTest+,
    Cisco CyberOps, GCIH, VHL,
    In progress: OSCP
  • meni0nmeni0n Member Posts: 68 ■■■□□□□□□□
    I signed up for VIP and did some of the beginner-intermediate machines and learned a lot. Not sure how close they come to OSCP style but I've veen doing most of the machines without metasploit. It's been fun/challenging to say the least. I really need to work on my enumeration and priv escalation. Especially on windows boxes
  • sesha437sesha437 Member Posts: 48 ■■□□□□□□□□
    Even I have the same question. How these machines are similar to OSCP exam or lab machines?
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
    I think its important to understand that there is a difference between the HTB boxes and the Rastalab boxes. Frankly, HTB boxes are singular boxes similar to OSCP. Rasta is a domain environment.

    You can read my first two messages if you are still looking for an understanding of how they compare to OSCP. Frankly, they dont. Again, not because one = "bad" and the other = "good" -- Its just that the two are different.

    As to price: if you devote a fair amount of time to it, you likely wont need more than 1 month. Possibly 2. But 1 month should be enough to get alot of out the lab.
  • slinuxuzerslinuxuzer Member Posts: 665 ■■■■□□□□□□
    In my day, there was no Kali, there was no meta sploit, there were no vulnerable by design machines, and virtually no war games and damn sure no paid labs. You hunted for hours for working exploit code and you damn near had to commit a crime to actually learn a technique, I'm mostly glad those days are gone :D
Sign In or Register to comment.