I passed the exam on December 8, 2018. And then, eventually, went on to root all of the regular lab machines (~55) in all of the subnets. It was a blast!
This review will focus on some topics where I may have disagreed with the majority.
I passed the exam on December 8, 2018. And then, eventually, went on to root all of the regular lab machines (~55) in all of the subnets. It was a blast!
This review will focus on some topics where I may have disagreed with the majority.
This is a very easy web-focused VM, done in the style of some OSCP/PWK lab machines. You can download it here.
If you have experience with web pen testing and Linux this should be a quick pwn, and if you’re new, it’s a decent first box to try.
Few tools are needed other than your browser, NMAP, and an SSH client.
Continue reading →
Here’s a simple and fun vulnerable VM I completed in preparation for the OSCP.
It was ranked as beginner/intermediate with at least 2 paths to limited shell, and 3 paths to root.
Continue reading →
Here’s another easy VulnHub VM.
My goal this month is to increase the speed that I pop these boxes, in preparation for the OSCP.
I had already completed the first entry in the Basic Pentesting series by this author in about 20 minutes, and wanted to see if I could crack this one in under an hour as well. The author states that it is a “a moderate step up in difficulty” from the first.
Let’s dig in!
LazySysAdmin is another VulnHub CTF.
The description suggests you shouldn’t overthink this. The author states that it was built out of frustration from failing the OSCP exam and that you should be looking right “in front of you” for the answers.
The description intrigued me, as my main goal this month has been to increase the speed that I solve these VMs and reduce the time wasted in rabbit holes.
Kioptrix 2 is a Vulnhub VM. This is the first in a series of write-ups of various hands-on hacking resources I will be working through on my way to the OSCP.
We will need this later for reverse shells and other fun.
ifconfig
netdiscover
Look for something in the netdiscover output with a MAC Vendor / Hostname of “VMWare.”
Found it, in my case it’s 192.168.1.114
After completing the CEH, I immediately set my sights on the OSCP.
That’s the Offensive Security Certified Professional. It is notorious for its 24-hour long exam and (suspected) low pass rate, as well as its challenging course labs.
All the cool nerds want this cert. That includes me, of course! I MUST HAVE IT.
I recently passed EC-Council’s CEH v9 exam. It was my first experience taking a certification exam.
I spent 5 months or so studying off and on, but didn’t really buckle down with my efforts until the last two weeks.
Here is what I used. I’ll provide a short breakdown of what was essential and what I wouldn’t bother with if I had to do it again.
Continue reading →