Information Security Blog

PWN it Again

I’ve started my time back into the OSCP labs by reworking several machines that I have rooted in the past. My intentions are the following:

First, I had never done the write-ups for the lab machines to include as part of the exam write-up. I had focused mainly on getting the points straight up during the exam. On my last exam attempt I realized that that was a poor way to think through this and that the 5 bonus points can be really helpful in the motivation to getting enough points to pass. Also, It was really helpful to write-up that machines as I gained a better understanding of what it was that I did to compromise the machines. It let me notice patterns in the way that the machines are compromised and I feel like that has helped.

Second, I used Metasploit way too much as I was going through the labs before. I had focused on getting as many machines compromised as possible instead of learning good methods to take. That definitely hurt me on my first exam attempt, and I had done a lot more non-metasploit compromises before my second exam attempt. This time I wanted to go back through the machines that I used Metasploit on and try to work them without the tool. I feel like this has been helpful in some ways, but I have also found roadblocks as well.

There are some machines that I have been able to find manual exploits for and that has been awesome. I definitely feel that I have a better understanding of what is going on in some of the exploits. There are also some machines that I exploited using known Windows vulnerabilities that do not have manual exploits for them. In this case I have tried to have a better understanding of what the module is doing to exploit the machine. I have also tried to figure out through manual scanning when Metasploit is going to be my only option. I don’t want to end up using Metasploit on the wrong machine for the exam, again.

OSCP Lab: 15 (Since restarting)
VulnHub Rooted: 3
HTB Rooted: 2
HTB Challenges: 6


Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll Up