OSCP studies - Tacos and Security

OSCP studies

A collection of 15 posts

HTB post-game recap -- Passage

Passage was a cool box overall. The hardest part for me was privesc. I had to get a lead from a buddy to show me what I was looking for. He said something along the lines of "ride the bus." The rest was a ton of Googling anything I found

Hack the Box -- Passage

This is a write up of Passage on Hack the Box. Nmap As always, we start with our basic Nmap scans. The results are below: nux@KakaLinpoop:~/Documents/htb/boxes/passage/nmap$ nmap -T4 10.10.10.206 -p 22,80 -sC -oN scriptScans Starting Nmap 7.91 ( https://nmap.

Proving Grounds Practice

My three readers know by now that my exam experience didn't go as I'd hoped. I've blown through certification exams before, but this was next-level. I went in feeling like I have kicked enough butt in the labs and in HTB to be able to do it pretty easily. Nope.

Exam kicked my butt

Well, I was hoping I wouldn't have to write this post. The exam kicked my butt. Bad. I was hoping this post would be more like, "Yo! I got my OSCP!" I studied quite a bit and felt like I was steamrolling the lab machines. They weren't terribly difficult and

Update: Still In the Labs

Still doing labs. I've popped about 22 boxes. Still need to do more. Hopefully soon I will be posting to report that I've passed. Here's a review of the exam by my friend @opsdisk, who took it a while back (long before OffSec added the 2020 material.) - https://blog.

Sup?

I know, I know. Looks like I've been flaking out. Well, I suppose I have, but for good reason. Still studying for the OSCP. Still working on becoming much better at enumeration than I currently am and still working on speeding up my buffer overflow process, so I don't have

My OSCP journey week 1

I've been working through the PWK labs. It's not the easiest, but I've rooted five boxes and I have a shell in another. I will work on privesc tomorrow. At this point, the boxes haven't been particularly difficult, but I still don't feel that I'm where I need to be

So Where are the Updates?

I meant to post my writeup of OpenKeys yesterday, but Saturday also so happened to be the day that my PWK coursework arrived. Guess what took priority? Right now, I'm writing my notes in a private GitBook Repo. I'm trying to build a gameplan for when I take the exam.

Hack the Box -- Haircut

This is a relatively easy box. Figured I'd do it since it was on the TJ Null list of OSCP-like boxes. Nmap We start with Nmap: nux@KakaLinpoop:~/Documents/htb/boxes/haircut/nmap$ cat scriptScan # Nmap 7.91 scan initiated Wed Dec 2 22:44:28 2020 as: nmap -T4

When ya gotta run SSH on more than one port

I was working on a HTB challenge recently, and I am positive that the first time I completed the machine a few months ago, SSH access out from the box was allowed. Seems something changed, or I dunno, I got lucky. Not sure. Either way when I was redoing the

Hack the Box -- Beep

Foothold was a pain in the butt.

Learning day part 3: Reading other HTB writeups -- Tabby, and finding new tools

I once received some advice from a dude who is pretty good at this kind of stuff to read other writeups once I've solved a box. This will help because you will discover other techniques you didn't think about or know about. I'm going to do that right now with

Hack the Box -- Solidstate

I usually don't do writeups for boxes I didn't solve while active, but I'm taking today as a learning/training day and I figured I would do one of TJ Null's OSCP-like [https://docs.google.com/spreadsheets/u/1/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/htmlview#] boxes for practice. Let's take a look at

things I learned

Things I learned today -- 11.15.20

I got some studying in today. Did a bit of reading and watching some videos. More PrivEsc Today, I went over TryHackMe's Linux PrivEsc portion on weak file permissions [https://tryhackme.com/room/linuxprivesc]. Went over some things I already knew, but it was still cool to go over it

Random Notes on Hack the Box

-------------------------------------------------------------------------------- I was feeling a bit under the weather recently, and I just couldn't get myself up to do HTB. Instead, I watched some IppSec videos in hopes of learning some things. I checked out the video for Popcorn and tried to understand what was going on as IppSec was