Perseverance

Fall down seven times – Get up eight

 MENU

OSCP Journey – Second Week

Published by Arvandy on July 14, 2018

Date: 08 July – 14 July 2018

PDF: 380/380
Videos: 149/149
Exercises: 37/42
Exploited Machines: 34
(Alice, Alpha, Barry, Beta, Bob, Core, DJ, Dotty, FC4, Gamma, Gh0st, Helpdesk, Hotline, JD, Joe, Kevin, Kraken, Leftturn, Mail, Mike,
Observer, Oracle, Pain, Payday, Pedro, Phoenix, Punchout, Ralph, Sean, Sherlock, Slave, Sufferance, Susie, Tophat)
Unlocked Networks: 2 of 4
(Public, IT)

Day 8
Exploited Machines (3): Tophat, Dotty, Leftturn

Day 9
Exploited Machines (3): DJ, Susie, Oracle

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
 Day 10
Exploited Machines (3): Hotline, Alpha, Beta

Day 11
Exploited Machines (3): Gamma, Core, Kevin

Day 12
Exploited Machines (3): Mail, JD, Punchout

Day 13
Exploited Machines (3): Pedro, Sean, Joe

Day 14
Exploited Machines (2): Slave and Observer

This week I exploited 20 machines and unlock IT Network. Pivoting required to exploits the machines in IT network, personally I use
Proxychains with socks4. The lab getting harder and interesting, some of the machines cannot be exploited directly. To exploit them
the relationship between machines must be find out first. Some of the machines have easy or unintended way to exploit but it always
better to do the intended way, it teach a lot.

For the last couple of days, I keep checking the exam slot availability. The slot has been filled till 20 August, but today I check and
found the slot on 14 and 15 August. It could be some of the students rescheduled their exams date. I decide to scheduled my exam
on 15 August, 15:00.

TIPS:

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
 POST Enumeration is really important. Make sure you do and document it or you gonna need to return to all of the machines you
have been exploited.

Some binaries/executables on the machine not located in the default PATH. If your rev-shell/RCE didn’t work, enumerate more.

Client-side exploit require more times to be executed. Be patient.

If you encounter login page of certain software, first things you need to do is looking for its default login credentials on google.

Developer guide manual of certain software can be a good resource if you unfamiliar with the software.

If you see a lot of ports open from NMAP result, go for the low hanging fruit first such as Samba and FTP.

After you get low privilege shell, make sure you spawn TTY shell. Some exploits won’t work without TTY shell.

 OSCP

2 Comments

rowbot
JULY 30, 2018

Great posts. What do you mean by ” Some binaries/executables on the machine not located in the default PATH. If your rev-shell/RCE
didn’t work, enumerate more “

 REPLY

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
 Arvandy
JULY 31, 2018

Thanks rowbot.

For example you know that certain programming languages such as php installed on the target machine and you successfully
obtain RCE but your php reverse shell attempts keep failing.
The reason could be the php installed on the directory/location that not defined on PATH variable of the machine environment
variables.
So when you execute the php reverse shell command, it will failed because the system cannot find the php binary.

 REPLY

Leave a Reply
Your email address will not be published. Required fields are marked *

Comment

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
 Name *

Email *

Website

Save my name, email, and website in this browser for the next time I comment.

Post Comment

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
 Search... 

Most Viewed Posts

OSCP Journey – First Week (12,250)
OSCP Journey – Preparation (9,337)
OSCP Journey – Second Week (5,336)
OSCP Journey – Seventh Week (Exam) (4,902)
OSCP Journey – Third Week (4,868)

Recent Posts
ROP Emporium – Fluff

ROP Emporium – Badchars

ROP Emporium – Write4

ROP Emporium – Callme

ROP Emporium – Split

Categories

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
 OSCP

PentesterLab

ROP

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD