OSCP Week 11: Heading Into the Home Stretch

Course content: 18/18
Lab machines: 26.5/55
Days: 77/90

 I made some solid progress again this week, managing to root 3 lab machines of varying difficulties. It feels like I’m starting to head into the final stretch of my initial attempt at the OSCP so I’m doing my best to keep the motivation high and commit the necessary amount of time before my lab access is revoked. I’m confident that I can get to at least 30 lab machines, so I need to try avoid burnout and keep pushing for a few more weeks.

Weekly High:

I was able to root a machine that I was previously having a lot of trouble with when I first started out in the lab environment. In hindsight, it was an extremely easy machine to exploit using a Metasploit module that I really should have been able to figure out on my first attempt. Tunnel vision and an over reliance on the output of an NSE vulnerability scan meant I was initially using the wrong module in various ways with no success. Convinced I was using the right exploit, I couldn’t understand why it kept failing to open a meterpreter session. It wasn’t until this second attempt that I realized I needed to use a different exploit entirely. Of course, once I had identified the correct exploit I had a meterpreter session with system level privileges within 30 seconds. Although the machine itself was very easy, I learned a lot about enumeration and tunnel vision from this machine. It also hammers home the lesson that taking a step away from a machine and revisiting it later really does work.

Weekly Low:

The ‘.5’ in the lab machine count has remained there for a few weeks now. I added it into the tally as a way to note a low privilege shell I was able to obtain, but couldn’t escalate the privileges to root so I couldn’t justify giving myself the full point. This week I went back to this machine to try escalate the privileges, but was again unsuccessful. I know that privilege escalation is my weak point, but I was really hoping something was going to click for me this time around and I would be able to check this machine off the list. I do still hope to obtain root on this machine before my lab time ends, so will have to come back for a 3rd attempt at it later on.

I’m still on track to hit the 30 lab machine target I had set for myself before my lab time finishes. Considering I’m near the end, I’ve decided to give the four ‘boss’ machines a try to see how far I can go. I already started on ‘gh0st’ but have been stumped so far, hopefully I’ll have more success next week.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s