Course content: 18/18
Lab machines: 28.5/55
I actually underestimated the amount time I had left, and was surprised to find out I was actually into my last week of lab access. Thinking I had 2 weeks left, ‘losing’ a week of time set me back a bit and meant I wasn’t quite able to get to the 30 lab machine mark I was hoping for. However, like I mentioned last week I wanted to give some of the ‘boss machines’ a try to see how I would fair against the hardest machines the OSCP has to offer. To that end, I attempted the machines Pain and Humble this week and am pleased to have been able to root them both. Each one was difficult in its own right, with Pain having a very difficult to execute privilege escalation and Humble requiring extensive modification to an exploit required to obtain a low privileged shell.
Being able to gain root on two of the hardest lab machines was incredibly satisfying, and it also provided a welcome confidence boost as my time in the lab environment comes to an end. Although the total number of lab machines I’ve rooted isn’t all that high, it feels good to know that I was able to (eventually) overcome these ‘boss’ machines. In a sense, being able to do these machines should mean I am good enough to root any of the remaining lab machines. Granted, I did spend an exorbitant amount of time on each , but I think it was well worth it in the long run. In terms of a specific ‘high’ for the week, the privilege escalation in Pain was a standout. The exploit needed to be manually broken down and compiled into 3 separate files, before it was able to run successfully. This took a lot of time for me to get my head around, and I made countless small mistakes along the way that nearly had me giving up. Thankfully, I was able to push through and overcome this machine. Pain is aptly named.
The “.5” in my lab machine total still remains, and now that my lab time has concluded I may never be able to successfully obtain root on this particular machine. I did go back and give it another quick attempt today, but I was so burned out having finished both Pain and Humble that I needed to take a break and accept defeat. This machine highlights the weakness in my privilege escalation abilities, and is something I will have to work on in the time I have remaining before my first exam attempt.
So this concludes my time in the OSCP lab environment. It’s possible that I come back again in the future, but hopefully this is the last I see of these machines. I learned a lot over the course of 90 days, with each machine presenting a unique exploitation angle that inevitably came with a unique set of challenges to over come. In time I’ll sit down and spend a significant time writing about my thoughts and experiences on the OSCP course material, likely after my exam attempt next month (regardless of whether I pass or fail).
Looking ahead to the exam, I have just under 4 weeks to prepare. I intend to spend a lot of time in the HackTheBox environment, and will likely watch all of IppSec’s walk through guides for the retired machines as there is a lot to learn by studying his methods and techniques. In terms of how I want to approach these progress posts, I think I’ll do extremely small write ups on the key takeaways I get from each HackTheBox machine as a way to track what I’ve done and what I learned.