This week I mainly worked on my lab report and going back through any that I missed. I had a friend look over my lab write-ups and got a lot of feedback. It’s very important to look at the template they provide and try to mimic the format. In addition to the lab report, I was able to get a couple of Windows machines. The two that I worked on helped me learn a lot about privelege escalation on Windows and found a few tricks. With less than two weeks left, I am going to continue to work on the labs and when my time runs out, I am going to go back through my write-ups and compile a list of helpful notes that I don’t already have.
Managing time has been extremely difficult for me throughout the labs. Some take minutes when others can take days to figure out. Even with this issue, I think that a lot of it can be simplified. When going through the enumeration phase, it often consists of looking for the same things: seeing what ports are open, using gobuster/nikto if there’s a webserver, vulernability scanning with nmap, etc. I started working on my own script, but I have found a few that look promising. I think that having a reliable script will save a lot of time on the exam.