After a lot of enumeration, I finally rooted my first lab machine. Like almost everything else, it seems like the most common downfall is overlooking the simplest things. After going through and writing a detailed report, I realize that the process is actually very easy and it feels like the hours I spent could have been done in 15 minutes if I am looking for the right things, but that will definitely come with experience. Having gone through the material has helped a lot, but learning from the labs is a very different experience that requires a lot of patience and critical thinking.

Here are some things I learned from this week:

  • Port knocking
  • SSH Cracking
  • Scraping and generating a custom wordlist for brute force attacks
  • Buffer overflows and how to perform them
  • How to endlessly enumerate and mult-task.
  • Efficiently using Tmux
  • A lot of different linux system services and what they do
  • In-depth linux permissions and how they can be used for privilege escalation
  • .. and much more.

Goals for next week

From here on out, my goal is to root an increasing amount of boxes each week. At the moment, I think that one is a reasonable goal until I gain more experience. I have covered the majority of the material, but will be going back through everything and taking better notes.