Day 20: Week 3

Day 20: Week 3

I am officially 20 days into PWK. Up to now, I have learn an insane amount of things and definitely have a good grasp of the process to use when going about the lab machines and even CTF’s on hackthebox. Despite getting root on one machine, I have gotten lost quite on several other machines. However, I think that my approach of taking time off is not as effective becuase my thoughts start to become scattered when working on several machines at once. Progress wise, I think I am actually a bit behind where I would like to be in terms of having lab machines done.

OSCP Bonus Points

I learned that I can obtain 5 points on the exam for submitting 5 reports of lab machines and all exercises found in the PDF. Because of lab timing, my plan is to do all of the lab exercises in a more organized manner towards the last few weeks to get the most out of the labs.

Random thoughts about tools & methods

###Encryption This week, I managed to lose my persistent USB with Kali on it. For some reason, I never encrypted it and it made me reconsider the dangers of losing it. Luckily, on a college campus, the likelyhood of someone finding it and being able to use it is insanely low. I use several obscure aliases in order to connect to the PWK VPN and had nothing sensitive stored. But with that in mind, I learned my lesson and encrypted my other USB’s.

Organization

Organization throughout this course has been a struggle, but I think I have officially developed a liking for OneNote and would highly reocmmend it to anyone else taking the course. I found this repository which I use for OneNote in Kali.

The small things

Something I overlooked was the SMTP enumeration and it’s use. While I don’t have much to say about this, I think it’s important to remember that it exists and can be badly configured. When working on a machine, never make assumptions, always check.

Goals

This week, my goal is to get root on another lab machine, I wasn’t able to do so last week, so I am turning this into a hard deadline for myself. I would like to also get user on a different machine as well.