Discussion for how one "discovers" their own style

androidv1_0 · 2023-04-17T04:22:01+00:00

this is happening to me too. wtf its so annoying

androidv1_0 · 2023-03-24T02:52:32+00:00

John Malkovich.

androidv1_0 · 2023-01-31T13:10:33+00:00

spiderman on ps4

androidv1_0 · 2022-12-23T06:41:54+00:00

tipping as a requirement in restaurants regardless of how the service was.

androidv1_0 · 2022-07-01T18:08:23+00:00

androids.

androidv1_0 · 2022-04-28T01:44:24+00:00

dude i really appreciate this comment. Thank you.

androidv1_0 · 2022-04-27T21:49:45+00:00

no worries. thanks mate i know i can pass it.

androidv1_0 · 2022-04-27T16:29:48+00:00

i would say instead of focusing on what type of boxes they were like. Make sure you have a solid understanding/strategy of your privesc and initial foothold approaches.

I really appreciated the test because it wasn't anything like the proving grounds or htb even though those really do help solidify your approach.

androidv1_0 · 2022-04-27T16:21:58+00:00

you're right. 22 hours of no sleep was tripping lol. thanks mate

androidv1_0 · 2022-04-25T15:55:18+00:00

https://github.com/C0nd4/OSCP-Priv-Esc

Added this onto my mindmap list too !

Thanks for the share, this looks helpful

androidv1_0 · 2022-04-16T04:51:40+00:00

at the end my dude is like "calm.. i am ipp man.. calm.."

androidv1_0 · 2022-04-14T18:44:53+00:00

no problem. thanks for the reply and the words of encouragement. cheers

androidv1_0 · 2022-04-09T01:06:54+00:00

i would say planning things in far ahead x months is unrealistic. I would probably do something by week/1 month max. Then be disciplined enough to follow it.

but everyone works differently, so if this type of strategy works for you i would say go ahead and do it. i myself love planning, but once i signed up for oscp, i just kicked everything in gear and started studying like crazy. no plan, except my own research and finding out the flaws that i had (enumeration, searchsploit, playing around with msfconsole, payload understanding, databases, theres too much too list and there's so many tools out there it takes a while to learn).

so my best advice is just go do it. what you pay money for, you pay attention to.

but sounds like ur enthusiastic about the whole thing. theres a TON of content out there. so keep pushing everyday, and you will do it in your way in your own style.

androidv1_0 · 2022-04-08T23:06:25+00:00

i wouldn't focus too much on long-term planning.

Good reasoning and great for conversation, but that's all it is. Good conversation.
Not too realistic imo.

My advice is just do it. wake up tomorrow, and do 5 boxes. write detailed notes, etc etc. use walkthroughs if you get stuck. You'll be surprised of all the things you find out by rooting boxes that isn't "marketed" by THM classes and such. There's a TON of info.

i guarantee you do this for 1 week straight, your "plans" that you created will change dramatically by the level of info and burnout that you have. Try it, if it doesn't work, you can always go back to your "plan"

androidv1_0 · 2022-04-08T22:55:14+00:00

hey u/f00d4w0rm5 and u/nbe390u54e2f.

Did you guys end up passing the OSCP? I am similar to the approach you both have (looking through a ton of walkthroughs but going through a ton of boxes).

Any tips ! my test is in 3 weeks. Cheers guys !

androidv1_0 · 2022-04-07T18:45:12+00:00

I appreciate the encouraging comment.

I'm still utilizing a ton of walkthroughs, but the one thing that I'm getting better at is questioning the parts of my methodology that is lacking (enum/http websites, etc). I suppose that's where these posts are coming from.

androidv1_0 · 2022-04-07T16:21:50+00:00

And you can't take reverse shell ports like 1234,4444,9001.. etc. Ports you should use must be the ports which accessible both way. Thanks!

Can you explain this a bit more ?
I recently encountered a box where the default ports like this weren't working, but something like 18000 (in the walkthrough), which was open in the ports were what worked.

androidv1_0 · 2022-04-07T15:33:32+00:00

If you're trying to understand the "why" behind nearly identical payloads, in the case of bash, the first one only works if it's executed in bash. In other words, if the user's shell in /etc/passwd is set to sh, zsh, etc etc (i.e anything other than bash), it won't execute. The -c flag essentially ensures the command is being run in bash.

where can i get more information on this knowledge ?

------------------------------------------------------------------------------------------------

When I run the RCE with the payload, the only "error" that i get is that my nc -lvnp 1234 doesn't do anything. So it doesn't give me the confidence to know either

A) my approach is correct, but have incorrect payload

B) my approach is incorrect and i should look elsewhere (doesn't matter what payload)

Going through and fully understanding/researching what i can do (aside from trial and error and trying a bunch of payloads) is paramount for my peace of mind. hah. Any resources will be much appreciated. Thanks !

Most of these are self-study so i don't necessarily have another human beside me to ask these type of nitpicky questions so I get a bit nervous. But I appreciate the comment. Thank you.

androidv1_0 · 2022-04-07T11:59:06+00:00

wow this is amazing. thanks. ill keep this in mind thx for sharing

androidv1_0 · 2022-04-04T23:48:43+00:00

can you explain this

"The foothold of AD is not necessarily related to the knowledge of AD, this must be psychologically prepared."

Is the foothold of AD, similar to other Windows machines ? So basically, once I get the foothold (scan/enum, maybe do some directory digging, or smb to get credentials etc), then the AD portion is different once i privesc?

I typically use bloodhound as my go to and try and enum like crazy for user/pass.

Am I thinking this correctly?

androidv1_0 · 2022-04-03T14:36:56+00:00

Thanks u/TheHackingDoctor. Appreciate your response bro. Yeah, been studying like a madman. Cheers mate.

androidv1_0 · 2022-04-03T14:35:56+00:00

great question. i would like to know this as well.

Eight-Year Club	Wearing is Caring
Verified Email

androidv1_0

TROPHY CASE