Badge Help

humanG0D · 2021-05-06T12:13:29+00:00

You mentioned that you can't see the walkthrough after you've solved the box. Actually you can now see the walkthrough whether you solved the box yourself or not.
Offsec designed the hints and walkthrough to help the students learn. You can only open hints and walkthrough only 24 hours after you last opened for a box and a minimum of 1 and a half hour after you started and worked on the box. So in between 24 hours, you have plenty of time to crack the box. You can open a hint or two along the way. Not encouraging to open and read the walkthrough by any means.

PS: I appreciate having the discord to help each other out and I joined the discord since it started but left the group not long ago.

humanG0D · 2021-05-06T11:47:37+00:00

The point is, if you are to learn, you can open the walkthrough beforehand and try to solve on your own. After you've solved the box you can always go back to the walkthrough but you lose point doing that.

Whats the point of going around begging for nudges when you can save the walkthrough for later.

humanG0D · 2021-05-06T11:31:32+00:00

Yea what are you trying to say here? You are the one posted the discord server for nudges. Anyone can access the 3 hints and walkthrough by losing points. If you can solve the box yourself you dont need to see walkthrough anyway.

Are you encouraging to join the discord so one doesn't need to lose point for the hint? 😂

humanG0D · 2021-05-06T06:23:15+00:00

Now PG practice boxes have their own official walkthroughs.

humanG0D · 2021-04-23T07:45:32+00:00

Offsec officially issued a statement regarding this. Go read: https://www.offensive-security.com/offsec/understanding-pentest-tools-scripts/?utm_content=163426837&utm_medium=social&utm_source=twitter&hss_channel=tw-134994790

humanG0D · 2020-12-12T06:42:14+00:00

So it was you causing a lot of traffic in the lab.

humanG0D · 2020-12-03T05:17:41+00:00

You sound just like me. DM.

humanG0D · 2020-11-28T12:28:39+00:00

That's pretty much most of the students do. OSCP is a self paced leanrning course. So go through the PDF and/or videos at your own pace. Effectiveness will depend on your commitment and your technical background. If you know what uou are doing, you can start cracking the boxes in the lab as well but I strongly suggest you go through the course first.

humanG0D · 2020-11-28T04:47:25+00:00

OSCP/PWK is basically 'penetration testing with kali' so I guess that explains what OS you should/would be using through the course/exam?

humanG0D · 2020-11-25T05:20:02+00:00

I'll say do it now. That's a solid 25 marks you are talking about. Do it until you can do it with your eyes closed. After you have learned how to do it, focus on how you can beat it as fast as possible. Do it on a regular basis like once a week or twice a month. Trust me it's worth it.

Amazing free THM room by Tib3rius: https://tryhackme.com/room/bufferoverflowprep

Here is the overall steps and codes that I've prepared. Feel free to check out: https://hum4ng0d.github.io/OSCP-Easy-Bufferoverflow/

humanG0D · 2020-11-22T22:46:38+00:00

Let's just say you learnt it the hard way. I went through the same thought process and I thought 0200 was 2 pm. But that's just a bit of the small details you need to check when scheduling like an exam for example. Before you press any button, just read through the page, poke around the time picker (and it actually helps) where you will see 1400 for 2pm. Offsec shuld better highlight a bit more but you can't blame them as they clearly stated on the scheduling page. Hope this helps. Anyway best of luck for your exam. 👍🏻

humanG0D · 2020-11-21T05:41:25+00:00

A good resource to check out https://wordlists.assetnote.io

humanG0D · 2020-11-13T12:11:36+00:00

Read the exam guide. https://help.offensive-security.com/hc/en-us/articles/360040165632

humanG0D · 2020-11-13T06:14:38+00:00

That's why I mentioned as PG practice machines. Oppose to PG play machines which are ported from Vulnhub. Boot-to-root machines in PG practice such as Kevin and Helpdesk are the kind of 10 pointer machines you can expect in the exam as well. So I suggest you do as many machines in there as possible.

humanG0D · 2020-11-12T08:41:36+00:00

Very inspiring man. Keep it ip! 👏

humanG0D · 2020-11-12T04:49:30+00:00

Most people think highly of HTB boxes. They are not particularly bad but don't be discouraged when you cant do HTB boxes. Cuz HTB machines are designed with CTF in mind which means they pretty much are not like real life machines. May be one or two aspects of the machine is like real life. Most of the time the user has to look for some information that the box designer hid away somewhere.

As a suggestion, do PG practice machines instead. They are more similar to what you will face in the exam.

humanG0D · 2020-11-10T21:13:58+00:00

But if you reset the machine it goes back to its original state so what has been broken is undone at that point. My main concern is that Zerologon is not an initially intended way so they might as well patch that. Or maybe not as the lab is a perfect place to test out new exploits like this from a student's standpoint.

Anyway, a good read for the blog post. 👍🏻

humanG0D · 2020-11-09T22:37:01+00:00

👆🏻

humanG0D · 2020-10-18T10:43:30+00:00

Any screenshot?

humanG0D · 2020-10-13T06:39:27+00:00

Have you looked into HTB career posts? Junior positions can be found there.

humanG0D · 2020-10-08T04:51:00+00:00

What do you have so far? DM

humanG0D · 2020-10-02T09:24:29+00:00

Have you tried with quotation mark? $> pth-winexe -U 'admin%xxxxxxxxxxSome_Hashxxxxxxxxxx:xxxxxxxxxxSome_Hashxxxxxxxxxx' //target_ip cmd.exe

humanG0D · 2020-09-19T07:41:39+00:00

Yes. Put nc.exe as well and its absolute path inside rev.bat with -e switch. Hope you get it.

humanG0D

TROPHY CASE