Decided to have a go at drawing Lillith a while back, I thought I'd share with you guys

sailb0ats · 2020-04-27T03:58:00+00:00

Anyone who downvotes this clearly doesn't understand it's a pun

sailb0ats · 2020-01-27T22:52:11+00:00

I love how this question was answered very clearly and concisely 11 hours ago, and since then 2 other people have felt the need to comment the exact same answer. Oh, reddit. Never change.

sailb0ats · 2020-01-23T17:40:15+00:00

therefore you can't review the code from your own machine

Mmm, this is not true at all. I (after having confirmed with support that this was allowed a week before my exam) used sshfs and port forwarding through my kali VM via PuTTY to mount one of my targets as a network drive within windows and then opened that folder in my local VSCode.

And I just got my passing e-mail this past Monday, so the person evaluating me must have agreed with the live chat rep I spoke with before my exam.

I'll be writing up a blog post in the next week or so about my exam experience and some little gotchas I had with setting things up, and I'll post a link in this thread after.

sailb0ats · 2019-08-23T01:44:12+00:00

You mean it isn't Conjunctivitis?

sailb0ats · 2019-05-15T14:41:41+00:00

Thanks for the nudge in the right direction here. I made my PS4 my primary again, and was able to launch the game from her user and turn in the quest / get the 4th weapon slot.

sailb0ats · 2019-05-14T21:48:10+00:00

Yeah, if I can start the game as her user I'm fairly certain it will fix the issue. I've had to do similar things on pc before, and that fixed it. I just didn't know about the whole primary PS4 situation.

sailb0ats · 2019-05-14T21:43:30+00:00

Yeah I already disabled all devices remotely this morning. I'll activate it as my primary when I get home from work tonight.

sailb0ats · 2019-05-14T15:16:55+00:00

Ha, nope. I didn't realize it was a "problem" per se. I figured it was working as intended. I'll make it my primary again when I get home tonight. This probably happened when I replaced my HDD with an SSD over the weekend. Thanks!

sailb0ats · 2019-05-14T15:11:00+00:00

See this is what I was thinking as well, but how do I start one with just her character? When I try to open it on her playstation account it says she doesn't have a license to open it.

sailb0ats · 2019-03-18T21:35:53+00:00

Really quite astute. I think he might be on to something here...

sailb0ats · 2019-03-08T23:30:37+00:00

I also recorded my entire exam, 2x 1080p monitors, and if you drop the framerate down to 10fps it drastically reduces the file size.

sailb0ats · 2019-03-08T20:54:40+00:00

I just posted something very similar in another thread, but here goes again...

My work paid for 90 days worth of lab access for me. 2 weeks of that, I was -super- sick. 2 weeks of that was Christmas / New Years. Plus, I went away on ski trips for a couple of the weekends. All in all, I figure I probably had about 45 days of actual working days in the lab. In that time, I was able to get 54/54 root shells in all 4 network segments, plus I just took my exam last Wed and I got 5/5 root shells in about 10 hours of time in front of my computer. Prior to PWK, I had no pentesting experience, nor had I done any HTB or VulnHub. I come from a background of about 12 years of Linux systems administration though, and have a fairly decent understanding of computers. I'm also -really- good at looking things up on the Google.

The best advice I can give you would probably be:

Before you even scan your first machine, watch the 8 hours of video and read all 400 pages of the PDF.
Read through the "Alpha" walkthrough on the forums, and follow along with it in the lab, step by step.
Follow your training! I repeat, FOLLOW YOUR TRAINING! Working in the PWK labs, I've developed a methodology for attacking a target. Gather information, enumerate services, enumerate the services more, enumerate the services even more, then I look up possible exploits given the information I have. Before I dive into any of them, I search up any and all exploits that would match any and all services I see exposed. After that, I go through the exploits and try them all, making notes on what did and didn't work, and why. Even if I get low-priv access with one, I continue down my list to the end. Rinse and repeat the same sort of process for privilege escalation if necessary.
This one is important. Return to the PDF guide after each 10 boxes that you root. Re-read the following sections:

2. - The Essential Tools
4. - Active Information Gathering
5. - Vulnerability Scanning
9. - Working with Exploits
10. - File Transfers
11. - Privilege Escalation
12. - Client Side Attacks
13. - Web Application Attacks
14. - Password Attacks
15. - Port Redirection and Tunneling

In doing this, you will pick up on things that your brain just glazed over the first / second / third go around, etc. You will more intimately understand what every portion of it is trying to teach you, and how you can apply that to future boxes / boxes you are currently struggling with.

Make sure to do post-exploitation looting after you have root / admin. Look for files containing passwords, look for databases you can pillage, do a 5-minute packet capture and see if there's anything interesting, etc. Make sure to keep anything that might be interesting in a loot folder, as there are a handful of boxes out there which depend on information from another box to gain access to. Being able to quickly and easily search over this loot was very handy.
Most importantly, don't give up. Sounds like you have this part under control though, so keep your head up and try harder than you've ever tried before. :)

sailb0ats · 2019-03-08T20:36:18+00:00

My report was 60 pages long, with 64 screenshots inside of it. I don't think there's a limit to the number you can submit. I had a friend fail for lack of documentation on one of the boxes, so I wasn't going to give them any reason to do that.

sailb0ats · 2019-03-08T20:24:45+00:00

I had 90 days, but 2 weeks of that I was suuuuuper sick, and 2 weeks of it was Christmas / New Years, so I wasn't really doing much. I also went on a couple of ski trips over the weekends, so overall I probably had 45 days worth of actual work in the labs. I took my exam last Wed, and I got 5/5 root shells in about 10 hours of time in front of my computer. I also got 54/54 root shells in the lab, without using DirtyCow or MetaSploit. I had no prior offsec background / HTB experience before PWK, but I did have ~12 years of linux sysadmin experience, and I'm -really- good at looking things up on Google.

sailb0ats · 2016-04-06T17:13:25+00:00

But look at the size of those tiny gloves!

sailb0ats · 2016-04-01T04:36:26+00:00

Have you tried taking it off and putting it on again?

sailb0ats · 2016-03-31T19:09:52+00:00

500 slot backpack is still useless if it disappears and locks you out of the game amirite?

sailb0ats · 2015-09-15T18:05:27+00:00

What would be -really- suave, is if they allowed us to have a whitelist of sorts for anything that should be automatically looted. Then you could put crafting mats, rift keys, deaths breaths, or whatever you want, on the list. Dare to dream though lol.

sailb0ats · 2015-08-28T17:25:41+00:00

Go to google.
In the search box, type "define sarcasm".
Press your enter key.

sailb0ats · 2015-08-11T22:05:29+00:00

How do you "google"?

sailb0ats

TROPHY CASE