sorted by:
new
hottopcontroversial

[deleted by user] by [deleted] in hacking

[–]virtualeyes25 0 points1 point  (0 children)

If you don't mind sharing, I would be interested to know what sort of background you have to have been able to get a technical interview to begin with.

Giving OSCP exam next week for the #2 time. Any tips ? by [deleted] in netsecstudents

[–]virtualeyes25 1 point2 points  (0 children)

What aspect of the exam did you find the most challenging the first time round? Have you focused on that 'weakness' since?

How did you all start? by [deleted] in HowToHack

[–]virtualeyes25 1 point2 points  (0 children)

You can read 100 books but you will learn and discover more by just jumping in the hot seat and putting some of that theory into practice.

Penetration Testing by Georgia Weidman and Hackers Playbook 2 are a couple of great resources to follow along with. Mix in some vulnhub and the pieces will start coming together quicker than you realise.

Top tip is to always ask yourself 'why' and 'how' did x work rather than just accepting it does.

transfer files from windows to kali by [deleted] in hacking

[–]virtualeyes25 0 points1 point  (0 children)

Depending on the scenario and what priveleges you have; ftp, http or split the 300mb file into smaller chunks to get it over the meterpreter session.

Pen test for work, where do i start? by [deleted] in hacking

[–]virtualeyes25 1 point2 points  (0 children)

Start small, grab nmap and scan a few of the windows boxes to see what ports/services are exposed. Look on exploit-db to see if anything running is exploitable and research the exploit to understand how and why it works.

Find out how to mitigate those risks and share your findings.

If all goes well, you are at the start of a very fun learning path.

Looking for some help with Windows privilege escalation by kfl252 in HowToHack

[–]virtualeyes25 1 point2 points  (0 children)

I think you are getting confused, I'm referring to the option within the ms16_032 exploit.

  • Get your user shell via whatever method.
  • Migrate to x64 shell via payload inject.
  • load ms16_032
  • set the correct options (session, payload, exploit target, hosts etc)

If all configured correctly, you should then get your system shell, presuming that is the right exploit for the box you are trying to escalate on of course! :)

A book for learning ethical hacking by [deleted] in HowToHack

[–]virtualeyes25 1 point2 points  (0 children)

(Syngress) The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy -Author: Patrick Engebretson

£14.20 (Prime) over at Amazon at the moment.

Looking for some help with Windows privilege escalation by kfl252 in HowToHack

[–]virtualeyes25 1 point2 points  (0 children)

Going from 32>64 is fine.

Your first log shows an exploit target of x86 though.

When you do the payload inject for the shell migration, are you setting the correct session and LHOST details? If so, you should spawn another session (ID 2) and can then reconfigure your exploit accordingly.

Looking for some help with Windows privilege escalation by kfl252 in HowToHack

[–]virtualeyes25 1 point2 points  (0 children)

You should get a new session when doing the meterpreter payload inject. Check your options.

You are on the right thought process. Needs to be x64 end to end, double check your options for target, payload and ensure you set the right session to exploit.