2.16.25
So close! 96% done with the Windows PrivEsc course and I have learned a lot. I am looking forward to wrapping this up and start on the sister course, Linux PrivEsc. Right now I am on the 3rd box for 5 that comprise the capstone.
- Arctic @HackTheBox
- Bastard @HackTheBox
- Alfred @TryhackMe
- Bastion @HackTheBox
- Querier @HackTheBox
This course, unfortunately, is rather old. I emailed TCM support about it, asking when a course refresh was due, they said soon. Not super helpful.
The tools they suggest using are out of date, though some of them have a next gen available, and the exploits and paths, for one reason or another, do not work in some cases. These retired boxes are just not ideal.
Well, that’s not entirely accurate. Because they are so out of date, they forced me to really dig in and learn some new things. The paths the instructor had in mind, were not always available, so I had to forge my own.
Because of this I have created a step by step guide for myself, a template in Notion for any CTF, and I have had to question what I thought I knew. I really though I had the procedures and tools down, but that was not the case. I could do it with a lecure, but on my own, I went blank!
I have also updated my Pentesting Field Guide to include some of the things I find myself doing a lot with enumeration, reverse shells, metasploit, msvenom, etc. Code snippets and examples to remind me of what to do next.
Like I said, these boxes are old, labeled easy – but are a challenge and I would say they are more medium on the scale of holy crap this is hard.
Try Harder
Giving up is not an option. 6 hours in and very little progress … maybe even some frustration tears – does not matter, I’ve got to do this. I don’t want hints or help, if I do that, then it feels like a loss.
I have had to look for small hints here and there though – but turns out it’s not defeat and I am not an idiot. This stuff is hard, and the hints nudge me in the right direction so I can continue learning.
I made a deal with myself. If I use a hint, then I spend more time on why I could not get what I needed without the hint, what the hint did for me, and how I can get this next time around. It’s all a learning experience.
Something that really helped was separating my two worlds. My work computers are for work. I don’t feel good hacking on them. They have their own proxies into Automattic and they just need to be kept safe. So I have the hacking laptop and I set up a second desk with several monitors and I have found that separation to be a huge help. Not totally sure why, but it did the trick. I am also on a separate VLAN for anything I do, which is overkill. It’s just an openvpn connection, but why not?
This is a little cheesy, but it helps. I hung this above my hacking desk and I swear, when I want to quit, it helps me to try harder.
I’ll be back in a week or so with another update.
