HACKTHEBOX machines WITHOUT METASPLOIT use

why everone is using metasploit in solution.
Is there anyone who is providing solutions for these labs using manual method (acco oscp rules) - I am looking manual solutions for these machines (without metasploit/meterpreter)-
legacy
blue
devel
optimum
bastard
granny
arctic
grandpa
silo
bounty
jerry

there is no place to learn manually . how I am going to clear oscp without manual methods.

Comments

  • Why are You against metasploit? Msfconsole is my favorite program. Why? Because it is an inexhaustible well of information. (search query: "pentest "anything" metasploit")

  • Type your comment> @ZloyObezyan said:

    > Why are You against metasploit? Msfconsole is my favorite program. Why? Because it is an inexhaustible well of information. (search query: "pentest "anything" metasploit")

    bcz in oscp exam , we can use metasploit only on one machine . I am preparing for oscp ans in exam we cannot use metasploit on all machines. so I am looking for manual methods . I love metasploit but I cant understand why oscp guys are not providing manual methods so that we can prepare for oscp.

  • Yes, I agree, this is completely incomprehensible. If you need to show the customer and so that he understands, msfconsole is the best. (And it’s possible to show via "Armitage" - this is movie and you are author and director)

  • check ippsec videos

    Arrexel

  • Type your comment> @sazouki said:

    check ippsec videos

    yeah i checked his videos . he is also using metasploit in privilege escalation steps. am i overthinking about oscp? or these videos are more than enough to clear oscp? if you can help

  • Type your comment> @oscplover said:

    Type your comment> @sazouki said:

    check ippsec videos

    yeah i checked his videos . he is also using metasploit in privilege escalation steps. am i overthinking about oscp? or these videos are more than enough to clear oscp? if you can help

    That is not true. Ippsec's vid for Optimum; he specfically does it without Metasploit first. Also Metasploit just makes it so you don't have to:
    A) Generate Shellcode
    B) Compile code

    Try to find some python scripts for exploits and you should be good.

    I am having issues with Optimum...I can't get the code he covers %00{.exec|ping myip to work or show up in my wireshark as ICMP monitoring tun0. If you can please please let me know - I think the box is broken??? It could be my VMware vnet0? Unsure really. Going to try and change my networking, but I can see ICMP when I do it so I don't know :/

    My thanks for any and all help; it is appreciated!

  • edited September 17

    Type your comment> @junglemonkey said:

    Type your comment> @oscplover said:

    Type your comment> @sazouki said:

    check ippsec videos

    yeah i checked his videos . he is also using metasploit in privilege escalation steps. am i overthinking about oscp? or these videos are more than enough to clear oscp? if you can help

    That is not true. Ippsec's vid for Optimum; he specfically does it without Metasploit first. Also Metasploit just makes it so you don't have to:
    A) Generate Shellcode
    B) Compile code

    Try to find some python scripts for exploits and you should be good.

    I am having issues with Optimum...I can't get the code he covers %00{.exec|ping myip to work or show up in my wireshark as ICMP monitoring tun0. If you can please please let me know - I think the box is broken??? It could be my VMware vnet0? Unsure really. Going to try and change my networking, but I can see ICMP when I do it so I don't know :/


    I am sorry man. I dont watch his videos . I have another solution for optimum. if you want I can give you hints .

  • I'm relatively new to the whole pentesting scene and therefore metasploit too but as far as I know / encountered metasploit just makes things easier and/or quicker. You can most likely find the exploits used by the msfconsole and just use them manually

    rowra

Sign In to comment.