@delo said:
if you want to do OSCP like boxes, fork out for VIP and do the retired machines created by ch4p - though maybe exclude brainfuck (which is still one of my favourites)
Realistic does not mean mirroring the OSCP environment. Nobody has said or asked for any such thing. Several people have said they’re here preparing for OSCP, but not one person has said, “I want a copy of the lab environment I already have access to!”
@delo said:
“Real world” external engagements generally have ‘slim pickens’ and if you are lucky enough to gain access, it is usually via default creds / password attacks against users i.e. boring - and you don’t learn a thing.
See:
re-al-ism
noun
the quality or fact of representing a person, thing, or situation accurately or in a way that is true to life.
As in, not having to go searching for critical files hidden in l33t_d1r_7h47_w0u1d_n3v3r_3x1s7 and other CTF elements that you would only ever see in CTFs. You don’t learn anything from that, either. There needs to be a healthy balance. It’s really not a difficult concept to grasp.
@delo said:
Want full real world webapp simulation? Go play bounties.
Yet another thing that nobody has alluded to. Not only that, but you can teach people web app vulnerabilities beyond LFI/RFI and SQLi (99% of what we see on this platform) without having to write a full-blown, custom CMS or being lazy and tossing up a vulnerable WordPress plugin.
@delo said:
It helps to look at each machine as a jigsaw puzzle rather than just searching software versions and banners looking for edb exploits.
“Everyone who’s complaining is just looking to pop easy shells with public exploits”.
First: Yeah, no. Try again.
Second: There are jigsaw puzzles and then there are jump-through-idiotic-nonsensical-hoops-just-because puzzles. Can you guess which of these two things people in this thread are complaining about?