@limelight I'm not sure since for some bizarre reason I'm still stuck on getting a foothold on the first machine... done a shit-ton of enumeration but nothing so far aside from a certain .txt file.
One thing I could think of regarding your issue would be maybe these certain boxes get dynamic IP's from a DHCP server? e.g. maybe it's a client PC. Can't say for sure tho
Did you guys have any issue with wp plugins page? Seems to be broken to me.
"Warning: An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums. (WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.) in /var/www/html/wordpress/wp-admin/includes/plugin-install.php on line 182"
UPDATE: Nevermind... someone restarted the machine and I was able to get in.
I have found the first 2 flags and still working on my initial foothold. I cant seem to get the upload correct for the next step can i DM someone for a more in-depth question?
@m1ddl3w4r3 said:
I have found the first 2 flags and still working on my initial foothold. I cant seem to get the upload correct for the next step can i DM someone for a more in-depth question?
Is there anyone that I can PM to get pointed in the right direction to gaining the entry flag(s)? I'm new to this and I did all the starting point boxes and a few retired machines, but this is different and I just need a nudge in the right direction.
For all interested in this lab, while described as 'Beginner', there are quite a number of dependencies and tech challenges given the network topology. I think it's closer to a medium level lab.
Is there anyone that I can PM to get pointed in the right direction to gaining the entry flag(s)? I'm new to this and I did all the starting point boxes and a few retired machines, but this is different and I just need a nudge in the right direction.
Guys, please, stop overwrite existing public keys in the authorized_keys. When you do echo 'string' > file - it overwrites. Instead, you can use echo 'string' >> file , and it will append. Please, stop doing that. Thank you!
I just finished the entire lab as part of an eval (under a different user - htbahx). You can DM me (limelight) if you get stuck. Please tell me in advance what you have tried.
Guys, please, stop overwrite existing public keys in the authorized_keys. When you do echo 'string' > file - it overwrites. Instead, you can use echo 'string' >> file , and it will append. Please, stop doing that. Thank you!
Hi, wondering if I should sign up for this. I've got my OSCP, sometimes struggle with medium boxes and haven't done anything above medium. Will I be able to get through this lab? It's fine if it's hard work but don't want to waste my money if I don't stand a chance.
Always happy to help, feel free to drop me a PM for spoiler-free nudges
@JonnyGill said:
Hi, wondering if I should sign up for this. I've got my OSCP, sometimes struggle with medium boxes and haven't done anything above medium. Will I be able to get through this lab? It's fine if it's hard work but don't want to waste my money if I don't stand a chance.
If you've got OSCP then it should be fine for your skills, one of the reviews says exactly this, the lab is great to do either before or right after OSCP
I'm slowly doing the lab and I've got to say everything so far is rather simple without being too easy.
But that's just my 2 cents, if you can't spare the money maybe opt for something else
@JonnyGill said:
Hi, wondering if I should sign up for this. I've got my OSCP, sometimes struggle with medium boxes and haven't done anything above medium. Will I be able to get through this lab? It's fine if it's hard work but don't want to waste my money if I don't stand a chance.
If you've got OSCP then it should be fine for your skills, one of the reviews says exactly this, the lab is great to do either before or right after OSCP
I'm slowly doing the lab and I've got to say everything so far is rather simple without being too easy.
But that's just my 2 cents, if you can't spare the money maybe opt for something else
Thanks mate, I can spare it but didn't want to waste it, if that makes sense, and I would like a "network" to get stuck into so perhaps this is a good shout (as long as my car passes its MOT next week)
Always happy to help, feel free to drop me a PM for spoiler-free nudges
@JonnyGill said:
Hi, wondering if I should sign up for this. I've got my OSCP, sometimes struggle with medium boxes and haven't done anything above medium. Will I be able to get through this lab? It's fine if it's hard work but don't want to waste my money if I don't stand a chance.
If you've got OSCP then it should be fine for your skills, one of the reviews says exactly this, the lab is great to do either before or right after OSCP
I'm slowly doing the lab and I've got to say everything so far is rather simple without being too easy.
But that's just my 2 cents, if you can't spare the money maybe opt for something else
Thanks mate, I can spare it but didn't want to waste it, if that makes sense, and I would like a "network" to get stuck into so perhaps this is a good shout (as long as my car passes its MOT next week)
IMO it's worth it, I think it's an all-round well designed lab for a solid pentest.
However my skills (I think) are not yet up to par with OSCP level
@JonnyGill said:
Hi, wondering if I should sign up for this. I've got my OSCP, sometimes struggle with medium boxes and haven't done anything above medium. Will I be able to get through this lab? It's fine if it's hard work but don't want to waste my money if I don't stand a chance.
If you've got OSCP then it should be fine for your skills, one of the reviews says exactly this, the lab is great to do either before or right after OSCP
I'm slowly doing the lab and I've got to say everything so far is rather simple without being too easy.
But that's just my 2 cents, if you can't spare the money maybe opt for something else
Thanks mate, I can spare it but didn't want to waste it, if that makes sense, and I would like a "network" to get stuck into so perhaps this is a good shout (as long as my car passes its MOT next week)
IMO it's worth it, I think it's an all-round well designed lab for a solid pentest.
However my skills (I think) are not yet up to par with OSCP level
Agree, a colleague of mine who runs our OSCP training cohort and I did this lab last week and thoroughly enjoyed it. There are definitely things that are similar to OSCP prep.
I'm having a bit of trouble getting past the first flag. Not sure what im missing. I know which account to target, tried a few things to own it, but no luck so far. would anyone be willing to give a nudge? I'll give respect and return the favor!
I'm having a bit of trouble getting past the first flag. Not sure what im missing. I know which account to target, tried a few things to own it, but no luck so far. would anyone be willing to give a nudge? I'll give respect and return the favor!
@chumb0 said:
Can anyone aid me with elevating the first box?
Comments
I did run into a situation where is looks like certain boxes have changed IPs from my initial scan. Has anyone else run into this?
@limelight I'm not sure since for some bizarre reason I'm still stuck on getting a foothold on the first machine... done a shit-ton of enumeration but nothing so far aside from a certain .txt file.
One thing I could think of regarding your issue would be maybe these certain boxes get dynamic IP's from a DHCP server? e.g. maybe it's a client PC. Can't say for sure tho
I'm also stuck on the foothold, but I haven't seen the machines changing their ip.
Did you guys have any issue with wp plugins page? Seems to be broken to me.
UPDATE: Nevermind... someone restarted the machine and I was able to get in.
I have found the first 2 flags and still working on my initial foothold. I cant seem to get the upload correct for the next step can i DM someone for a more in-depth question?
PM me if you want
Is there anyone that I can PM to get pointed in the right direction to gaining the entry flag(s)? I'm new to this and I did all the starting point boxes and a few retired machines, but this is different and I just need a nudge in the right direction.
Type your comment> @Sennin06p said:
Sure, get in touch with me.
Guys, please, stop overwrite existing public keys in the authorized_keys. When you do echo 'string' > file - it overwrites. Instead, you can use echo 'string' >> file , and it will append. Please, stop doing that. Thank you!
Anyone on NIX02 could give a hand? PM.
I've got the first 4 flags, but have kind of hit a wall. Could use some help, I think the web**n is the next spot, but I have kind of hit a wall.
I just finished the entire lab as part of an eval (under a different user - htbahx). You can DM me (limelight) if you get stuck. Please tell me in advance what you have tried.
Type your comment> @fckth3syst3m said:
And it happened again >:-( Very annoying.
Yep that one was mybad @malmoeb going to quick not paying attention. wont happen again, atleast on my end.
Stuck on 172.16.1.10. Could someone please PM on how I should leverage the L*I vuln?
Hi, wondering if I should sign up for this. I've got my OSCP, sometimes struggle with medium boxes and haven't done anything above medium. Will I be able to get through this lab? It's fine if it's hard work but don't want to waste my money if I don't stand a chance.
Always happy to help, feel free to drop me a PM for spoiler-free nudges
If you've got OSCP then it should be fine for your skills, one of the reviews says exactly this, the lab is great to do either before or right after OSCP
I'm slowly doing the lab and I've got to say everything so far is rather simple without being too easy.
But that's just my 2 cents, if you can't spare the money maybe opt for something else
Type your comment> @GlenRunciter said:
Thanks mate, I can spare it but didn't want to waste it, if that makes sense, and I would like a "network" to get stuck into so perhaps this is a good shout (as long as my car passes its MOT next week)
Always happy to help, feel free to drop me a PM for spoiler-free nudges
IMO it's worth it, I think it's an all-round well designed lab for a solid pentest.
However my skills (I think) are not yet up to par with OSCP level
Hey all! Did someone manage to PE on WS01 (172.16.1.13)? Please DM me
Type your comment> @GlenRunciter said:
Agree, a colleague of mine who runs our OSCP training cohort and I did this lab last week and thoroughly enjoyed it. There are definitely things that are similar to OSCP prep.
Type your comment> @barburon said:
Done
Some can give a nudge regarding initial access on 172.16.1.12? DM me
Type your comment> @barburon said:
Done
I'm having a bit of trouble getting past the first flag. Not sure what im missing. I know which account to target, tried a few things to own it, but no luck so far. would anyone be willing to give a nudge? I'll give respect and return the favor!
Can anyone aid me with elevating the first box?
Type your comment> @lhh4sa said:
You both can feel free to DM me for nudges