da1y

About

Username
da1y
Joined
Visits
688
Last Active
Roles
Member

Comments

  • In the UK, I am not sure it's necessary for clearance but it's possible they may follow US standards, I will look into that. These certs are coupled with 10+ years from sysadmin to lead engineering roles, I have a CCENT/ICND-1 but didn't bother wit…
  • Type your comment> @NostromoLain said: (Quote) Once you find your way in, take your time to explore everything. Don't panic if you can't get into every machine, maybe you don't need to. Buffer overflow you can follow the many guides online, just…
  • The best advice I can give is if you aren't hitting user or root on a box within 2 hours, move on to another box - including the buffer overflow. Easy to keep making the same mistake, go to something else and it might become clearer after, I spent 2…
  • @TazWake - the problem is my work history although very technical doesn't cover CISSP requirements, although I could maybe argue 2 or 3 years of it across a couple of the areas just about. CISSP associate I could go for but it is often CISSP or CEH…
  • @Ryan412 - the amount of blue roles that ask for is it why it is here on CV sift... I guess you haven't looked at any roles recently? Not stating it's right or good that it's on the requirements of most roles, but here (UK at least), it's commonly a…
  • EC-Council are charging me $2000.00, you need to pay for one of the two course types - I am not sure I would pass the experience check they do. I will check out CompTIA.
  • It would be me funding it, from what I can see it's about $2000.00. I am 'experienced', 10+ years in industry, just want to make sure I have both sides of the security spectrum. To be honest. the goal is contracting and what helps in a CV sift - I k…
  • They can reset it totally so you can make a new password if you don't remember what you set, it shouldn't have been the same password as your account.
  • Type your comment> @FlatMarsSociet said: (Quote) Seems backwards, get credit for watching a talk but not for keeping your skills current.
  • Just jump in, if you get 90 days it's definitely enough time as the resources walk you through it, you then practice them on labs.
  • I did the eJPT and eCPPTv2 very recently with pretty much HTB, CyberSecurityChallenge and some other CTFs as my 'cyber' experience... and 10+ years experience in Software/Tech. eCPPTv2 was a really good exam. I did the OSCP exam on Saturday and Sun…
  • I can kind of understand what is being said with regards to OSCP being rookie level as I am part way through it (around 25 boxes down, 41 days of 60 left). The content is basic/simplified, the emphasis is on the labs and using those basics and appl…
  • Is the insect M****s the right way here? I know I can upload but I don't know if this is configured to disk or database. The x*l method doesn't appear to be valid on the version running. So far a really engaging box!
    in Scavenger Comment by da1y August 2019
  • (Quote) Tell me about it. Eyes going square from the insect, feel like i'm missing something but feel like I've tried all the avenues... time for a break!
    in Scavenger Comment by da1y August 2019
  • Type your comment> @Dreadless said: (Quote) I kept doing the Linux enumeration... some of the commands don't directly port over to Windows. :-D
    in Heist Comment by da1y August 2019
  • You can't list running processes?
    in Heist Comment by da1y August 2019
  • Type your comment> @Dreadless said: (Quote) Have a look at the running processes. Something sticks out... maybe it leaves things on disk or maybe you can get something out of it another way.
    in Heist Comment by da1y August 2019
  • If you do standard enumeration you might see something that is running that'll catch your eye.
    in Heist Comment by da1y August 2019
  • Fun box, helped me to get some much needed enumeration practice on Windows :-)
    in Heist Comment by da1y August 2019
  • I used r**c****t for that and manually enumerated after finding some known users, probably not the most elegant way, probably missing a tool that auto does it!
    in Heist Comment by da1y August 2019
  • Ugh... not sure you can blame headaches just on enumeration, it's a bit sneaky beaky and it is a bit of a dance between things you can login to.
    in Luke Comment by da1y July 2019
  • Type your comment> @83114C140 said: (Quote) It says it's not made with VI, maybe it's using something to manage the pages... dig around.
    in Writeup Comment by da1y July 2019
  • The first step is guessing a directory, the box name hints this as does some of the text on the index page. From here you should be able to make some progress (again without dirb).
    in Writeup Comment by da1y July 2019
  • @raven37 - you need to access another service with the decrypted password for the user then get user.txt contents from desktop. Fun box, not sure any need for a WIndows machine on this - managed to do it all from Kali easily.
    in Bastion Comment by da1y July 2019
  • Hey, sorry - I hadn't been getting e-mails as unsubscribed from the forum from questions on boxes. @mrf1sh is the current boss, we have a little club & a slack channel where people congregate - may be worth giving him a shout if still intereste…
    in UK based team? Comment by da1y July 2019
  • Easy to over complicate this one! Once you get the foothold it should be plain sailing... believe what the enumeration tools tell you and understand the basics of checking what you can do with the current user and how you might access the flag with …
    in Swagshop Comment by da1y July 2019
  • I quite liked user, I learned a few new words :-). Root was believable... kinda. Good box.
    in Haystack Comment by da1y July 2019
  • User was a slog, really well put together and somewhat realistic. Once you get your foothold, you may need to alter something you have in front of you to get more... bit vague but it’ll make sense when you do it 😂. Root is kind of simple once you c…
    in Craft Comment by da1y July 2019
  • At same point... tested locally with that portion of code and can get a couple methods working, trying to identify why not on the server.
    in Craft Comment by da1y July 2019
  • Type your comment> @4p0cryph0n said: (Quote) Gold. " do YOURSELF a favor, and shut up. you don't know who you're talking to" then followed by "its a public forum". Make your mind up m8 xDD
Avatar

Howdy, Stranger!

Click here to create an account.