Wooo! The lovely emails arrived this morning welcoming me into the PwK course with Offsec! I was pretty excited however I suddenly and completely forgot how to do anything, so that moment of oh shit, what have I done I can’t computer stuff real good was interesting. But I calmed down and got cracking, so I thought Id cram out a quick first impressions, whilst I eat something before disappearing back into the labs.
My PC got so excited about everything it decided to drop a ram stick but I have limped on with a measly 24 GB :). But that got the day off to a bad start. There is a tonne of information in the initial induction emails. My advice to anyone starting. Spend some real time going through it all. I spent a good hour+ or so reading stuff making bookmarks and downloading and organising all the content. The content looks great as well I must say I skimmed through the material and the video content and it all looks top notch. So hats off to Offsec for that. No technical issues on their end at all and I got going pretty smoothly and there was plenty enough info to get everything working, once I had kicked VMware player into life.
I usually use virtual box as it plays a bit nicer with my Linux distro’s, but for a simple life I am using VMware player on my windows partition, everything in the PwK Kali version is working great, I chucked the ram up to the max it could take and got going. I opted to use the official distribution over my usual 64bit, hack the box one. I have all of my tools and scripts mounted from my cloud backup so If I need to get something from a CTF or a tool I have used previously I have it to hand which is good. I didn’t want to have to troubleshoot too many issues with my Distribution on top of getting the material done, so I will stick with the tried and tested one for now.
I have set up all the material on my cloud mount as well, along with all the recon and reports for the boxes I am doing so far. I switch between quite a few different machines and having this all backed up and accessible anywhere is great. As I don’t have to worry about moving things about.
The labs. Wow. They are big. I kind of forgot about that, there is a wave of information to take in at once. I had to blinker myself pretty quickly. I have carried out some broad scans and now I have begun to narrow down what I am looking for and pick off some easy wins. But that initial shock of going from a 1 to 1 environment like HTB or vulnhub to a sprawling network, with a tonne of information and things going on, that was a daunting step and perhaps something I should of prepared for more.
But, I am starting to settle in now. I have one box rooted as of about 10 minutes ago and well on my way with my second. I have also completed pretty detailed notes on these two so far. My plan is to smash out the lab report early and then get going from there. Cherry tree is great and I am glad I got going using that before I started.
Oh, and I have booked my exam… I have a 60 day lab block and figured I would book my exam for the 50 day mark. I should have a pretty good indication of how I am getting on by then. I have come to terms with failing first time perhaps. I think a dry run would be good as a worst case scenario, and would give me an idea of what to expect, with a little buffer of lab time afterwards to work on anything I need to improve. Also for me I work much better with a concrete date in mind. It will make me work a bit harder if I know I have this deadline rather than just seeing how I get on.
Anyway, back on with Day 1 and onto Week 1. I hope to get through as much if not all of the material this week, and try to get through a box a day if possible, though I think that might be a tall order, but hell try harder right!?