Haystack was a fun easy box over on HTB. Although perhaps only easy if you were at least aware of the tech stack being used on the machine. The initial path to user is perhaps not realistic but a fun mix of steg and research into elasticsearch in order to get credentials. This if then … Continue reading HTB – Haystack Writeup
EDIT: Got my results! 11th September, took around 12 days to arrive but worth the wait! I passed! Late edit as I was away on holiday. But back to the grind tomorrow, will keep you all posted! Its been around 2 weeks now since I took my exam for OSCP. I still haven't had the … Continue reading Post PwK, now what…
tl;dr - Beat humble, feeling lazy. Ready to get back into the labs, HTB and some useful links. 20 days till exam. When do I start panicking? A Monday post instead today, had a pretty off weekend busy with work and just relaxing a bit. Started the previous week with humble rooted however! That got … Continue reading Week 4. Humble Down.
Week 3 has been a hard one. Not so much due to the course but more down to me. Its been pretty hard to maintain this level of activity in the lab for 3 weeks straight. Working till 11pm most nights and cramming in work as well, started to take its toll a bit. Motivation … Continue reading Week 3. Keep on slogging.
tl;dr - Don't over complicate, Keep it simple stupid. READ, DIGEST and ASSESS EVERYTHING! 36 days till exam, oh crap. What a week. Week one seemed pretty easy compared to this week. It has been hard going, I am up to 21 rooted boxes so far. All material completed and the lab machine write up … Continue reading Week 2. Try Harder.
Week one of the PwK course has flown by! I am up to 9 rooted machines this week with sufference about to be rooted this afternoon! So that will take me up to 10 for this week. Which is ideal, I have been writing them all up and ready to go into my report, so … Continue reading Week 1. Root, read, write, repeat.
So Netmon was a nice little box, not much digging was required for the first flag thats for sure. Nice little exploit of another network / sysadmin web application these seem to always be quite fun and straightforward as they are often designed to execute code on a server. Anyway on with the box! Kicks … Continue reading Netmon