Coming together


The last couple of weeks have been pretty busy both in and out of the lab. Right now I am off work - meaning that I have a window between my previous position and my new one. I left the consulting position I was in and will be moving into more of a technical role with a new company. I’ll be working again with a friend of mine who I met back when I was at SDI. The position has a few perks, including being completely remote. The timing with working remote lined right up with my home office upgrade. I think I will be able to finally put all of my office to good use!

New Office

In the lab, things have progressed smoothly. The learning curve continues and the hosts love to set me down a peg every time I feel like I am getting the hang of things. I have identified some of the “friends required” machines but I will be holding off on them for now. I scheduled my first shot at the exam for June 11th. There is no expectation of passing but it will let me know exactly where I am in terms of capability for the exam. I still have 66 days of lab time left, so I will have plenty of time to cover my weak areas before my next attempt. I was planning to take it in early July but the dates didn’t line up well. I was surprised to see how far out you really need to schedule. It was by pure luck I managed to grab the only day that was open in June (at least on my schedule list) for the exam.

Two of the big four have fallen. Pain was a good bit easier than Humble. Which seems odd because everyone seems to note that Humble is the easier one. Different strokes for different folks I suppose! My priviliage escalation skills are also improving. None of my recent hosts have been root drop in, every host has required escalating to root. Once you do it a few times you start to get an idea of what to look for. The most hosts you look at, the more you will see that “sticks out”. There has been a good mix of system services and web application work.

This week will be spent with focusing on what I think are my weak areas now. I’m not worrying about any specific vulnerabilities. I figure there may be a host or two in the lab that have difficult initial shells but the real effort will be on escalation to root. From what I understand, the exam won’t have any client-side exploit or pivots. That is the primary reason that for now, I am leaving those hosts alone in the lab.

Roots: Alice, Mike, Ralph, Phoenix, Kraken, Susie, Alpha, Gamma, Beta, Barry, Kevin, Helpdesk, Bob, Mail, Joe, Pain, Humble, Core.

Updated: