Registry was a hard rated Linux machine that was a bit of a journey but a lot of fun for me. The initial foothold was gained by taking advantage of a weak password on a Docker registry which enabled us to download sensitive files, one of which was a private
Sniper was a medium rated Windows machine that relied on a RFI vulnerability to load an attacker-hosted php webshell which could be used to obtain a low privileged shell on the machine. From there, a malicious CHM (Compiled HTML) file was generated to gain full admin privileges. I ended up
Forest was an easy rated Windows machine and was a great opportunity for me to practice attacks I had only read about up until now. The initial foothold was gained by enumerating user accounts then performing an ASREPRoast attack to get a user's hash. The hash was cracked and Evil-WinRM
Postman was an easy rated box which was a short and fun romp. A vulnerability in redis lead to a low privilege shell then a ssh private key with a weak passphrase allowed lateral movement. Finally, password reuse combined with a Webmin exploit was used to get root access. Enumeration
While taking the PWK course, I immersed myself in the student labs for many hours a day just hacking away and learning. After passing the exam and finishing my lab time, there was a big hole in my life that the student labs had occupied. I filled up the space