OSCP Journey Part 11
Day: -6 PDF: 100 Videos: 100% Boxes: 10 Networks:1
Well less that a week until my exam and I’m not feeling confident. I was hoping for at least 20 boxes owned but the rabbit holes owned me.
I’ve signed up for the proctored exam, meaning someone will be watching me via a webcam for the duration of the exam. Bad news for them, I can only hack when naked.
I just haven’t put the time required to pass the exam in so failure is inevitable. This is okay I’ve still learned a lot. I’ve signed up for another 3 months labs which I’ll start in a few months + I’ll use the credits for being on the pilot to pay for more exam resits. I’ll take a break from OSCP for a while and concentrate on HTB actually looking forward to that!
Privilege escalation is my weak area. I’ve decided to list all the ways I know of to PE. Let me know if you know any more.
LINUX
Kernel exploits
Badly configured cron jobs
Exploiting services which are running as root
Exploiting suid executables
Exploiting sudo rights/user exploiting users with ‘.’ in their path.
WINDOWS
Kernel Exploits
Unquoted Service Paths
Insecure Service Permissions
Insecure File/Folder Permissions
AlwaysInstallElevated
Privilege Escalation using Task Scheduler
DLL Hijacking
Stored Credentials
So the final push to the finish line is underway wish me luck.