OSCP Update #2

After a late night session, I just took down Oracle! It was an easy one, but it took some time as I got stuck on working on an exploit that I eventually didn’t use in favour of a different one.

Some thoughts…

  • Don’t only check Exploit-DB, look at Github as well for exploits.
  • Sometimes exploits can only be run once, if you mess up, you have to revert
  • Remember that 4444 won’t always be allowed out of the targets firewall
  • There some issues when running a python script I ‘wget’ from Exploit-DB. Turns out the line breaks were not formatted correctly for Linux. A simple ‘dos2unix’ command fixed this. https://en.wikipedia.org/wiki/Unix2dos
  • Make sure you’re running python scripts using python, not bash!

Days left: 48
Rooted: Oracle, Payday, Hotline, Alice, Bob, Beta, Leftturn, Master, Dotty, Pheonix

OSCP Update #1

So I renewed my OSCP Lab time for another 90 days, with the goal of spending a lot more time. Well that hasn’t worked out so far, but I’ll keep at it.

Something I learned about the atftp service – the ‘path’ switch doesn’t seem to work, at least not for me. https://linux.die.net/man/8/atftpd according to this page and the OSCP Manual, the following should start the TFTP server with /tftp as the directory.

atftpd –daemon –port 69 /tftp

Anyway, it wasn’t working for me, and I couldn’t figure out why:

until I found a helpful forum post that suggested to check /etc/default/atftpd

I guess that the path flag wasn’t overwriting the default path of /srv/tftp. after changing the path, it worked.


Rooted: alice, bob, payday, hotline, master, dotty, pheonix, beta

Days left: 73


So I have plenty of existing content to upload here. So little time. I’ve began my OSCP journey which is has been taking up all of my free time. I’ve only got a few days of lab time left, after which I’ll have to extend for another 90 days. This time I’ll try and keep more of a journal of my progress. I’ve nearly got Bob, one of the harder targets…

Other than that, my band Aura Animi has two awesome shows coming up. One supporting Alpha Wolf at Hot Damn and another supporting Drowning Atlantis. Head over to our Facebook page for all the info!