OSCP Update #2

After a late night session, I just took down Oracle! It was an easy one, but it took some time as I got stuck on working on an exploit that I eventually didn’t use in favour of a different one.

Some thoughts…

  • Don’t only check Exploit-DB, look at Github as well for exploits.
  • Sometimes exploits can only be run once, if you mess up, you have to revert
  • Remember that 4444 won’t always be allowed out of the targets firewall
  • There some issues when running a python script I ‘wget’ from Exploit-DB. Turns out the line breaks were not formatted correctly for Linux. A simple ‘dos2unix’ command fixed this. https://en.wikipedia.org/wiki/Unix2dos
  • Make sure you’re running python scripts using python, not bash!

Days left: 48
Rooted: Oracle, Payday, Hotline, Alice, Bob, Beta, Leftturn, Master, Dotty, Pheonix