Saturday, July 7, 2012

PWB Update

Hey guys,

So its been a while. I apologize for that but between traveling and trying to work on this course I haven't given this blog too much thought until now. So time to make up for all of that.

So the course is actually getting much harder now. At present I now have about 9 hosts left in the student labs, I have one on the IT labs and I have yet to get into the admin or dev networks. Oddly though I did find a host that was dual homed, but it doesn't seem to have a network-secret.txt file anywhere to be found, which is a bit odd; makes me wonder if I got into the Dev networks or not. I only have about 25 days left so its starting to get a bit tight. I always seemt o wonder if I will get into anymore hosts, and then I prove myself wrong.

That being said I have recently had a period where I just felt like giving up. I couldn't see any way of getting into these hosts at all. Again this is where enumeration comes in handy, because yesterday I found that I actually was able to get into one, through the sheer luck of testing a random exploit and finding that it worked. I had overlooked that the website was running a piece of software that was still using a default password and thus allowed me to gain top level privileges on the system.

Anyway I won't be touring as much now, this week i will mostly be in one place.

In other news, if any of you are going to the HOPE conference in New York, please, please leave a comment below. I would love to meet you guys in person and have a chat. I know most of you probably won't be in the area (or the country even) but if you are going it would be a pleasure. Details can be found on the website