Friday, 3rd May 2024.

Path to OSCP: Days 15 – 20 of 90

Posted on Tuesday, 8th January 2019 by Michael

Part of my Path to OSCP series. I will be documenting my lab time to help others progress through the labs. Giving tips and encouragement along the way. Today I completed days 15 -20 As of now I have compromised 19 machines in the 20 days I been in the lab. I have also started enumerating the IT network. Today we will look at a tool called sqsh for mssql shells as well as upgrading your Linux shell to have full features.

Links from video:

Full shell upgrade:thttps://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/?fbclid=IwAR17NZKkMmyo9XUXJY5n5vXjZuToz3WJHcyX7lww6qDM6SxpqB17mKNz1B0#tldrcheatsheet

Amazon picks of the day:

Web Application Hackers Handbook: https://amzn.to/2VAhUvr
Buffer Overflow Attacks: Detect, Exploit, Prevent: https://amzn.to/2C7TbFM
Kali Linux - An Ethical Hacker's Cookbook: End-to-end penetration testing solutions: https://amzn.to/2ReHZBA

Store:
http:// http://digitaloffensive.com/store -- don't see what you want, use any of the ads to search and purchase.

Social Media Contact:
Twitter: https://twitter.com/genxweb
LinkedIn: https://www.linkedin.com/in/michael-lasalvia-7743732/
YouTube: https://www.youtube.com/user/genxweb

Posted in Uncategorized | Comments (0)

Path to OSCP: Days 11, 12, 13 & 14 in Labs

Posted on Wednesday, 2nd January 2019 by Michael

Part of my Path to OSCP series. I will be documenting my lab time to help others progress through the labs. Giving tips and encouragement along the way. Today I completed days 11, 12, 13 & 14. As of now I have compromised 13 machines in the 14 days I been in the lab (sean, humble, timeclock, Alice, Phoenix, bob, mike, Kevin, sufferance, pain, Suzie, Kraken, Joe ) In this video I also have a few great tips to share for you to add to your arsenal.

Store:
http://digitaloffensive.com/store -- don't see what you want, use any of the ads to search and purchase.

Social Media Contact:
Twitter: https://twitter.com/genxweb
LinkedIn:https://www.linkedin.com/in/michael-lasalvia-7743732/
YouTube: https://www.youtube.com/user/genxweb

Posted in Uncategorized | Comments (0)

Path to OSCP: Days 7,8,9 & 10 out of 90

Posted on Friday, 28th December 2018 by Michael

Part of my Path to OSCP series. I will be documenting my lab time to help others progress through the labs. Giving tips and encouragement along the way. Today I completed days 7,8,9 & 10. As of now I have compromised 7 machines (sean, humble, timeclock, Alice, Phoenix, bob, mike) and unlocked the dev network. I am currently working on sufferance. In this video, I also have a few great tips to share for you to add to your arsenal.

Store:
http://digitaloffensive.com/store -- don't see what you want, use any of the ads to search and purchase.

What did you get for the holidays? Check out some of my new toys for my gear bag!
Sandisk Extreme Pro - USB Flash Drive - 128 GB - Black: https://amzn.to/2RnRKNf
Hak5 Wifi Pineapple Nano & Guide: https://amzn.to/2BBMwTQ
6pcs Practice Training Tools Designed For Professionals And Beginners: https://amzn.to/2VabMcX
AirDrive Keylogger - Hardware USB Keylogger with Wi-Fi and 16MB memory: https://amzn.to/2BDHvu8
Hacker Playbook 3: Practical guide to penetration testing: https://amzn.to/2GzSzy6

Social Media Contact:
Twitter: https://twitter.com/genxweb
LinkedIn: https://www.linkedin.com/in/michael-l…
YouTube: https://www.youtube.com/user/genxweb

Posted in Uncategorized | Comments (0)

Path to OSCP: Days 4, 5 & 6 of 90. Merry Christmas

Posted on Tuesday, 25th December 2018 by Michael

Part of my Path to OSCP series. I will be documenting my lab time to help others progress through the labs. Giving tips and encouragement along the way. Today I completed days 4, 5 & 6 in the lab as well as celebrating Christmas. Today is just a quick recap during the holidays. As of today, I have compromised 4 machines in the lab, with one of them being one of the top 3.

Store:
http://digitaloffensive.com/store -- don't see what you want, use any of the ads to search and purchase.

What did you get for the holidays? Check out some of my new toys for my gear bag!
Sandisk Extreme Pro - USB Flash Drive - 128 GB - Black: https://amzn.to/2RnRKNf
Hak5 Wifi Pineapple Nano & Guide: https://amzn.to/2BBMwTQ
6pcs Practice Training Tools Designed For Professionals And Beginners: https://amzn.to/2VabMcX
AirDrive Keylogger - Hardware USB Keylogger with Wi-Fi and 16MB memory: https://amzn.to/2BDHvu8
Hacker Playbook 3: Practical guide to penetration testing: https://amzn.to/2GzSzy6

Social Media Contact:
Twitter: https://twitter.com/genxweb
LinkedIn: https://www.linkedin.com/in/michael-l…
YouTube: https://www.youtube.com/user/genxweb

Posted in Uncategorized | Comments (0)

Path to OSCP: Day 3 of 90

Posted on Saturday, 22nd December 2018 by Michael

Part of my Path to OSCP series. I will be documenting my lab time to help others progress through the labs. Giving tips and encouragement along the way. Today I completed day 3 in the lab and part way through day 4. Today I talk about the importance of stepping away from the keyboard and getting some rest. Also reviewing how to get support and help.

Store:
http://digitaloffensive.com/store -- don't see what you want, use any of the ads to search and purchase.

Suggested Material:
Hacker Playbook 3: Practical guide to penetration testing: https://amzn.to/2GzSzy6
Hak5 Wifi Pineapple Nano & Guide: https://amzn.to/2BBMwTQ

Social Media Contact:
Twitter: https://twitter.com/genxweb
LinkedIn: https://www.linkedin.com/in/michael-l…
YouTube: https://www.youtube.com/user/genxweb

Posted in Uncategorized | Comments (0)

Path to OSCP Day 2 of 90

Posted on Friday, 21st December 2018 by Michael

Part of my Path to OSCP series. I will be documenting my lab time to help others progress through the labs. Giving tips and encouragement along the way. Today I completed day 2 in the lab and part way through day 3. Please note in this video I make some hard truths and things to think about before you jump into this. This is not to dissuade you or to be harsh to people. It is a reality we all need to think about and find ways to overcome as we all learn differently.

Store:
http:// http://digitaloffensive.com/store -- don't see what you want, use any of the ads to search and purchase.

Suggested Material:
Hacker Playbook 3: Practical guide to penetration testing: https://amzn.to/2GzSzy6
Hak5 Wifi Pineapple Nano & Guide: https://amzn.to/2BBMwTQ

Scripts:

MSF:
------
#!/bin/bash

stat=`service postgresql status | grep Active | awk -F"(" {'print $2'} | awk -F")" {'print $1'}`

sleep 30
if [ "$stat" = "exited" ]
	then
		echo "Postgresql is running ...."
		echo "Starting Metasploit....."
		msfconsole -q
elif [ "$stat" = "dead" ]
	then 
	echo "Starting Postgresql...."	
	service postgresql start
	echo "Starting Metasploit....."
        msfconsole -q
fi

Burp:
-----
#!/bin/bash
java -Djsse.enableSNIExtension=false -jar /usr/bin/burpsuite

Win 7:
-------
#!/bin/bash
rdesktop -u offsec -p password IP_ADDRESS

Suggested Material:
Hacker Playbook 3: Practical guide to penetration testing: https://amzn.to/2GzSzy6
Hak5 Wifi Pineapple Nano & Guide: https://amzn.to/2BBMwTQ

Social Media Contact:
Twitter: https://twitter.com/genxweb
LinkedIn: https://www.linkedin.com/in/michael-l…
YouTube: https://www.youtube.com/user/genxweb

Posted in Uncategorized | Comments (0)

Path to OSCP: Day 1 of 90

Posted on Thursday, 20th December 2018 by Michael

Today is technically day 2, however in this video I recap day 1 progress with some insight with day two. Some great pointers and gotchas already. Check the video for mote info.

Store:
http://digitaloffensive.com/store -- don't see what you want, use any of the ads to search and purchase.

Suggested Material:
Hacker Playbook 3: Practical guide to penetration testing: https://amzn.to/2GzSzy6
Hak5 Wifi Pineapple Nano & Guide: https://amzn.to/2BBMwTQ

Social Media Contact:
Twitter: https://twitter.com/genxweb
LinkedIn: https://www.linkedin.com/in/michael-lasalvia-7743732
YouTube: https://www.youtube.com/user/genxweb

Posted in Uncategorized | Comments (0)

Path to OSCP: Back in the Labs

Posted on Wednesday, 19th December 2018 by Michael

That is right I have finally renewed my lab time and I am back in it. It has been a long time coming and finally, the cards are starting to align to give it another shot. Check the video out for more information!

Reference Material and Swag:

Web Application Hacker Handbook: https://amzn.to/2DOotEJ
Red Team: How to succeed by thinking like the enemy: https://amzn.to/2DxB9yY
Red Team Field Manual (ON SALE): https://amzn.to/2KkxQwC -- must have for any tester
Kali Hoodie (Great holiday present): https://amzn.to/2DzxuAB

Social Media Contact:
Twitter: https://twitter.com/genxweb
LinkedIn: https://www.linkedin.com/in/michael-lasalvia-7743732/
YouTube: https://www.youtube.com/user/genxweb

Posted in Uncategorized | Comments (0)

Path to OSCP: HTB Active Walk Through

Posted on Sunday, 9th December 2018 by Michael

Today we look at Active from Hack the Box (HTB). Active is a Active directory server that due to improper controls is hackable to get Administrator access. First, we will look at initial enumeration to gain access vis a null session to a sensitive readable file that contains account credentials (Groups.xml). We will then decrypt the password and remap the Users share as a valid user to gain the user.txt. From there, we can use that user account to further enumerate by looking at Kerbros and the SPN's to gain Administrator. Come along for the journey.

Books and other tools for Active Directory Security / Hacking:

Links to resources:

Social Media:

Posted in Uncategorized | Comments (0)

Path to OSCP: Free RTFM (Red Team Field Manual Giveaway)

Posted on Wednesday, 5th December 2018 by Michael

Here is a chance for a free copy of the RTFM (Red Team Field Manual) as a thank you to my subscribers:

Posted in OSCP | Comments (1)

About Consulting Store