Just finished up round 2 of my lab time. Re-upping lab time was definitely worth it. I rooted about 20 boxes my first 2-2.5 months of lab access, and rooted another 22 this past month. I also went back and re-exploited machines that I used metasploit & sqlmap on. In total, I rooted 42 machines. All but 3 public boxes, every machine in IT and 1 box in Dev. I scheduled round 3 of the exam for Jan 14th.
I feel more confident going into this attempt, but know boxes will throw me for a loop. I took note of additional enumeration and privesc techniques, hoping to see something similar on the exam. To prepare, I’m summarizing exploit steps used on each lab machine. I organized notes by scanning, foothold & privilege escalation. This also prompted me to modify my initial scanning script, which includes new tools and output. I will review my previous failed exam notes and brainstorm ways to understand the underlying software/version/exploits.
I have 2.5 weeks to prepare for the exam so I’ll be reviewing lab/vulnhub write-ups and practicing basic buffer overflows.