The Pen-200 is the prerequisite course for the OSCP exam. As such, the writeups for the labs are incredibly difficult to find. As someone who has relied heavily on the accessibility of HTB walkthroughs, I’ve never been in an environment where I wasn’t one Google search away from figuring out the next step in solving a box. Needless to say, 0xdf couldn’t help me much with the Pen-200 labs.
The Pen-200 labs were a struggle not because I was incompetent, but because I didn’t have enough practice reaching dead ends. I didn’t spend enough time in rabbit holes, therefore I wouldn’t realize when I was in one. I didn’t know how to search for details that I might have missed on my first look. When trying to solve a box, I learned that sometimes the vulnerability could be found just by Googling a word that I was not entirely familiar with on thenmap
scan.
My journey began with referencing writeups on HTB, but when I no longer could, I learned how to use cheatsheets on the internet. Some of my most notable mentions are HackTricks and Kashz Jewels. When I found an open port, I would ensure that I went through every enumeration step that I found on these cheat sheets. It was still a slight crutch, but it did allow me to develop methodologies that I wasn’t getting by relying solely on writeups.
Eventually, thoroughly enumerating the services became second nature and I became better at quickly identifying vulnerabilities in the virtual machines. I learned to search for CVEs for any software that I found running and I learned to do more thorough experimentation with user input fields and query parameters. I learned how to troubleshoot the errors that I was getting on my system when trying to run an exploit.
I am feeling very confident in my abilities to hack into the lab systems and am beginning to look towards something more challenging such as Proving Grounds in preparation for the OSCP.
Key Takeaways
This process of feeling helpless with gradual progress towards becoming self-reliant and resourceful has taught me an important lesson about cybersecurity which is this: methodology is key. Methodology might be the single largest difference in my pen-testing abilities before and after the Pen-200. I learned how to consistently find vulnerabilities and how to reliably exploit them. And methodology is best developed through repetition and exposing yourself to a variety of different machines. Each one requires a slightly different approach which creates a more complete methodology.
In addition, note-taking is powerful. Taking frequent screenshots and saving the output of scans into a file will save time when wanting to look back at scan results and it will allow for further refinement of your methodology.