Week 8: The hunt for OSCP

3 minute read

I started with the PWK course to go for my OSCP. This series documents my progress. I hope to give some insight into the brutal proces and examn that goes into obtaining the coveted certificate.

In this post

  • Microsoft Tech Summit
  • Fire breathing unicorns
  • Progress this week

Happy easter everybody!

Microsoft Tech Summit

Last week I visited the Microsoft Tech Summit in Amsterdam. No, even though it is April Fool’s, this is not a joke. I went to learn about the various new developments Microsoft is making in its defensive capabilities.

The Azure Advanced Threat Protection, or Azure ATP, seems like a really great tool for getting insights into threats in Microsoft landscapes. The demos of it were quite good. They demonstrated detection of lateral movement, credential spraying and enumeration techniques.

The downside, as all things Microsoft is that the real good things will come at significant cost. To get the overall insight you need to license your landscape in the E5 tier, which is a premium-premium layer of the licensing bracket. So most companies will not be able to afford it sadly.

The funny thing about it is that during the presentations the question of privacy and datastorage keep popping up. They say that all data in the Integrated Security Graph is anonymized, but even if you do not pay for the product your data from your cloud usage will be incorporated into it. So customers paying for a lower bracked enhance the product for the actual customers that pay for it in the higher licensing bracket. The crowd did not really like this answer.

If you get a chance to visit the summit, please do so. They are great places to learn about techniques available to companies to increase their security posture. The schedule for the rest of 2018 is available here.

I got a chance to visit some sessions by Milad Aslaner, of the Threat Protection group at Microsoft. Their logo is a NinjaCat (🐈🦄🔥). He had some great insights into the Ethical Hacking scene, the development of guards against them and the Advanced Threat Protection stance on pen testing tools (they will be reported in future versions of ATP). He also gave me a nice sticker of NinjaCat. As Apple replaced my screen on the MacBook Pro I was left with a batten top cover, but no more!

NinjaCat

Progress

On twitter I noticed the post of @tarah who points out that I don't have the luxury of full-time study with no other responsibilities. This is true for most of us I would think, making the time planning and scheduling with your family so important.

Due to the conference I did not work on the course the Wednesday evening. I also found myself rather drained on the Thursday as well. Unfocused would be a better word. So I did not do as much work as the previous weeks.

In total I spent 12.5 hours on the course this week. The overall counter now sits at 7647 minutes, that are 127.4 hours.

I actually touched 5 machines, of which one was Alpha. One seems to have a dependency I still have to crack and the last one I touched I actually rooted, but still have to document.

Machine Time
Machine 19 [O] 1:50
Machine 20 0:50
Machine 21 [O] 3:55
Machine 22 [A] 1:40
Machine 23 3:15
Tunnel to IT Network 1:00

You might notice I spent more time on tunneling the IT network. I have it working properly, however the lag is a real killer. So I actually decided to work through the Public network before moving to the IT network, as it will slow progress down quite a lot.

The mandatory weekly graph:

Time spent (minutes) week 8

Next week

The week starts with the easter holiday, so I am expecting to not put an overly abundant time in the course, but Tuesday to Thursday should be fine.

Tags:

Updated: