h3ll0_w0rld.py

So, there’s this penetration test laboratory which I received access when I attended the CEH course. You have access to a task list with the targets, each target has its own page providing the machine’s IP address, a tip not very helpful in most cases and the flag location. It’s similar to a few other sites around the web.

When I started, it had around 45 machines available with a few more going live while I was climbing the scoreboard. If I’m not mistaken there are 54 machines now. It was a journey for me to complete it with a lot of discoveries. Now I’m eager for new machines to be added there.

I took it as a preparation to the PWK/OSCP course which I intend to take. This whole lab took me around 60 days, the same time I was aiming for the Offensive Security course. Such a hands on experience gave me a lot to practice and learn, subjects to research and a handful of notes which I intend to use this blog to share.

Disclaimer
I already had an idea of what I was getting into but this is a huge area, a path which I barely started so, by all means I’m no expert. And I don’t like the idea of being a jack of all trades, master of none either. Within my findings there’s a lot of google searching and code excerpts used from here and there. The more I learn, the more I think I’m not far from getting to script kiddie level. True hacking is a long way ahead.

Almost every successful step done to get the flag content was documented. Some steps are so repetitive I have simply abandoned commenting on the later machines (so I’ll give them a double-check before posting any here). Sometimes getting the flag meant simply using some metasploit script and read the required file. It’s direct but doesn’t teach very much.

This lab is a controlled environment which I have permission to use, there was no need to worry about bandwidth usage or noise in the network. Some commands may not seem refined enough for the more experienced. Suggestions are welcome.