On March 2nd, I managed to get into one particular box in the PWK labs using an exploit in MSF. Meterpreter ran and I managed to snag the hash from proof.txt and to dig around a bit more.
Coming back an hour later, the exploit fails and crashes the target service. No amount of reverting returns the host to such a state that the exploit works. Oh frustration, thy name be reproducability! I discussed the situation with help@offsec and they confirm that the host is working as it should, suggesting that I try to improve my network connection by dropping the VPN's MTU a bit.
I can only imagine that the one time the exploit worked, one of the other students had done something to the target that rendered it susceptible. Right then... Back to the drawing board!
View or add comments (curr. 0)
All content, with exception of "borrowed" blogpost images, or unless otherwise indicated, is copyright of Thomas Sluyter. The character Kilala the cat-demon is copyright of Rumiko Takahashi and used here without permission.