Hey everyone, I just wanted to get peoples opinions on doing machines multiple times.
Once you have finished a machine, do you redo it in order to make sure what you have learnt sticks in your brain, or do you have a bit of a break and then come back and redo the machine?
Or maybe you don’t redo a machine, you just move onto the harder ones.
I want peoples experiences on any of the above options and what worked for you and why.
I usually try and own machines once around the time they come out or whenever my schedule allows for it, and then replay them around the time they’re about to retire and document each step for a writeup.
Fully document your first time through a machine. Then review it to look for things you missed, gaps and any way you could have done it better. Revisiting the machine to pull those things will help.
Also revisit to practice post exploitation activities. Did you find everything on the machine? Did you try and exploit additional items off the main path? (i.e. if a machine issues JWT tokens, can you find the secret and use it to successfully forge your own tokens?)
During my first run through the machine I’ll use my writeup structure, but it’s really more of a combination rough draft / notes. Once I gain root I’ll typically redo the box right away as I’m completing the final draft of my writeup.
Once my writeup is finished and published I’ll read a few other writeups on the box (I don’t like to read others before mine is done). Then, if there are different paths I’ll go back to the machine and explore those. So yeah I normally do a machine 2-4 times.
Personally, I run through a box just to root it initially, taking some light notes along the way. After rooting it, I’ll go back and verify each of my steps for future reproduction – this is for a general means of understanding, but also to provide myself with adequate notes for future writeups.