Learning Process, Trying Harder

I have been working on pentesting for a little over a year now but have been going really hard for the past 5-6 weeks. I have ~5 years working in IT (lots of linux, web hosting, etc).

I feel like a tool reading walkthroughs on retired machines but I feel like it’s the only way I am going to really get the feel/flow of working on machines as well as recognizing potential vulns, etc.

Without formal education is that really the best way to learn? I make myself try to the point of serious frustration, but I don’t see the need for being pissed/lost for 2 days when I can glance at a walk, learn something, and move on.

What’s your method?

Hello
to answer your question and I am no expert by any mean
reading walkthroughs is a good way to learn if you redo the steps your self and understand the process beside don’t take it too hard CTF like machines are hard not liek a real pentest.
about proper education you can always go do some certs which is needed in the industry anyway but don’t feel down because you could not solve a challenge just keep going and learn and never expect results in one day learning is process my friend enjoy the journey till you get it’s fruits and beside compare your knowledge now to 1 year ago not same right?
now here some advice
1- if you read a walkthrough do the machine again understand the pieces and makes your own notes on the things you learned

2- when you are doing a machine that has no walkthrough you will get frustrated maybe stand up leave it for that day try tomorrow or later

3- Discuss things with people and I don’t mean spoil or get spoilers but discussing stuff makes it more fun enjoyable and can open your eyes to things you did not pay attention to or expect

4-I will sound like wise-ass but here it is practice practice practice because that is only way that you will imprint knowledge to your brain

When I’m reading walkthroughs(which is rare), I try to find another way to get in or whatever. I first read the basic idea and think of other ideas to exploit the service or what it could be. Sometimes I don’t find anything so I just give up about it and read the whole walkthrough and trying to understand what the commands that are given actually do.
I usually go for active machines and try to find a way in without any hints (for the first hours), if it is going hard for me, I read the hints here. I do that because I get a good feel doing it on my own, even though it takes me hours (somedays it takes me days). I also forget the way I completed the machines after weeks passing by, so I make my own walkthroughs. Maybe you should make your own walkthroughs, maybe only for you or if you want, publish them for everyone. It takes days and a lot of time, but totally worth the feeling of getting it on your own. I’m not good at it, you can say I’m a noob but at the end of the day, we’re doing it because it is fun for us and interesting for us, each one got his own way.

Hey, thanks to both of you for your thoughts. It’s really helpful to get a look into others processes. I love the diy education approach that comes with penetration testing but sometimes I start to feel like I am way off in the weeds. However, I think I am on track…this stuff is just not easy (but that’s part of what makes it fun).

Thanks again for taking the time to share your thoughts!!

In the same boat actually. I generally like to read the walkthrough and taking a look at Ippsec’s videos if available, and then forget about it for a few days and then do it by myself, while checking if there are other ways to get users/root.

I get a series of 2 or 3 retired machines done, then practice on 1 or 2 active machines for a while ; getting practical with what I learned feels pretty good. When I’m taking too long (like a few days), I hit the forums, try harder, and only then do I ask for subtle nudges.

The 2 active ones I’m on right now have been kicking my butt, though, so I know it’s probably time to hit the retired boxes and learn more :slight_smile:

Cool post, would love to hear how others organize their learning process !

I have done ~15 retired machines in the past month and a half (plus a few active machines) and feel like I learned an absolute shit-ton by reading the official writeups, watcing ippsec, researching the vulns and techniques described and then going in and trying it on my own …even just procedural stuff w/learning how to use metasploit better, everything.

But, yeah, the active boxes have a rrreal good knack for putting you back in your place. :slight_smile:

Hoping to take PWK within the year (and 60-90days later sit for the oscp), gonna try to get as ready for that as I can!

thanks for sharing your thoughts!!

Also in the same boat. Reading the walk through, watching Ippsec and a few other like LiveOverFlow and then working through the retired machines myself has taught me a bunch. It has also taught me that it is ok to struggle on something I’ve never done.

Type your comment> @zer0trip said:

Also in the same boat. Reading the walk through, watching Ippsec and a few other like LiveOverFlow and then working through the retired machines myself has taught me a bunch. It has also taught me that it is ok to struggle on something I’ve never done.

The struggle is real…but also seems like when I end up learning a ton of stuff. cheers!