Pen-Testing Comps
Monday, 29 January 2024

+ How'd it go?

+ Giving and getting feedback by Wednesday

+ My evolving list of Linux vulnerability types

+ HTB walkthrough #1
- getting started
    - install openvpn on your kali if it's not already there
    - get an account for HTB Labs
    - go to "Starting Point"
    - select "Connect to HTB" and (the first time) download
        an OpenVPN configuration file (it will be called
        starting_point_YOURUSERNAME.ovpn
    - (take a look at "ip a")
    - in a terminal, "sudo openvpn starting_point_YOURUSERNAME.ovpn"
        leave that terminal as is
    - (take another look at "ip a" -- change?)
    - go to the box you want to hack, and click "Spawn"; wait until
        it shows you an IP address
    - note that about half the boxes are "VIP"--you have to have
        a paid subscription to try them

- Starting Point / Tier2 / Oopsie

- Starting Point / Tier2 / Markup
    - just a little piece of this to demo a sudoers vulnerability
    - don't forget to "cat /etc/sudoers" once you have root, to see what's up