What a busy week it’s been! Until yesterday the course has largely been a review of concepts I already understood (though the review definitely helped), with a few new nuggets of wisdom thrown in for good measure. The only gripe I have so far is that the videos are older than the PDF, and the PDF is a little outdated compared to the course, and certain changes in the lab and the Kali VM weren’t reflected in the course material, which caused a bit of a headache as I tried to piece everything together.
For example, in the part of the course related to OpenVAS, the video and lab guide instructed me to set up the scanner a certain way, but following these instructions actually borked my OpenVAS installation because they didn’t account for some significant changes that had been made to the VM recently. (I learned about those changes in the OffSec Forums, but only after I’d somehow broken OpenVAS and had to look for solutions.) Thankfully, I had a spare VM and was able to get everything set up properly in order to get things working again.
All of that aside, the single biggest problem I’ve been having lately is that I get so excited about what I’m learning that I push through the videos and textbook, only to realize that the course exercises I need to complete required me to document certain steps along the way.
For example, yesterday I went through the section on writing Stack Buffer Overflows for Windows systems. I got so enraptured by the process that I wrote a complete, working Proof of Concept (PoC) before turning back to the textbook and realizing that I needed to go back and show how I finished each step. So I wrote the PoC all over again, documenting every step for my lab report. The downside: I spent all day writing BOF exploits. The upside: repetition reinforces retention. And I discovered that I really enjoy writing exploit code.
I’ve been a hobbyist hacker for nearly twenty years. I learned about buffer overflows back in 2002 from an article in an issue of Phrack entitled Smashing the Stack for Fun and Profit. I’ve been reading about this stuff for ages. But in all that time I considered writing new exploits to be some kind of elite wizardry that I wasn’t yet capable of, something beyond my skills.
I always told myself “I’ll have to learn ASM first, so I can understand what’s going on in all that code.” But ASM also felt like some kind of crazy magic that I couldn’t quite grok. So I never took a step in either direction. Perhaps if I had some of “Michael’s Secret Stuff” I could tackle these challenges…
But it turns out “Michael’s Secret Stuff” was actually tap water, and I had the skills within me the whole time. That’s perhaps one of the most valuable reminders I’ve had this week: You’ll never achieve what you believe to be impossible.
Perhaps that’s what OffSec means by Try Harder. The first step to trying harder is believing that there’s harder to be tried. If you think you’ve tried everything, you’re stuck:
Anyway, there’s plenty more to do, and despite the fact that I’ve still got more than 50 days remaining in my course, I still struggle with the constant feeling of “have I done enough today?” I’m about half-way through the course materials, but I’ve barely touched the live hacking labs. I’m excited to get there, but I don’t want to half-ass my prep work to do so.
Well, I guess I’d better get back to work. Stay tuned for more updates!