eLearnSecurity Junior Penetration Tester Results

      I have finished my exam and passed will write a spoiler-free guide today.

eJPT Exam

      I am about to start my eJPT certification. I will write about it after it is complete and I pass.

Bruteforce and Password Cracking

 I will be starting to start developing reports. This will be without pictures, proof of concept, for now to make sure my writing is getting better. The methodology I will be using is from eLearnSecurity which is: 

1. Engagement

2.Information Gathering

3. Footprinting & Scanning

4. Vulnerability Assessment

5. Reporting

Note: This is from a lab. I will be using Kali Linux, if you want to know the version look below.

grep VERSION /etc/os-release <enter> search the OS version in the specified file

VERSION="2020.3"

VERSION_ID="2020.3"

VERSION_CODENAME="kali-rolling"

1. Engagement

I am going to VPN into the network. During this step, I will get information for the IP address that I will be going for. I will get a contract signed for the IP address that I will be knowing the rules of engagement. Since this is a VPN machine that I will be attacking I will be downloading the VPN filename. 

cd Downloads <enter> to change to Downloads directory

ls <enter> list the files and folders in the directory I am in. I like to use the flags lash to get a long list of all files, folders, and hidden files, the size of the file, and finally have it human-readable. 

sudo openvpn (filename) <enter> I wait until I see (Initialization Sequence Completed) to know that I am connected to the VPN.

2.Information Gathering

With gathering information and knowing that we are on the network. I will start with Network Config.

ip addr <enter> I will look for tap 0 inet

3. Footprinting & Scanning

I will use nmap and will have to use sudo to properly execute. I will find the ports that are opened. I check for telnet and ssh credentials using hydra. If you cant use rockyou-10.txt, remember to verify where it is. Now it is located at: /usr/share/SecLists/Passwords/Leaked-Databases/rockyou-10.txt 

4. Vulnerability Assessment

I've gotten root's user and pass from hydra. I then SCP into my local directory users and pass.

sudo unshadow passwd shadow >  Brute <enter> put the hash of the two files into one file named Brute

cat to Brute <enter> displays the Brute file

sudo john Brute <enter> crack the hashes of filename Brute with john

ex.) asd (Larry)  {the parenthesis is the user}

      pass (user)

5. Reporting

The tools I used are as follows:

Kali Linux

Command Line: telnet, ssh, scp

nmap

hydra

john

If you want to learn more or want more in-depth report, leave a comment. I purposely left out the CLI for nmap, hydra, loggin in to telnet, scp, and ssh.

Monday October 12, 2020

      I am steadily learning by doing labs on E-LearnSecurity. I am planning on taking the eJPT and passing it before November 1, 2020. I have completed some of the labs, and look forward to completing the final six so I can go find another certificate to conquer. I have been learning about Sqli, cross-site scripting, gobuster, and nmap to name a few. I am still contemplating on OSCP or PTP, I have more research still to do.

October 2, 2020 Update

 It feels like a long time since I have been on here. What have I been up to? I have not discarded this blog. I have finished my college course of Cultural Diversity, and now I am going to be in Introduction to Networking. I believe to be an eternal student, meaning always learning. As of now and in the past 3 weeks, i have been studying for Elearn Security's Junior Penetration Tester Student. I am doing this first to gain more knowledge and have structure than just going down a rabbit hole. As most know, when studying something new it is best practice to get in a course to keep your mind engage and a higher chance of learning on a clear path. If you have the money and people say that that any certification is not worth it, I beg to differ. Certificates in the long run helps you retain information better. Just think the week before your job interview, you cram to make sure that you knew everything that was on the job ad. Getting a certificate is the same thing, you strive to learn as much as you can. Even if you unfortunately failed a certificate, you are smarter and show that you are willing to learn. It shows your deficiencies, and help you try to increase it to the point of passing. If you are unsure if you are ready to take a course, I say study for it and see. It's better to attempt anything, than to not attempt anything at all. Make sure to push yourself and get out of your comfort zone, you might just like it. I will be attempting taking the exam by the end of the month. Biggest problem that I am contemplating OSCP or ECPPT. I just got to do more research. I will try to post at least weekly.