[MEGATHREAD] Beta 1 - Lab 3 Feedback

Hi everyone!

For all the red teamers, use this post to provide feedback on Lab 3 - Advanced Network Exploitation.

We have marked it as a Level: Hard lab. This is one unusual labs that you won’t find anywhere.

Being WiFi as one of the USPs, this lab is jam-packed with server exploitation, pivoting, post exploitation and credential harvesting altogether.

We are proud to share this with you and we promise to keep the quality and level of the labs higher, always!

Use the questions below as a template for your answers. Suggestions/criticism are most welcome as always.


Q1. How long it took for you to complete the lab. From starting the lab to verifying flag
Q2. Do you think it deserves to be called Level: Hard?
Q3. What difficulty you faces in completing the exercise?
Q4. Was the Mission Statement good enough to get you started?
Q5. How much you enjoyed this lab compared to the previous one?
Q6. Suggestions for improvement?

I’d like to kickoff the conversation with the top performing users here.

@mcruz, @privatezero, @narcdawn, @Soaringnemesis, @sarange, @petre.mihai, @jazzyjoey, @mlombana, @selmais, @dragneel2074, @sjwsayshi328

I’ll play the lab when i get home from work, then after completed i will answer all those questions, thanks for all.

1 Like

Tells me that the site is having difficulties.

From what I see, everything is working fine.

Loading:

Lab:

Please share the error you encountered

1 Like

That’s our root domain. For labs you need to go to labs.rootsh3ll.com

Thanks for updating. I’m about to look for the issue now

Q1. How long it took for you to complete the lab. From starting the lab to verifying flag
About an hour and a half of keyboard time. I had some interruptions from life . I re-used creds from previous labs, as suggested, and in less than 5 minutes I was on the pivot machine.

Q2. Do you think it deserves to be called Level: Hard ?
Yes, it should be hard from a “learning the fundamentals” perspective.

Q3. What difficulty you faces in completing the exercise?
I was used to not using Metasploit, so I learned a lot there. The narrow focus of tools is not a bad idea.
The different scanning methods I tried were not getting consistent results for the deep subnet. Not sure why, but trying to get the same information by various routes is a good skill to develop.

Q4. Was the Mission Statement good enough to get you started?
Yes

Q5. How much you enjoyed this lab compared to the previous one?
I like it a lot; I like the complexity. If the labs were to be combined, you could just have multiple possible flags to submit, as the student finds them.

Q6. Suggestions for improvement?
Not at this time…

1 Like