Proving Grounds Quick Tips
This is just going to be a quick sharing on my thoughts of Proving Grounds Practice. If you do not know what it is, Proving Grounds Practice is a subscription service for access to machines, mainly for practicing your Penetration Testing skills. It is recommended by many for OSCP practice, due to the similarity of their machines to the exam (after all from the same author).
There are a few things I want to touch on
Connection
My setup is a Arch Linux Host running a Kali VM. The VPN connection works quite well on this. When I use a Windows Host instead, the connection is more likely to disconnect.
There were some connection issues, like
- Machines only run when you have an active VPN connection. This makes starting
- Machine IP is related to your own VPN connection IP (eg. 192.168.53.55 is the host, while the machine is 192.168.55.109). If they don't match in that way, chances are that you have to reset your VPN connection. I had this issue more than once .
Machines
There are walkthroughs for each machine, but these are limited to 1 per day. You are entitled to 3 hints per day. Offsec doesn't recommend publishing writeups (afterwards, it prevents spoilers). However, Offsec won't take down any writeups which are already published. You can already find writeups online, if you don't want to unnecessarily waste points.
The hints are relatively good, if you want to avoid wasting time being stuck on machines.
Most Practice Machines are good and feel like OSCP machines. Generally you should
- TJNull's List is a good place to start
- I could only do 1 "Try Harder" machine, and read the writeup of MeatHead. That said, after having done the exam, most of the exam difficulty is more like "Get To Work" 20 point machines.
- The community difficulty is usually a better guage of difficulty than the Offsec difficulty (though it is subject to change over time).
- OSCP exam machines (the standalone ones) feel more like "Hard", but that's based on my 1 exam experience.
Tips
There are some important skills that you'll pick up in Proving Grounds.
The most important few are these
- The firewall of the machines may be configured to prevent reverse shell connections to most ports except the application ports.
- Use application port on your attacking machine for reverse shell
admin:admin
,admin:password
,guest:guest
,backup:backup
,<username>:<username>
, default credentials, reused credentials- Google exploits, not just
searchsploit
. Found many exploits this way - If the
ftp
command doesn't work, try passive mode, orpftp
. Same thing for vice versa.
Here are some useful links
- https://www.blakejarvis.com/oscp/oscp-things-to-try-when-stuck
- https://ivanitlearning.wordpress.com/2021/06/02/tips-from-the-pwk-labs-and-pg-practice/
That's it from me!
Overall, Proving Grounds is a solid platform which is very useful for OSCP preparation. I highly recommend anyone preparing for OSCP to get at least a 1 month subscription. I personally used it for 2 months It helped me greatly in my exam prep.