Fork me on GitHub

Virtual Hacking Labs

Introduction

I came across the Virtual Hacking Labs (VHL) during a break between failed Offensive Security Certified Professional (OSCP) Certification exams. It was shortly after my second failed attempt that another user on the same OSCP Discord server I was on had mentioned Virtual Hacking Labs.

Determined to pass on my third exam and desperately needing some practice on my weak area of Privilege Escalation, I decided to give VHL an attempt. I spoke with Discord user whoisflynn#1893 whom reassured me that the hosts were fairly similar to the OSCP labs. There were even some that were on par with what an OSCP exam host would be like.

At this point I had already scheduled my third OSCP exam attempt. I reviewed the costs and what VHL had to offer while at work and immediately put the purchase in for lab time.

I had purchased 30 days of lab access for $100 USD. This was with 25 days left until my next exam attempt so I needed to make up for lost time. At a minimum I spent about 5 hours a day working on hosts when I was able to do so.

Upon purchasing lab access to Virtual Hacking Labs they were offering 41 hosts in their labs with 1 of them being a practice metasploitable server. In addition to the 41 labs, VHL provides training materials that are made easy to understand even more so than the OSCP materials.

Working the Labs

For the OSCP Labs and Exam I was using a CherryTree template for note taking. The template can be found here: https://411hall.github.io/OSCP-Preparation/

For VHL I decided to use a website known as Penetration Testing Workshop ( https://pentest.ws/) to insert my notes for each host. It’s a fairly decent web framework that has a free and paid version available. I purchased the upgraded features but anyone can get away with the free version.

PenTest WorkShop VHL Dashboard

Once my lab access for VHL was setup and the timer started, a student is present with reading materials, PDFs, and VMs for various pentesting distros. Additionally, VHL provides a dashboard that tracks a students progress viewing their reading materials as well as hosts they’ve completed.

VHL provides a Certificate of Completion and an “advanced” Certification of Completion for their Advanced+ hosts.

I was determined to get both certifications which requires obtaining root on 32 of the 40 hosts. The metasploitable practice host does not count towards the Certificates of Completion. There are some caveats and requirements to obtain each certificate that are listed in their course materials.

The student dashboard allows for restarting a host and it also has hints for the Beginner and Advanced hosts. Advanced+ hosts do not have any hints as they are considered to be a challenge.

VHL does not currently have any forums or official space to ask questions about hosts. I only had the hints they provided a Discord sever that whoisflynn invited me to. Here is an invite to the Discord server: https://discord.gg/JWGHv2 (Should be permanent / perpetual)

A majority of the VHL servers are Linux based due to licensing restrictions for Microsoft Windows. VHL also provided one Android device which was fun to get some experience with.

I should note most of their Linux servers are vulnerable to some DirtyCow variant. That being said it is NOT the intended method for the hosts except for 2 of them. If you decide to use DirtyCow on all of the hosts you will probably not obtain your Certificate of Completion and won’t learn anything.

Some of the tips the VHL admins provide on the dashboard are just enough to steer you in the proper direction. The hints also refer back to the course materials they provide and what you should consider re-reading.

Conclusion

Practicing my Privilege Escalations in Virtual Hacking Labs was incredibly helpful as it provided other hosts that are similar to OSCP. In the end I passed my OSCP Certification on the third attempt.

I also obtained my Virtual Hacking Labs Certificate of Completion. Unfortunately, I did not obtain my Virtual hacking Labs+ Certificate of Completion due to missing requirements. I did not feel paying thee $50 USD for 1 week of access to go back and redo 2 of my hosts was worth it.

Virtual Hacking Labs sent me my Certificate of Completion via email. They do not belong to YourAcclaim at this point in time. They are looking to get their certificates registered based on an email discussion I had with their admins.

Certificate of Completion