Virtual Hacking Labs Review
Introduction
I decided to sign up for Virtual Hacking Labs after failing the OSCP exam for the first time. That’s when I started looking for new platforms to practice, and after a long research VHL seemed to be one of the best options and I am grateful I signed up for this as this was definitely one of the reasons I was able to pass my OSCP exam later on.
The platform provides you with very detailed course material which you can refer to when completing the machines in the lab and it covers all the main phases of a penetration test such as information gathering, exploitation, post exploitation and privilege escalation, with a few practical examples as well. In all honesty I skipped most of this and I focused on the salient parts as it seemed redundant after having already done the entirety of the PWK material and exercises provided by Offensive Security, but the content is definitely valid and is especially useful when going through the lab Machines.
The boxes in the labs are divided in three difficulty levels:
- Beginner
- Advanced
- Advanced+
There is a handy progress panel where you can track the progress of both the course material and the labs. As you complete sections of the course or boxes in the lab, your progress will be updated accordingly.
Pros
- The subscription costs about 40 dollars a month which isn’t too cheap in and of itself, but in my case I was planning to only subscribe for a month so it was definitely bang for your buck.
- Quite lengthy course material, but organised in a manner which made it very easy to find what you are looking, thanks to the VHL web platform, and as opposed to having a 800 page PDF document.
- Access to a virtual lab with 40+ hosts to practice your penetration testing skills, which isn’t shared with other students unlike the PWK labs.
- The platform provides you with the “VHL Certificate of Completion” after successfully compromising at least 20 lab machines (Beginner or Advanced), and the “VHL Advanced+ Certificate of Completion” after successfully compromising at least 10 Advanced+ machines. You have to provide proof of compromise and for the Advanced + you have to exploit at least two vulnerabilities without using any automated tools or publicly available scripts).
- Handy hints provided for beginner and intermediate machines, which often point you to a specific section of the course material rather than giving you a straight answer, which helps you develop the mindset required for penetration testing.
- Ability to boot multiple machines at ones, which can speed up the process by enumerating multiple machines at the same time and help you mimic an exam-like or real-life environment.
- Some boxes aim to teach you how major software have had critical issues in the past such as Apache Struts, Drupal Geddon and others, and how the underlying framework can often be your target.
- There is an official Discord channel you can join to discuss the lab machines with other students and exchange tips/ideas.
Cons
- Lack of privilege escalation vectors – you are expected to use kernel exploits for a lot of boxes and others have very trivial vectors, there were a couple of interesting ones but apart from them it was pretty unimpressive overall.
- Lack of Windows machines – I don’t think there were nearly enough compared to the PWK labs, especially when it comes to post exploitation which can often be overwhelming for many Linux users.
- I personally think hard boxes should have hints, as these are where you are most likely to be stuck, maybe implementing a timer on the hints like the Proving Grounds platform does.
- No buffer overflow practice machines – this isn’t a big issue as there is already plenty of practice material and boxes online that cover this topic, but it would be one of the things this platform needs to be complete.
- The page where you reset boxes is separate to the one where you mark them as complete, which can be a little annoying as you need to keep going back and forth, it’d be great if it was all in one dashboard.
- Marking boxes as complete does not require you to enter the user or root flag, so theoretically you can mark all boxes as complete without having done any of them. I’d think this would be a fairly easy functionality to implement so I’m not exactly sure why it wasn’t included.
Despite the few issues listed above none of them were deal breakers and they can all be fixed/changed, and I believe once they are VHL would be the best place for OSCP practice.
Conclusion
I was able to complete all of the available boxes apart from two in about 3 weeks studying about 4-6 hours a day every day. I really enjoyed the experience with this platform overall and I would definitely recommend it to anyone preparing for the OSCP certification exam.