Persistence - Necessary in Cybersecurity

Today's article is just a story of persistence using my own personal experience. It's a necessary attribute for working in cybersecurity and I'll tell you why.

As some already know, I've been continuing my learning through tryhackme.com. It's a wonderful website for training some cybersecurity skills in both blue team (defense) and red team (offense) tactics. They have adapted a gamified style of learning which makes the topics fun. One of their rooms that I encountered recently is called "Blue", which focuses on a famous computer vulnerability called EternalBlue. If you're already trained in a lot of red team tools and skills, you can probably jump straight into this room. For me, I've been building up through the "Complete Beginner" Pathway that TryHackMe created which doesn't need to be completed in order, but occasionally helps to do so. The "Blue" room is nice because it's a culmination of tools and skills covered in the other rooms of the pathway; metasploit, john-the-ripper, and nmap just to name a few.

As for persistence, persistence is not giving up so easily. The oxford learner's dictionary defines persistence as "the fact of continuing to try to do something despite difficulties, especially when other people are against you and think that you are being annoying or unreasonable". While going through the steps for the "Blue" room on TryHackMe, I kept getting stuck and having to research and try new methods. I probably spent about 2 hours trying to figure out how to get the Eternal Blue exploit to run properly on my computer. That includes having it successfully load into the target machine's reverse shell, only to proceed to the next step which was pushing the reverse shell to the background and having the entire process (including metasploit) get pushed off my screen. After persistently searching, I discovered that certain versions of metasploit didn't catch the SIGSTOP message while others did when trying to background a reverse shell. This was a surprise to me, even after using metasploit for a while, simply because I hadn't to send a reverse shell to the background until that point. Only upon finding a github post about similar experiences did I find my hopeful solution to the issue.

Alas, as I currently have other real life responsibilities to take care of, I wasn't able to complete the exploit tonight. But my persistence will continue to the next day and I will eventually complete the "Blue" room.

Persistence is an attribute that is necessary in cybersecurity. In general, one computer to the next won't always behave exactly the same. My setup is different than yours, and different from your neighbor's. What works for me, may not work for you. And it's the ability to understand the issue, or continue researching until you find what the true issue is, and then find a solution. Attacks may be replicated, but each day is a new adventure and it requires research to discover a better way to protect ourselves.