OSCP - My Journey - si20 (Starts 22nd Sept)

si20

I've pondered over the OSCP since the course was run with Backtrack. I've decided that now is the time. Since i've got my BSc degree, i've done the OSWP course and a networking course to make sure my networking was enough to get by. I've read some pretty scary reviews about the OSCP - everyone agrees that the content is great, but the difficulty is supposed to be high....very high.

Well, I've gone for it anyway. I've worked out that I can put 3-4 hours in MAXIMUM per weekday and around 7-8 hours on a weekend. It's going to be a tough one, but it's now or never. Expect an update on 22nd Sept - and every other day as I give you updates on how i'm doing. As of 1st Sept, I have little pen-testing experience aside from doing the OSWP and a security module at University which consisted of manual exploitation/metasploit. Let's see how I go!

Please stay tuned and support me on this journey

MrAgent

Good luck!

Master Of Puppets

These OSCP threads sure are motivating. Looking forward to it, best of luck!

EngRob

Good luck!.

Hey Master - Are you still planning to start in Q4?

Master Of Puppets

That was the plan but, sadly, I don't see it happening. I really wish I could though. There are projects at work, scheduled for the next four months, all of which I am going to be heavily involved with. I'm very determined to still find time to study and I'm sure I will but it won't be enough for the real deal - starting the course.

Are you planning to start soon too?

si20

Thanks for all the positive messages. Just an update to say that my place of work has changed my shifts from day shift 9am-5:30pm to 7am-7pm, with 4 days on, 4 days off. This 'might' work out better depending on how tired I get during work. I'm going to try and build a plan of exactly when I can/can't work on the OSCP because my situation has literally changed overnight.

si20

Well it looks as if I was wrong by 1 day....the course starts midnight TONIGHT! I should probably be very excited but instead, i'm a bit anxious. I've taken on a CTF with friends from work (security guys) and we were told it'd be a fairly easy CTF... Instead, it has been VERY hard, so it has knocked my confidence.

Either way, i'll continually write updates throughout the 90 days and give you guys an idea of how easy/difficult this thing is. I'm going to put in everything i've got to pass this - if I fail at the end, at least I know I did my best.

NovaHax

The only way you "fail" is if you give up. If its difficult, you may need to extend and you may need to take the test multiple times, but there is no reason you shouldn't be able to attain the goal. Just keep pushing until you get there. That's what the course is all about.

FYI...It took me 90-days plus a 15-day extension to get there. Everyone's mileage varies on this.

si20

Day 1:

As does everyone who signs up for the OSCP, I managed to somehow get the starting time wrong. The OffSec website said 00:00 but actually arrived at 01:00 - thanks British Summer Time!

I received a rather lengthy email which consisted of videos to follow, the main pdf which serves as your source of information and your username and password for the VPN you'll use to connect to the lab. I managed to read 47 pages which were fairly straight forward - but I have learned 2/3 new things already. I'm going to get through as much as I can today and see how I find it.

si20

I apologise to all of those wanting to see my daily progress. I dropped off the radar because:

I work 12 hour shifts and once I get home, I don't work on the OSCP - I only work on the OSCP on my days off. This has severely limited the time I can work on the course. The OSCP is HARD - very hard. The PDF/exercises teach you the basics of the tools. Pen-testing in the lab is tough - just like in the real world. I started off very well. I managed to pop a few machines, get 100 pages into the PDF and that's when I hit the wall.

The OSCP pdf doesn't tell you how to exploit machines as much as it tells you how to use some of the tools. This presents a big problem. You have to learn much of this yourself. Working a full time job and trying to learn how to hack machines is not easy at all. I saw all the threads with people dropping off the OSCP and people missing days and I used to think "I'd never miss a day" or "they're crazy!" but now I fully understand.

Admins aren't always helpful and i've heard the "try harder" motto many times. Other members have suggested that this is a cop out - and it is, to some degree. Having paid hard earned cash for the course, it's often demoralizing to hear people say "try harder" without divuldging even a tiny hint as to what you're doing wrong.

This course is for the hardcore - someone who has ALOT of time free. If you're not a pen-tester, or new to security, you'll want 90 days. I may be wrong, but I highly doubt it's possible to finish this course in 30 days. I've got 40 days left (used 50 days so far) and i've hacked 9 machines out of 54 and reached page 260 of the PDF. You might think that's not great, but I spend between 5-10 hours a day on the course when i'm not in work.

Will update again nearer the end of the course.

NovaHax

si20 wrote: »

This course is for the hardcore - someone who has ALOT of time free. If you're not a pen-tester, or new to security, you'll want 90 days. I may be wrong, but I highly doubt it's possible to finish this course in 30 days. I've got 40 days left (used 50 days so far) and i've hacked 9 machines out of 54 and reached page 260 of the PDF. You might think that's not great, but I spend between 5-10 hours a day on the course when i'm not in work.

That's actually really good progress. And don't feel the need to apologize to anyone. People get so wrapped up with the deadline on this thing and forget to just have fun and enjoy the challenge. And I completely agree with your recommendation about lab time. I always tell people that unless they are not working...do the 90 days...and even with that, be prepared to extend.

BGraves

Sounds like you are learning a lot of neat things, I wish the same could be said about my MSISA! Maybe someday I'll look at the OSCP, seems like it provides a good challenge!

JoJoCal19

Thanks for the update si20. And your response about not being enough of the material to actually teach you what you need, as well as the canned response of "try harder" ties into the thread I started, and really is disappointing. I do want to go for the OSCP , but I almost feel I'd rather go for eLearnSecurity's eCPPT first as you get a lot more for your money. Then I'd probably be able to just get the PWK 30 day and knock out the OSCP.

NovaHax

JoJoCal19 wrote: »

I almost feel I'd rather go for eLearnSecurity's eCPPT first as you get a lot more for your money.

I strongly disagree with you here. There is a reason that OffSec takes the teaching approach that they do. And it has nothing to do with it being inadequate. To be successful in this industry, and specifically in pentesting...you absolutely must be resourceful. You have to be able to figure things out for yourself.

JoJoCal19 wrote: »

Then I'd probably be able to just get the PWK 30 day and knock out the OSCP.

Seriously doubt it...no offense. Do yourself a favor and go for 90 days (regardless of your prior training or experience). It takes 15-20 days to get through the training material.

JoJoCal19

NovaHax wrote: »

I strongly disagree with you here. There is a reason that OffSec takes the teaching approach that they do. And it has nothing to do with it being inadequate. To be successful in this industry, and specifically in pentesting...you absolutely must be resourceful. You have to be able to figure things out for yourself.

When comparing what you get for the money, PTPv2 gives you a ton more, and for less money actually. I find that not only does the PTPv2 course cover everything that the PWK does, it includes a ton more. Regardless of OffSec's teaching approach, I find it a cop out. I understand being resourceful, as I am a very resourceful person, but there is a a difference in not even giving you all of the information and training to be able to minimally complete the course and minimally pop boxes, and not teaching you every which way to alter the approach or method or tool usage to be able to pop the same box in different ways. I understand maybe teaching a person what they need to know to at least get a pass, but push the person to research more to use different attack avenues, to be able to more thoroughly exploit the boxes, to achieve 100% completion. I find it insulting however where I've read on multiple occasions let's say a student is stuck, they reach out for a little hint or idea of maybe where to look next and be told "try harder". Again, I feel that's a cop out.

NovaHax wrote: »

Seriously doubt it...no offense. Do yourself a favor and go for 90 days (regardless of your prior training or experience). It takes 15-20 days to get through the training material.

With everything the PTPv2 course teaches, it goes above and beyond the PWK course, and I feel confident that if I did the PTPv2 course and went straight into the PWK course, I could use the initital exam attempt right away and depending on how far I get, utilize the PWK materials to bridge the gap and complete the exam attempt.

mosunit

si20 wrote: »

I apologise to all of those wanting to see my daily progress. I dropped off the radar because:

I work 12 hour shifts and once I get home, I don't work on the OSCP - I only work on the OSCP on my days off. This has severely limited the time I can work on the course. The OSCP is HARD - very hard. The PDF/exercises teach you the basics of the tools. Pen-testing in the lab is tough - just like in the real world. I started off very well. I managed to pop a few machines, get 100 pages into the PDF and that's when I hit the wall.

The OSCP pdf doesn't tell you how to exploit machines as much as it tells you how to use some of the tools. This presents a big problem. You have to learn much of this yourself. Working a full time job and trying to learn how to hack machines is not easy at all. I saw all the threads with people dropping off the OSCP and people missing days and I used to think "I'd never miss a day" or "they're crazy!" but now I fully understand.

Admins aren't always helpful and i've heard the "try harder" motto many times. Other members have suggested that this is a cop out - and it is, to some degree. Having paid hard earned cash for the course, it's often demoralizing to hear people say "try harder" without divuldging even a tiny hint as to what you're doing wrong.

This course is for the hardcore - someone who has ALOT of time free. If you're not a pen-tester, or new to security, you'll want 90 days. I may be wrong, but I highly doubt it's possible to finish this course in 30 days. I've got 40 days left (used 50 days so far) and i've hacked 9 machines out of 54 and reached page 260 of the PDF. You might think that's not great, but I spend between 5-10 hours a day on the course when i'm not in work.

Will update again nearer the end of the course.

All the best Si20.

I have also enrolled for 90 days lab. Looking at all the reviews, it seems its going to be a hardcore ride. Will have to work hard. Waiting for FUN to begin

BuhRock

I am also doing the OSCP course at the moment. I'm taking it very slow since I just acquired my CCNA and CCNA Security, but now I can put all my attention to this. Anyways, I was told to go through the material first and then start trying to pentest the lab machines. I'm about 100 pages in as well. I'll probably end up using 120-150 days to be honest.

NovaHax

JoJoCal19 wrote: »

When comparing what you get for the money, PTPv2 gives you a ton more, and for less money actually.

I hope my words did not offend you, and once again, I meant no offense. But you are basing all of your assumptions off of reading a syllabus or off of second hand accounts from people who have taken one or the other. Although I have not taken PTPv2, I am one of the few people on here who has taken and completed courses from both OffSec and eLearnSecurity (OSCP and eWPT, respectively). And I assure you that you are comparing apples to oranges. They are both good courses, but OffSec better prepares you for doing actual PenTests and the reason is because the way that the labs are structured.

eLearnSecurity gives you a small sandbox app with a single URL and says..."here's an SQL injection...exploit it."

OffSec gives you a whole network environment and says..."there are some serious problems here...find them and exploit."

The fact is...if and when you ever do a real PenTest...nobody is going to point out what you need to exploit. Nobody is going to hold your hand and show you where to look. You have to figure it out yourself. OffSec gives you all of the knowledge you need and teaches how to use the tools in Kali. And they even gives you examples where they show you step by step (for metasploit, for manual exploitation, for exploit dev, etc...) how to accomplish the tasks. But then there is the lab, where you learn by trial and error, how to actually use those skills.

There is a reason why OSCP carries the reputation it does in this industry...and I assure you, its not because its a sub-par course.

NovaHax

Also, the admins on the OffSec IRC channel are helpful if you approach them the right way. They tell you "try harder" if you just complain to them that you can't pop a box. But if you tell them what you've been trying and demonstrate to them that you have put in significant effort and exhausted all of your ideas/resources, they will generally drop a hint to push you in the right direction.

chopsticks

Thanks NovaHax for the pointers, I shall keep them in mind for future reference when I sign up OSCP courses.

Also, I wonder how's OP's progress so far, I hope things are going well.

JoJoCal19

NovaHax wrote: »

I hope my words did not offend you, and once again, I meant no offense. But you are basing all of your assumptions off of reading a syllabus or off of second hand accounts from people who have taken one or the other. Although I have not taken PTPv2, I am one of the few people on here who has taken and completed courses from both OffSec and eLearnSecurity (OSCP and eWPT, respectively). And I assure you that you are comparing apples to oranges. They are both good courses, but OffSec better prepares you for doing actual PenTests and the reason is because the way that the labs are structured.

eLearnSecurity gives you a small sandbox app with a single URL and says..."here's an SQL injection...exploit it."

OffSec gives you a whole network environment and says..."there are some serious problems here...find them and exploit."

The fact is...if and when you ever do a real PenTest...nobody is going to point out what you need to exploit. Nobody is going to hold your hand and show you where to look. You have to figure it out yourself. OffSec gives you all of the knowledge you need and teaches how to use the tools in Kali. And they even gives you examples where they show you step by step (for metasploit, for manual exploitation, for exploit dev, etc...) how to accomplish the tasks. But then there is the lab, where you learn by trial and error, how to actually use those skills.

There is a reason why OSCP carries the reputation it does in this industry...and I assure you, its not because its a sub-par course.

No offense taken, I hold your input on all things security in high regard. You're right in that I only have my own research based on syllabus, website descriptions and user reviews on the PWK and PTP courses, so it does seem that the PTP course offers more. But I do agree from what I've read and the lab setup that the OffSec lab is true to life and would replicate an actual PT scenario more realistically.

NovaHax wrote: »

Also, the admins on the OffSec IRC channel are helpful if you approach them the right way. They tell you "try harder" if you just complain to them that you can't pop a box. But if you tell them what you've been trying and demonstrate to them that you have put in significant effort and exhausted all of your ideas/resources, they will generally drop a hint to push you in the right direction.

That makes sense and I myself wouldn't reach out for help without being able to list all of the things that I've tried, and the resources I've used for ideas. I can totally see them giving that response if I just stated that I was stuck and seemed like I was looking for an easy way out.

si20

Update:

I'm on my second shift at work tonight (7pm until 7am). I'm not going to be able to work on the OSCP until Monday afternoon at the very earliest. Which basically means one thing. I'm going to HAVE to extend. I really, really didn't want to get into the whole extension thing for various reasons but at this point, i've put in so many hours you wouldn't believe and it seems like a complete waste for me not to extend.

Each machine in the lab is rated in terms of difficulty and i've managed to pop some of the notoriously difficult ones e.g Bob, sean and pedro, so I think if I can get an extension, I should be able to bash out the rest of the machines.

Now my next concern is: Do I get a 60 day or 90 day extension? I cannot afford to re-extend after this. This HAS to be it. I'm thinking 60 days might be possible, but i'll have to go flat-out. 90 days would be a bit more relaxed but i'm obviously paying more for the privilege.

If anyone has done this cert and can advise on extensions, let me know, or if you haven't taken this course but want to give me your 2 cents, then feel free.

chopsticks

si20 wrote: »

Update:

I'm on my second shift at work tonight (7pm until 7am). I'm not going to be able to work on the OSCP until Monday afternoon at the very earliest. Which basically means one thing. I'm going to HAVE to extend. I really, really didn't want to get into the whole extension thing for various reasons but at this point, i've put in so many hours you wouldn't believe and it seems like a complete waste for me not to extend.

Each machine in the lab is rated in terms of difficulty and i've managed to pop some of the notoriously difficult ones e.g Bob, sean and pedro, so I think if I can get an extension, I should be able to bash out the rest of the machines.

Now my next concern is: Do I get a 60 day or 90 day extension? I cannot afford to re-extend after this. This HAS to be it. I'm thinking 60 days might be possible, but i'll have to go flat-out. 90 days would be a bit more relaxed but i'm obviously paying more for the privilege.

If anyone has done this cert and can advise on extensions, let me know, or if you haven't taken this course but want to give me your 2 cents, then feel free.

Did it cross your mind to take some vacation leave for study?

si20

chopsticks wrote: »

Did it cross your mind to take some vacation leave for study?

I'm not 100% sure how it'd work. Say for example my 90 days is up and I take the exam and fail it (which I expect to at this stage). Would I be able to study for a few weeks, then buy a 30 day extension (which includes an exam)?

I'm not sure how OffSec deal with letting you study and letting you buy extensions. I'd seriously consider it if I knew how it all worked.

impelse

I think that the extension is only the lab, the exam is a different price.

si20

An update on the course:

The IRC channel which was a great place to hang out with other students is now enforcing a new policy which doesn't support fellow students discussing machines/attack vectors. This renders the IRC very in-effective because it's against the rules to discuss with other students, plus admins tell you to "try harder". I am now convinced that this approach is part of a money-making scheme. Offsec's material is not sufficient for students to pass the exam on alone, so i'm left wondering if they are expecting people to keep renewing their lab-time which costs money or they really are wanting you to work through this stuff on your own until you end up an elite hacker....I don't know...

I've put hundreds of hours into the course and I can't even get a hint on how to pop a box. I've booked my exam and I don't know how it's going to pan out, but at this point, the "try harder" motto isn't motivating me as much as it seems to motivate others. I've popped 21 machines in 60 days, plus i've nearly completed all of the exercises in the book, so i've clearly been trying hard, i'm no slouch...

I don't know guys. It's almost 3am and i've not slept in 24 hours because i've been working on this. Time for sleep. Catch ya'll soon.

JoJoCal19

Wow that's pretty disappointing to hear. It's kind of interesting there are some people here who feel the PWK material doesn't give you enough to complete the course and then there are others who say it does. There are some here who say they have received no help from the Admins and others who say they have. I have two Sr Security Engineers here at work who are going to start this around January and when I mentioned I was thinking of taking it they said I should start too so we can support each other in case someone gets really stuck. Probably as good of a time to start as any I suppose.

MrAgent

si20: Join our IRC. We will help without giving you the answers.

si20

Another update (28th November).

I've spent the past 4-5 hours on a single box. I've got work in the morning....For those who have been following this thread, yep, you guessed it, 4 days of shift work. I wont be able to get back on this until 3rd December now. I booked my exam for the 20th December (because why not, it was included in the 90 day package) but I am sure i'll fail.

The course has well and truly destroyed me. There were parts where I thought I was getting it, then after tonight, i'm left wondering whether security is for me. I've got until 20th December to pop some more machines. I'm currently on around 23 machines popped and most exercises done (58 days used so far).

If I do fail this, i'll have a break so I can get my brain back into gear before going for it one last time.

impelse

Do not give up, you are passing in this moment the most difficult part that everybody hit and very common with the athletes, you are hitting the wall, as soon you pass it you will say :it was a peace of cake how was possible I was missing it"

si20

With just 16 days left to go, i've managed to pop two more machines which gives me a grand total of 24 machines. I've been speaking to a few other people who have popped around 20-22 machines in 70 days, so for me to pop 24 machines in 74 days makes me feel like i've done as well as I possibly could. I'm going to spend the next 16 days trying to pop more machines and making my notes look presentable.

I've arranged my exam on the same day I finish the course. I'm not expecting to pass it but i've paid for it so I might as well do it. If (when) I fail, i'll be taking a week or so break then extending the course by 60 or 90 days (not decided yet).