OSCP - My Journey - si20 (Starts 22nd Sept)

MSP-IT

Thanks for the updates.

Although it's not super encouraging to hear, it's nice seeing that I'm not the only one struggling with the material.

KR34

si20 , the exam machines are easier then some machines in the lab , in 60 days i pop only around 15 box , i set for the exam and i was able to root 3 machines but i failed " 50 points only " ;( Then for 3 months i was focusing on my weakens " Exp Dev + Web App " online for free .. then i took 15 days believe me it was different i reached to Dev network only , and that 15 days was including one exam attempt again i failed because in the first 5 hours i root 2 machines then i took long rest like a **** " i hated my self that time" and i got 1 limited shell and my VM crashed . After 1 week again i took 15 days and i passed the exam i root 3 machines and 1 limited shell . after 6 month i took 15 days to sharp my rusty skills - am not enjoying the vulnhub.com or the boot 2 root cds ... the THINC.local is a real network , because am a system admin and till this time did not find any pen-test job ;( so this course is not only about get another certificate to add to your CV .
The exam machines are easy believe me just focus on privilege escalation exploits for both ( Windows & Linux ) . Improve you reporting skills also . Failing the exam is not the end of the world . Currently i am doing " WAPTx " from els , wish you all the best & if you need any help just PM me

si20

That's quite encouraging to hear KR34. I'll certainly keep this thread updated right until the very end!

si20

Ok, so here's the latest. It's pretty much 4am at the time of writing. Been on the OSCP for around 12 hours today. Not popped anything but i've learned some stuff that ISN'T included with the course and it's those little things that make it worth it. I've set myself a target of popping 1 machine per day for the final 14 days of the course. If I could manage this, I think i'll feel much more ready for the exam at the end.

I'm going to be learning more in the coming days, so realistically I may not end up popping 14, but I should have some good knowledge even if I don't pop a machine.

impelse

Those machines that are coming will really make you a good pentest, they are the real ones.

si20

Hey folks, just an update to say: I taken the OSCP exam two days ago. All I can say is that it was gruelling. I found it just as hard, if not harder than the labs. This may be due to the fact that you're given 5 machines to exploit within 24 hours. A long story short, I used 22 hours on the exam....yes, I was awake for around 25 hours overall. I managed to to root 3 boxes, get a limited shell on another and I didn't end up gaining any access to the last one - mainly due to lack of time left along with tiredness.

So with all that being said, i've submitted my report(s) and i'm waiting on a PASS/FAIL email. One thing I have noticed, is that my report, which I typed up yesterday - had a few typos in. This was due to me getting 40 minutes sleep in 36 hours. I really, really hope OffSec wont penalize me for them

Anyway, here's hoping it's a PASS. Then I can have a month or so out before I move onto a new course/cert.

JoJoCal19

Congrats on finishing the exam si20. I hope you're able to get the pass! Would you mind doing a review, even if a mini one? I'm definitely doing the OSCP next year, I'm just trying to decide for sure if I want to pull the trigger on the PTPv3/eCPPT first or go straight to the OSCP.

impelse

it is hard exam, I hope you get the pass, if not, you already know where to improve, you will nail it.

si20

JoJoCal19 - I've just recieved an email to say I passed!! So yes, i'll definitely do a write-up on my blog tonight so you can get a feel for it. It might end up being quite a long review!

Thanks Impelse, your post of encouragement certainly helped big time in the last few weeks

Zoovash

Big Congrats !

JoJoCal19

Congrats!!!! That's a huge accomplishment. Let us know how it affects your employment prospects. Does OffSec have the same recognition in the UK as it does over here in the US?

MrAgent

Congrats man!

si20

Thanks guys I really appreciate it!

JoJo - I'm not 100% sure how the cert is recieved in the US, I'm guessing it's very well regarded?? In the UK, I definitely think it's becomming the one to have security-wise. I have met people with the CEH and they know alot of theory (which is great!) but they have no practical security skills. The OSCP combines a fair bit of theory with excessive amounts of practical work and i've seen quite a few IT Security jobs saying they prefer the candidate to have the OSCP.

I'm going to get to writing my review now, so i'll PM you the link to my blog so you can take a read once it's done

[Deleted User]

Do you feel differently about the certification now that you've passed? I'd be interested in reading your review as well.

si20

Lmalachi, my blog can be found here. I feel like it was a great course. I think it covers a massive amount of material. I just wish I could have studied it over a 6 month period. Even though I passed, I feel like there is a ton of stuff I could still have learned if I could have more time in the labs. I also wish the study guide covered a few more things, but i'm going to put that in my feedback to OffSec. Hope the review is somewhat useful!

impelse

Congrats

YFZblu

Nice work!! I'm about to resurrect my OSCP thread, and get a 30-day extension.

naxdee

congrats

JoJoCal19

si20 wrote: »

Lmalachi, my blog can be found here. I feel like it was a great course. I think it covers a massive amount of material. I just wish I could have studied it over a 6 month period. Even though I passed, I feel like there is a ton of stuff I could still have learned if I could have more time in the labs. I also wish the study guide covered a few more things, but i'm going to put that in my feedback to OffSec. Hope the review is somewhat useful!

The good thing is you have the course PDF so you can further study your weak areas and now with OffSec creating the new hacker playground, you can keep your skills sharp.

[Deleted User]

Thanks for the review! I'm not sure when/if this will ever make it to my radar. I don't know if I'll ever have the time to dedicate three or more hours a day on something like this. I would have to have a serious discussion with the wife before tackling this. I think I am a ways off from being prepared to even think about the exam though. The threads that have popped up in this forum have helped me greatly in determining where my skill level is and what I need to do in order to get to the next level.

H3||scr3am

Congratulations on passing the OSCP I'm interested in it at some point, but not for a while yet I'm sure....

dookdook

Si20...congrats on getting your OSCP!

I've been following a few peopls threads on here regarding the OSCP, and reading other peoples reviews. It's funny seeing how similar a lot of the advise people say on the reviews

I'm hoping to attempt the OSCP in 2015, and if i do, i'll start a similar thread on here.