Another OSCP Journey

ramrunner800

I've not worked on master yet, but it sounds like a hint at a misconfiguration to me.

MrAgent

Just an update.
I am finally getting around to taking the OSCP exam on Saturday (Jan 31). I don't know if I am prepared or not.
Ive managed to pop all but a few of the student servers, and a few in the IT network.
I was also successful in popping pain and sufference. So we will see.

Killj0y

Good luck MrAgent! You will do fine. Just have your music and snacks ready.

EngRob

Good luck!! Let us know how you get on

JoJoCal19

Good luck!

NovaHax

Good luck

Itrimble

Roads. Where we're going. We don't need roads!

MrAgent

I was finally able to successfully complete the buffer overflow section.
Took me a few hours, but I finally climbed over that hill! I am feeling more confident with this exam now!

slinuxuzer

Awesome! I'm pulling for you, hope you will post your post mortem and let us know how you did.

MrAgent

Thanks!
I am sure Ill make a blog post somewhere about it.

BlackBeret

Reading all of this makes me want to get back to it. I can't wait.

MrAgent

Just an update.
I finished the exam yesterday, and submitted my documentation.
I was able to completely root/admin 2 of the 5 servers. I also managed to get a limited shell on 2 additional servers.
I don't know if this is enough to pass the exam or not. I should know by Wednesday, if not sooner, if I passed or not.

john13619

I hope you will pass because i think it's just just to pass.

Did you send too you labs documentation ?

MrAgent

I did not submit lab documentation. If I fail, I will be submitting it when/if I retake the exam.

MrAgent

Well. I received the email that I did not pass.
Looks like I will be enduring the challenge again.

We regret to inform you that, based upon review of your course and exam documentation, you did not meet the requirements to obtain the Penetration Testing with Kali Linux certification.

JoJoCal19

MrAgent wrote: »

Well. I received the email that I did not pass.
Looks like I will be enduring the challenge again.

Sorry to hear that. Good luck on your next attempt. Today was my first day at my new office location (relocated from Tampa to Jacksonville) and I was talking to two of my teammates here and apparently they both failed their first and only OSCP attempt. And these are some smart and very experienced InfoSec dudes too.

MrAgent

I have already re-scheduled for my next attempt. I am taking it again on Feb 21.
I will pass this time.
I didnt turn in my lab documentation, this time I will do that. I only scored 65 points, I am guessing. The two that I rooted were worth 45 points total, while the two others I had shells on were worth only 10 points for limited shells (this is a guess).

So if I can do the same thing next time, and submit the lab documentation, I should be good to go.

JoJoCal19

Ouch. Had you turned in the lab docs you probably would have passed. I remember in at least two of the OSCP reviews I've read, the lab documentation is worth extra points and could be the difference between a pass and fail.

MrAgent

Yeah... I didnt document as I went in the lab, so I will be spending the next couple of weeks doing that.

slinuxuzer

So, I am curious if anyone knows, when you do a re-take will you encounter the same hosts with the same vulnerabilities?

Don't sweat it man, you will get it next time around, for sure don't give up.

MrAgent

I've had a couple of friends retake it, and thankfully they were given different servers.
I am retaking the exam this Saturday, the 21st at 10AM EST.

I feel like I just recovered from the lack of sleep from my last go around. I hope this time is different.

NovaHax

MrAgent wrote: »

I am retaking the exam this Saturday, the 21st at 10AM EST.

I'm rooting for you man...no pun intended

EngRob

You got this! Go gettem

MrAgent

Its going to be tough (again). Windows escalation is probably my weakest point. I need to read up on Windows escalation and post exploitation. Anyone have any recommended readings for it, other than the usual g0tm1lk blog?

john13619

Well...


Windows Priv Escalation isn't the easiest thing. There is so many ways it depends hightly plenty of things, updated or not, softwares ... ect.

So i don't think there would be something better than g0tmilk posts but you can still search, sorry.

slinuxuzer

Best of luck to you, hope to be reading that you passed soon.

da_vato

Best of luck to you

MrAgent

So an update.
I took the exam yesterday.
Started at 10 am and was completely finished by 3pm. Took another hour or two to finish and submit my docs.
I managed to get root/admin on 4 of the 5 boxes, and had a limited shell on the 5th. I was happy with that and submitted my docs.
I didnt have to stay up another 24 hours like the last time. I got to sleep, no stress, and it felt good.
I think I over prepared for the exam, which is a very good thing.
I would say that I passed the exam. I am just waiting on the email from Offsec, which probably wont be here until Tuesday.

I got an email from vmware saying I need to retake my VCP exam if I want to stay certified... So I will study that for the next month, after that CISSP.

Ill update this after I do a review of the labs/exam.

impelse

Good, with 4 machines with root, thats good

cgrimaldo

I hope you get your good news on Tuesday!