Options

Yet Another OSCP Post (study buddy edition 6.0)

ilikeshellsilikeshells Member Posts: 59 ■■□□□□□□□□
Hi friends. I finally got approval to take the OSCP course for 90 days. I plan on starting in about 2-3 weeks. I work full time currently and have a family, so I plan on spending only about 2-3 hours M-F and 4-6 hours S-Sun. If anyone else plans to go at my pace and is starting soon, let me know. Do you all think that time commitment is realistic to be successful?
«1

Comments

  • Options
    unkn0wnsh3llunkn0wnsh3ll Member Posts: 68 ■■□□□□□□□□
    Welcome to the band ilikeshells, I started on 19-Jul-2015, more or less I'm same like your situation spending 2-3hrs weekdays and upto 6 hrs in weekend. I couldn't comment on if the timing will be enough or realistic as it depends on individuals background on subject etc..........Anyways we can mesg each other, no problem at my end...

    Cheers
  • Options
    ilikeshellsilikeshells Member Posts: 59 ■■□□□□□□□□
    Welcome to the band ilikeshells, I started on 19-Jul-2015, more or less I'm same like your situation spending 2-3hrs weekdays and upto 6 hrs in weekend. I couldn't comment on if the timing will be enough or realistic as it depends on individuals background on subject etc..........Anyways we can mesg each other, no problem at my end...

    Cheers

    Thanks! I appreciate it.
  • Options
    impelseimpelse Member Posts: 1,237 ■■■■□□□□□□
    It is very difficult with the time, now that my wife is traveling for a couple of week I've been doing 3 hours and 10 during the weekends, but still I am not making it, I need more time.
    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

  • Options
    TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    Should be enough hours...that is basically the plan I am following and it seems to be fine. It is fairly easy to lose track of time when doing some of the stuff, which is a nice change of pace compared to some other certification studying.
  • Options
    mokazmokaz Member Posts: 172
    impelse wrote: »
    It is very difficult with the time, now that my wife is traveling for a couple of week I've been doing 3 hours and 10 during the weekends, but still I am not making it, I need more time.

    Yep i think this is really the one and only constrain about this cert; time.
    I could dedicate a lot at it so it's okay i'm moving ahead but im Ian Solo at the moment so it clearly helps.

    Also maybe some folks can do wonders in the labs within an hour, i tend to need 3 just to settle down on getting
    things going and rolling my way to r00t..
  • Options
    ilikeshellsilikeshells Member Posts: 59 ■■□□□□□□□□
    Random q...do you have your Kali VM net interface as bridged or NAT? Does anyone have a reason to chose one over the other for the purpose of the labs?
  • Options
    veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    You don't want to run it in NAT. It needs to be bridged, otherwise you will experience weirdness from scans as well as exploits you try shooting at targets.
  • Options
    ilikeshellsilikeshells Member Posts: 59 ■■□□□□□□□□
    You don't want to run it in NAT. It needs to be bridged, otherwise you will experience weirdness from scans as well as exploits you try shooting at targets.

    Thanks! That's what I was thinking. I was just nervous about being in potentially hostile environment with my Kali VM not behind at NAT!
  • Options
    veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Thanks! That's what I was thinking. I was just nervous about being in potentially hostile environment with my Kali VM not behind at NAT!

    I'll take this further. You shouldn't have your firewall running. The term, "Hack Naked" came from this... This is why you should make sure your VM's OS is hardened as much as is possible without making your job harder or the risk that an OS update could break something or change the behavior.
  • Options
    ilikeshellsilikeshells Member Posts: 59 ■■□□□□□□□□
    I'll take this further. You shouldn't have your firewall running. The term, "Hack Naked" came from this... This is why you should make sure your VM's OS is hardened as much as is possible without making your job harder or the risk that an OS update could break something or change the behavior.

    Definitely. But running a VM in VirtualBox in bridged mode should create its own stack on the NIC. Therefore, the "host" OS' firewall should not interfere with my VM or were you referring to a FW in my Kali VM? I plan on just running whatever VM they give me as is and not tweak it unless told to.
  • Options
    veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Definitely. But running a VM in VirtualBox in bridged mode should create its own stack on the NIC. Therefore, the "host" OS' firewall should not interfere with my VM or were you referring to a FW in my Kali VM? I plan on just running whatever VM they give me as is and not tweak it unless told to.

    This. I blabbed on too long :) I was trying to say, "Don't turn on the firewall..."
  • Options
    HugbearHugbear Member Posts: 9 ■□□□□□□□□□
    I am starting on the 9th August, would love a study buddy to keep motivated. Where are you based, I am in London.
    If at first you don't succeed, try and try google.
  • Options
    unkn0wnsh3llunkn0wnsh3ll Member Posts: 68 ■■□□□□□□□□
    hi Hugbear

    Im in UK, possibly we can connect if possible, ....@ IRC: unkn0wnsh3ll

    Cheers
  • Options
    HugbearHugbear Member Posts: 9 ■□□□□□□□□□
    Sounds a plan. I have added you to my friends list I am on #offsec .. hugbear
    If at first you don't succeed, try and try google.
  • Options
    ilikeshellsilikeshells Member Posts: 59 ■■□□□□□□□□
    My start is likely 8/22 now. The fam wanted to take a quick vacation, so I am going to start after that. I'll be in #offsec around then. Cheers.
  • Options
    JosephMatthewJosephMatthew Member Posts: 11 ■□□□□□□□□□
    I start on the 8th of August. 4 days away! We should definitely bounce ideas off of each other. I've been reading a ton on netcat and python the past few days. Feel free to message me.
  • Options
    unkn0wnsh3llunkn0wnsh3ll Member Posts: 68 ■■□□□□□□□□
    Hugbear wrote: »
    Sounds a plan. I have added you to my friends list I am on #offsec .. hugbear
    Hi Hugbear,

    Not sure if you were in IRC yesterday.....I have added you on friends list......Catch you soon.

    Cheers
  • Options
    HugbearHugbear Member Posts: 9 ■□□□□□□□□□
    Hi Unkn0wn, I was on IRC yesterday briefly. Have never used IRC before so my hope setup was all ok.
    Hi Joseph will PM you later.

    Have you guys got Skype?

    My main study at he moment has been research on how to write up the reports : setting up network diagrams especially for pivoting (hopefully I get a chance to fill something in here) , Template for reports, useful commands etc. Have ben looking at automation of some scripts today. My organising skills is n great and considering how much work this is going to be I thought I get some preparation work done.

    I will be online 00 + 1 GMT on the 9th
    If at first you don't succeed, try and try google.
  • Options
    unkn0wnsh3llunkn0wnsh3ll Member Posts: 68 ■■□□□□□□□□
    Hugbear wrote: »
    Hi Unkn0wn, I was on IRC yesterday briefly. Have never used IRC before so my hope setup was all ok.
    Hi Joseph will PM you later.

    Have you guys got Skype?

    My main study at he moment has been research on how to write up the reports : setting up network diagrams especially for pivoting (hopefully I get a chance to fill something in here) , Template for reports, useful commands etc. Have ben looking at automation of some scripts today. My organising skills is n great and considering how much work this is going to be I thought I get some preparation work done.

    I will be online 00 + 1 GMT on the 9th

    Hi Hugbear

    Tried couple of times to PM on this forum, seems I do not have access yet...I do have skype....

    This is the first time Im using IRC, Used in the past very briefly,

    Cheers
  • Options
    HugbearHugbear Member Posts: 9 ■□□□□□□□□□
    Hi Guys,

    I assume everyone is pouring over the videos and pdf. I am and there is so much to learn. Have not even tried to 'hack' the lab machines yet, I can use metasploit but am avoiding it. I would like to customize the scripts instead. I have PMed you guys with my skype address, if you guys are available on the weekends evenings (or 2-6am GMT weekdays icon_sad.gif ) we can catch up.

    John
    If at first you don't succeed, try and try google.
  • Options
    ilikeshellsilikeshells Member Posts: 59 ■■□□□□□□□□
    Hi friends. Official start date is 8.29. I'll connect with y'all around then. Good luck on your studies.
  • Options
    JosephMatthewJosephMatthew Member Posts: 11 ■□□□□□□□□□
    I'm getting on the IRC soon, been doing the labs, and am still figuring out Ncat and netcat.
  • Options
    TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    The exercises are huge for learning the material. Once you start attacking the machines you will quickly realize that.
  • Options
    ilikeshellsilikeshells Member Posts: 59 ■■□□□□□□□□
    TechGuru80 wrote: »
    The exercises are huge for learning the material. Once you start attacking the machines you will quickly realize that.

    What has been your methodology to go through the material? Most people seem to suggest reading a section's PDF and then do subsequent videos + exercises before moving on to the next section and only attacking the lab after going through all the base course material. Is this what y'all been doing?
  • Options
    TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    That is how I started but I've attacked some machines and learned a few things in the process. Now my plan is to finish the last bit of the text and videos, then hopefully have around 45+ days left for attacking.
  • Options
    HugbearHugbear Member Posts: 9 ■□□□□□□□□□
    I read through the pdfs and been having a go at the machines, so far been lucky to pawn 2 and got the dns map of the student network. I know pain, difference, humble and ghost. Will avoid them till later :) hugbear
    If at first you don't succeed, try and try google.
  • Options
    unkn0wnsh3llunkn0wnsh3ll Member Posts: 68 ■■□□□□□□□□
    Hi Hugbear

    Just saw your mesg and replied back, lets catch up whenever you got time....

    Cheers
  • Options
    justjenjustjen Member Posts: 77 ■■□□□□□□□□
    I have also received a confirmed start date of Aug. 29. That will be a family weekend, but nothing says I can't download and take a quick browse through the PDF when I receive the course email with links.

    Better news is that I will have a 4-day weekend the following weekend, which should be perfect to dedicate some serious time. I think I will go through the PDF, videos and exercises first before tackling the lab. However, my plans may change after I have a chance to look at the materials.
  • Options
    JosephMatthewJosephMatthew Member Posts: 11 ■□□□□□□□□□
    I've pwned 2 boxes. Able to gather info here and there. Need to continue sharpening up my enumeration skills. It's fun fun fun. Getting into boxes certainly isn't instant gratification, but when I finally did get in......wow.
  • Options
    HugbearHugbear Member Posts: 9 ■□□□□□□□□□
    Don't know how you guys are getting along...I must be spending upwards of 50 hrs a week on the network, work is quiet at the moment. Have managed to pwn 15 boxes. Had 3 last night, I know couldn't believe it and 2 today. I will have to go back and do it again as I forgot to look for the network hashes, ah well practise I guess. I kinda spent a few hours on sufferance and thought up ways of cracking the beast, I probably am going the wrong way with it but practice is worth it. I expect that this is for the low hanging fruits though......
    If at first you don't succeed, try and try google.
Sign In or Register to comment.