the OSCP journey and my imminent FUBAR
soverylost
Member Posts: 8 ■□□□□□□□□□
Dear Tech exam colleagues.
I am pretty sure i really messed up in signing up for the OSCP with my own money because i really felt giving the CEH was a waste of money. I prepared for CEH and saw that some of the syllabus seemed very familiar from the Offsec website to it, and decided...hell why not.
So here i am, reading all of your tales, (thankyou jollyfrogs and unknownshell*) and wondering if iv made a giant mistake. Iv just about jumped into every technical certificate i could get, with little to no preperation beforehand and been fine, my OSCP verification just came through today, looks very similar to Georgia Wiedman's course on advanced penetration testing, im pretty sure im underestimating OSCP. but iv only seen the first section up till now, i am pretty sure i am about to be blind sided by something iv never expected. any tips?
iv read python for pentesters, RTFM, hackers playbook 1 and 2, python for secret agents, ethical hacking and penetration testing, done the advanced penetration testing course on cybrary.it, packt python, intorduction to reverse engineering for beginners, books on bash scripting, advanced python scripting, red team/blue team scenarios. Ive sort of had a small virtual lab of about 7 images with different version of windows to work on due to my CEH classes. iv pretty much started python from scratch and still have a lot of doubts.
So as iv given the money and taken out these 2 months specifically for this cert, could i get advice as to what to follow up on, or read?, general critique of my cow boy attitude wont help but i am pretty much expecting it.
I am pretty sure i really messed up in signing up for the OSCP with my own money because i really felt giving the CEH was a waste of money. I prepared for CEH and saw that some of the syllabus seemed very familiar from the Offsec website to it, and decided...hell why not.
So here i am, reading all of your tales, (thankyou jollyfrogs and unknownshell*) and wondering if iv made a giant mistake. Iv just about jumped into every technical certificate i could get, with little to no preperation beforehand and been fine, my OSCP verification just came through today, looks very similar to Georgia Wiedman's course on advanced penetration testing, im pretty sure im underestimating OSCP. but iv only seen the first section up till now, i am pretty sure i am about to be blind sided by something iv never expected. any tips?
iv read python for pentesters, RTFM, hackers playbook 1 and 2, python for secret agents, ethical hacking and penetration testing, done the advanced penetration testing course on cybrary.it, packt python, intorduction to reverse engineering for beginners, books on bash scripting, advanced python scripting, red team/blue team scenarios. Ive sort of had a small virtual lab of about 7 images with different version of windows to work on due to my CEH classes. iv pretty much started python from scratch and still have a lot of doubts.
So as iv given the money and taken out these 2 months specifically for this cert, could i get advice as to what to follow up on, or read?, general critique of my cow boy attitude wont help but i am pretty much expecting it.
Comments
-
griffondg Member Posts: 39 ■■□□□□□□□□If you have the time and dedication you should be fine. There really isn't much scripting required at all; you just need to work on modifying existing exploits and the lab materials and google are sufficient for that. Looking at what you've studied already I think you should be good to go.
Good luck!
Eric -
soverylost Member Posts: 8 ■□□□□□□□□□thanks for the support, spent yesterday researching, i think i just should jump into it and try to find my way out. Are any members willing to discuss tips and techniques? do we have a IRC channel/ support thread where we could ask our questions to bounce them off our more learned colleagues?
thanks for the reply again. btw, can i run this entire thing from an oldish laptop as well? i have been running kali and backtrack along with win 7 and 8 simultaneously but i keep wondering how much bruteforcing there is going to be, or how any of the other tools would be affected by low level hardware, as i saw that most of them also run on a raspberry pi, any person who has run this course on a core 2 duo laptop, i would very much appreciate any advice. -
unkn0wnsh3ll Member Posts: 68 ■■□□□□□□□□HI soverylost
As griffondg(Eric) pointed, it should be fine. Jolly has provided more of guide post in terms of lab setup which will help you. He did has commented on Bruteforce and its usage on lab.
There is support IRC chat room, forums etc, In terms of bruteforce, as a part of learning I ran during couple of labs instance and it was runningggggggggg for over a night and wondered its not worth it. Also in IRC chat room (#offsec) and also on forum, admin has clearly said if bruteforce takes over an hour, it means there should be another way to exploit than bruteforce.
goodluck......
Cheers -
BlackBeret Member Posts: 683 ■■■■■□□□□□If you've signed up for the course just take a breath and wait for the email with your .pdf and lab access. It is honestly designed to start at the very basics of pentesting. If you've gone through everything you listed above this course probably wont teach you a lot of new things, it will simply make you figure out how to put all of that to use in an actual network environment. You seem well prepared so I wouldn't sweat too much.
Search for Mr. Agent's thread and he's listed an IRC room that he hosts as well with a lot of people who have/are taking the OSCP. The official IRC room is great if you want to talk to admin's, but they tend to discourage discussion amongst each other so you don't ruin it for others that haven't gotten to whatever point you're at.
If you can run Kali than you're fine. They actually recommend an older 32-bit for their lab network so that you can work on some of their provided exploits. If you pay attention to your instructions, somewhere in there it will give you access to their own online password cracker so you don't have to worry about trying to run anything processor intensive. Almost all of the hashed passwords I saw in the lab were already stored in the lookup table and came back within seconds. I will say I never brute forced a password across the network, I only collected stored hashes then cracked them.
Good luck and have fun! -
soverylost Member Posts: 8 ■□□□□□□□□□hey guys, thanks for the advice and words of encouragement. I believe iv made the basic mistake, listened to half the vidoes, read half the pdf, and went straight into it.
yea....i tried going on without msf, didn't really pan out, still stuck on the first machine even though i am now using msf.
had to rebuild the entire msf because of various database and service errors, reverted the machine as well and restarted the host. I am pretty stuck. there is a software here that can cause a temporary DoS but thats it, i see tons of ports open but apparently msf tells me its untouchable and open_vas is refusing to startup as a msf module and as a standalone service.
the software/service causing the DoS doesn't have a vulnerability that can cause system privilege escalation
help? -
griffondg Member Posts: 39 ■■□□□□□□□□Honestly I would spend the time to go through all of the videos and pdf. It's really about the best training around so why short-change yourself? If you go through and do the lab exercises you will learn a lot more than just blindly jumping into the labs.
-
TechGuru80 Member Posts: 1,539 ■■■■■■□□□□The lab exercises are suppose to teach you what you need to know essentially for the test. Knowing more helps speed up the process, but I remember reading something saying you should be able to get into most machines by what they teach.
-
soverylost Member Posts: 8 ■□□□□□□□□□...yea i guess i'll have restart this tomorrow. Time sunk for this venture uptill now 18 hours out of 38 total. msf is going ballistic again: Post failed: Msf::OptionValidateError The following options failed to validate: SESSION. kept getting this, made sure that the service was up and got this again. yup. im going to sleep, resetting the entire damned vm and starting from scratch if this keeps up
-
BlackBeret Member Posts: 683 ■■■■■□□□□□With MSF make sure you're starting the services prior to starting msfconsole. Depending on the version you have and what you've configured already,
service postgresql start
service metasploit start
msfconsole
Go through all of the material as well, the labs have changed since I last logged in, but if you're going numerically by IP the first one should be very easy. Make sure you're fully enumerating your targets and looking at what services they're running, not just trying to throw random metasploit modules at it. One of the first enumeration sections was NetBIOS/SMB, re-read that then ago at the machine again.. -
zorianix Registered Users Posts: 3 ■□□□□□□□□□Is the irc still available as i tried connecting but was getting some issues, can somebody tell me how can i connect to it irc.ow..
-
soverylost Member Posts: 8 ■□□□□□□□□□So, unfortunately got caught up in a whole mess of personal issues, lost acouple of days when i couldn't connect (dammit). ah well...needed to start over anyways, i really appreciate the advice and support from you guys. It just feels really weird to be confronted by something i couldn't make heads or tails of on the first try.
will update you all soon, i think this should go down in history as a lesson for people who are as over-confident as i am :P -
soverylost Member Posts: 8 ■□□□□□□□□□i havent event tried the IRC, iv actually heard that forums are more understanding of your situations where the official IRC channels are basically going to be not as helpful and end with "try harder"