OSCP student roll call.

mabraFoo

I am looking to connect with oscp students (AND ALUMNI!!).

mabraFoo

To clarify, I don't want to give away any spoilers, but instead connect to discuss techniques to increase the odds of passing the exam. Scripting and automating as much as possible increases the odds of passing the exam. I started with a strong DBA and computer science background. 17 years in IT, but no pen-testing experience. So far I have owned about 28 labs machines.

This course is a blast, so addicting. Never in my life have I had such a hard time pulling myself away from the computer. It is so easy to stay up all night because it always seems a breakthrough is only 15 mins away.

After 5 months it is easy to forget the techniques I used to own a machine months ago. Because of this I have gone back to remind myself the steps to own each machine. Of course hindsight is 20/20, but it is fun to see my automation script own Bob from start to finish in 90 seconds when it killed me for several days.

robantonucci

My OSCP lab time starts on Saturday (9/26)

Dill_

I start mine Oct 3.

HappyGoats

OSCP/OSCE alumni here. Feel free to ask any questions etc.

ilikeshells

I'm in the labs. Feel free to PM me.

eth0

HappyGoats wrote: »

OSCP/OSCE alumni here. Feel free to ask any questions etc.

OSCE was hard? what knowledge is needed to start this course?

HappyGoats

eth0 wrote: »

OSCE was hard? what knowledge is needed to start this course?

You definitely want some basic assembly language experience, it makes things a lot easier. I found the web part of the course really easy, but the more in depth binary exploitation was a bit more challenging but fun at the same time.

NovaHax

...bump...

eth0

HappyGoats wrote: »

You definitely want some basic assembly language experience, it makes things a lot easier. I found the web part of the course really easy, but the more in depth binary exploitation was a bit more challenging but fun at the same time.

I have only experience from OSCP with low level stuff (so basic buffer overflow exploitation), no any other, will be ok? What I mean, not sure if I am prepared to start this OSCE, I have little problem with last step to register

Muggie

I'm a current student. My lab opened up 9/12 but I haven't been able to really jump into it except for this weekend.

leugenel

My lab starts Oct. 10th. Is there a way to request a book before the lab starts?

Muggie

No sir. All the material is sent as soon as the course opens.

TechGuru80

My lab time ends pretty soon. It is definitely grueling and there probably will be times you get annoyed and need to take a break.

BlackBeret

I'm in the labs as well. I missed the past week and a half, but I'll be back in the labs and on IRC at night from here on out.

Pnut_Butter_W0lf

Been in off and on for a while juggling a infosec MS along with it

Blade3D

My lab time runs out Sunday but I plan to extend at least another 30 days, I'll try to start getting in the IRC channel again.

robantonucci

10 days in.. 28 boxes down.. starting to feel the burn this is litterally taking over ALL of my free time. but well worth it so far..

Muggie

Has anyone been able to figure out the vulnserver buffer overflow? I'm having issues with getting my JMP ESP to work and would love to bounce some ideas off of someone. Right now I feel like I'm spinning my wheels.

ilikeshells

Muggie wrote: »

Has anyone been able to figure out the vulnserver buffer overflow? I'm having issues with getting my JMP ESP to work and would love to bounce some ideas off of someone. Right now I feel like I'm spinning my wheels.

I'd make sure you know how much buffer space you have. If you get stuck, ping the admins in IRC, they are actually very helpful if you proove you've made concerted effort.

BlackBeret

Don't forget to check the OffSec forum posts for the modules as well. I've seen it discussed a lot on there.

Dill_

I just finished the vulnserver. Feel fee to PM me in the #offsec irc if you still need to bounce ideas around.

dende3

Will be starting on 1st of 8th of November, have to get my payment sorted. Gathering materials for a while now.

the_Grinch

I start November 1st. I purchased the course previously, but will actually complete it this time.

BuhRock

My OSCP exam is scheduled for Nov. 13 2015.

TK1799_st

I just started this weekend in prepping.

Any guide or opinion that anyone else on here has for a course of action would be great.

I started by Installing Oracle Virtualbox, downloading Metasploit 2, will be going through the Offensive Security course Metasploit Unleashed, and purchasing to read:
1) Metasploit: The Penetration Tester's Guide
2) Basic Security Testing with Kali Linux
3) The Hackers Playbook 2

I just started to read #1 yesterday. I also ran through some videos and online training at Cybrary.it

Any advice from those of you that are ahead of me would be great and appreciated!

So far, I'm excited about this course of study and available training, which most of it is free.

Janne4

Hi!

Sounds like you are on the right track.
Skills that can be useful is general Linux skills, understanding and writing simple scripts in python and bash, understanding the basics of modifying exploits in various programming languages and knowing your way around in Metasploit and Nmap.
I would also recommend looking into Web App Pentesting (approx. 50% of the Machines in the lab network has a web attack vector) and privilege escalation on Windows and Linux (often you have a shell but as a low-priv user).
The later two areas is where I am having some problems when it comes to practical skills ; )

TK1799_st

nice meeting you Janne4 - I read your other post -- seems you've been very busy. Thank you for the information. I've spent all weekend getting organized and just started reading 1) on my list.

On my breaks I've been gathering research articles and videos of stuff I've come across to build a minor library to understand what I've just read.

I'm appreciating the effort in learning this -- am I am very excited to be taking this path.

Keep at it! With effort comes victory!

Janne4

Thanks. I wish I had practiced more "hands-on" with vulnerable machines (metasploitable, Damn Vulnerable Web App and others) when preparing for this course and not just read books and gathering information.

Blade3D

I plan to renew for a month on November 13th, schedule my first test November 29th, and if a retest is needed December 12th. I had originally gotten my employer to pay for 90 days of lab time, but got extremely busy with work and relationship. I am now single again, and hope to finish this ASAP as I'd like to start on the CISSP and other certs.

kiems

Hi! I will be renewing my labs in the beginning of December for two or three months. Really enjoying the material / videos. Nice to meet you all.