Help me fill gap between OSCP Labs and Exam

ChopteethChopteeth Member Posts: 10 ■□□□□□□□□□
Hey everyone, bit of background, I'm in the process of finishing up the OSCP Labs now. I wasn't sure I would make it in 90 days, but now that I have almost 2 weeks and only 3 machines left in the labs I feel very confident I won't need an extension. The bad news is that I was waiting on scheduling my exam to see if I needed more time, and now the earliest date I can get is 3 weeks after my lab time is up. I know I'm going to be a nervous wreck those 3 weeks, so I was hoping you could recommend me some study material to help fill the gap. I know the actual stuff on the exam is super secret, but just general areas you think would be good to brush up on, that kind of surprised you on the exam, would be really appreciated. Maybe even some machines on vulnhub or something. Anything is better than just waiting it out!

A bit of background about myself, I am very new to IT/Security, having worked in a completely different industry before. I only started in IT less than 2 years ago and Security less 1 year ago. I know there's a lot of people on here who are looking to get into Security work or have questions about taking the OSCP without much prior experience. Please feel free to use me as a resource for any questions you might have!

Comments

  • BlackBeretBlackBeret Member Posts: 683 ■■■■■□□□□□
    To fill the time between them take a look at vulnhub. If you google around you'll find people recommending particular machines to practice with prior to the exam. Also, don't forget what you learned with writing buffer overflows, try downloading vulnserver and playing with it for a while too.
  • ChopteethChopteeth Member Posts: 10 ■□□□□□□□□□
    BlackBeret wrote: »
    To fill the time between them take a look at vulnhub. If you google around you'll find people recommending particular machines to practice with prior to the exam. Also, don't forget what you learned with writing buffer overflows, try downloading vulnserver and playing with it for a while too.

    That is excellent advice, thanks! Perhaps this 3 week break will be a blessing in disguise :D
  • SlythSlyth Member Posts: 58 ■■■□□□□□□□
    I agree completely with BlackBeret. Vulnhub will help you keep your skills sharp. I personally waited a month before taking on the exam. What I did was vulnhubs and reread all of my notes for each lab host. The exam will be difficult but fun, dont stress out to hard. you will do great!
  • LiindoladeLiindolade Member Posts: 21 ■□□□□□□□□□
    Use the time to read up on recent vulnerabilities/exploits that may be useful during the exam. By now you should have a decent understanding of what to look for. Play with some of them, sort the best exploits by OS/architecture.

    Also, use the time to go through your notes. Labs can be a bit stressful -- maybe there was some technique you've used but didn't understand as well as you wanted to, but didn't have the time/energy to follow up on it? Do that now.

    Is your lab report ready? If not, now may be the best time to finish it. Memories are still fresh and you may discover areas where you need to fill some knowledge gaps.

    Well, at least that's what I did during my labs/exam gap. And don't feel bad about the gap. I know I did, but in retrospect it was quite useful to take a step back, look at the big picture and even to relax a bit.

    Good luck with the exam!
  • RichAsskikrRichAsskikr Member Posts: 51 ■■■□□□□□□□
    I recently came to the end of my three months PWK course, and had a fair idea I would need to extend.
    (This was simply because I struggled to pwn a single machine in 24 hours, let alone multiple machines).

    Seen as an extension comes with a free exam retake, it made financial sense to have a crack at the exam before paying for the extension, so attempted the exam this weekend. It was a disaster! 0 points!

    Having had some time to reflect alittle, I realised this was my own fault.
    I have spent three months blasting from one machine to the next, but not really analyzing what I was doing. I took loads of screenshots and notes of what I was doing, and how machines were pwned, then not bothered to really go over it afterwards.

    My advice - upon reflection, I believe a slight gap between the labs and the exam is worthwhile, as you dont have the distraction of the labs. You dont feel as though you are wasting paid-for time in the labs, when you're sat reading up. And you have some good quality time to read through your notes, and really analyse everything. And as others have said, you can grab some Vulnhub VMs if you're worried about losing your edge!
  • feydraxfeydrax Member Posts: 11 ■□□□□□□□□□
    Hi Chopteeth,

    How did you prioritize what to learn when you first started in this field?

    I'm really interested in how you pick up the knowledge till where you currently are now.
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    just do the vulnhub without looking at the walkthroughs. you'll be fine.
    look at all the methods of priv esc for both linux and windows, make sure you understand them!

    and of course, take a break sometimes. too much of something is not always good :)
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • ChopteethChopteeth Member Posts: 10 ■□□□□□□□□□
    feydrax wrote: »
    Hi Chopteeth,

    How did you prioritize what to learn when you first started in this field?

    I'm really interested in how you pick up the knowledge till where you currently are now.

    Which field, IT or security? When I was working in my previous industry I knew literally nothing but heard CCNA was desirable and obtainable, so I went for that. Afterwards I went for MCSA, for pretty much the same reasons. Once I started getting into Security my priorities started being dictated by my job duties. I was put in charge of Malware Analysis so a lot of my time was spent reverse engineering samples, driving processes in my organization to help combat threats, etc. Now I tend to do pentesting as well as my other duties, and the reason I went for OSCP is because my boss asked me to (I hadn't even heard of it before).

    I think the key to being in security is becoming a jack of all trades, knowledgeable in everything but master of none. Don't prioritize, learn a little bit of something and move on. If you're specifically curious about what to study for with OSCP there are a lot of good threads here for that. Personally I recommend SecurityTube, that guy Vivek really knows his stuff and is an excellent teacher. Let me know if you need more specifics on anything.
  • ChopteethChopteeth Member Posts: 10 ■□□□□□□□□□
    Hey I had another question regarding the exams, do you guys recommend updating all of my software on Kali beforehand? Thanks!
  • mokazmokaz Member Posts: 172
    Chopteeth wrote: »
    Hey I had another question regarding the exams, do you guys recommend updating all of my software on Kali beforehand? Thanks!

    I wouldn't do so, or at least i'll get a solid backup of my VM before doing so... Trust me if you've got a working setup now then go to the exam with it.. If you wanna test drive newer release afterwards, you can always buy lab time once you'e passed...
  • LiindoladeLiindolade Member Posts: 21 ■□□□□□□□□□
    I remember OffSec advising students not to update the VM as it was specifically built/modified for PwK/OSCP.
  • ChopteethChopteeth Member Posts: 10 ■□□□□□□□□□
    Liindolade wrote: »
    I remember OffSec advising students not to update the VM as it was specifically built/modified for PwK/OSCP.

    Yeah I know that was true for the labs, but wasn't sure if the exam would be different.
  • ChopteethChopteeth Member Posts: 10 ■□□□□□□□□□
    Okay one more question, can I the getsystem function inside meterpreter? Technically this does not use another exploit or post module, as far as I am aware.
  • LiindoladeLiindolade Member Posts: 21 ■□□□□□□□□□
    They'll tell you precisely what you are and aren't allowed to use during the exam. Don't take anybody else's word for it, but read what they send you very carefully before you touch any exam systems.
  • ChopteethChopteeth Member Posts: 10 ■□□□□□□□□□
    Liindolade wrote: »
    They'll tell you precisely what you are and aren't allowed to use during the exam. Don't take anybody else's word for it, but read what they send you very carefully before you touch any exam systems.

    Hmmm I asked one of the admins and was told that I couldn't use any post or exploit modules in metasploit. Getsystem technically does not use these, but they weren't clear as to whether or not it was allowed. I just wish I could get some clarification on this one issue...
  • ChopteethChopteeth Member Posts: 10 ■□□□□□□□□□
    Last update, I passed :D thanks for the advice everyone!
  • LiindoladeLiindolade Member Posts: 21 ■□□□□□□□□□
    Congratulations!
  • BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Congrats on the pass! Great achievement.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • ChopteethChopteeth Member Posts: 10 ■□□□□□□□□□
    Thanks guys, oh btw I did eventually get an answer to my earlier question, getsystem DOES count as a exploit/post module use, and remember you can only use it on one machine.
Sign In or Register to comment.