About to give up on OSCP

Well after doing the course for almost 1.5 months, I completed all the required exercises and broke into 5 lab machines and got halfway through about 3 or 4 of them. I've been beating my head against some of these hosts for the past week and no progress has been made.

To everyone who has OSCP, how did you make it through when you weren't making any progress in the labs for attacking hosts? The admins aren't of any help at all and I had to buy A LOT of extra lab time to make up for the lack of experience!!! Can anyone provide any insight into how they made it through OSCP?

Find more posts tagged with

Comments

thegoodbye

Have you looked at the walkthrough to Alpha?
https://forums.offensive-security.com/showthread.php?t=4689

I'd suggest going through this walkthrough line-by-line to give you some ideas around methodology, including the multiple paths that lead to dead ends. For the forum machines you're stuck on, have you looked at any of the student forum posts about them? This can sometimes be helpful.

If you're truly ready to give up after only a week of struggles, you may need to work on your "try-harder'ness" to be successful.
You have a long way to go. There are quite a few machines in the network and they don't go in order. If you're stuck on the same few machines, take diligent notes as to what you've tried and where you left off, and move to another host.

[Deleted User]

disregard got in!!

cyberguypr

Easy: try harder

Seriously, I know my limitations and the patience required for this cert is something I do not have. Therefore, I will never bother attempting it. I immensely respect those who go through it.

TheFORCE

Has happen many times when I'm about to post something or few minutes after asking a question to a vendor,right after to find the solution myself. Keep going!

[Deleted User]

Looks like the forums on OffSec are helpful!! I'll give this a go!! But overall I have learned a lot from this course. Kinda what cyberguypr said, it's the patience that you need and I'm not a very patient person!!

But I thought doing this cert will make me more patient and keep me thinking rationally. let's just say sometimes I get a bit angry!!

hahahaha.

After days of nothing, got another host!!!

Guess I need to TRY HARDER!!!

I didn't even know about the forums!! Good to know!!

[Deleted User]

Well after looking on the forums for OSCP, I was able to exploit 3 machines in one night!!!!!!

Making some good progress now!!

jamesleecoleman

Don't give up on something you really want.
It's kinda like giving up on yourself and it sucks.

chrisone

It almost seems like if you are stuck and ready to quit, those are official signs that you are doing well in the class

Id be worry if i flew through the class with little to no frustration.

TechGromit

kMastaFlash wrote: »

The admins aren't of any help at all and I had to buy A LOT of extra lab time to make up for the lack of experience!!!

Just out of curiosity what did you do to prepare for attempting the OSCP.

UnixGuy

you are a star! and you were about to give up right before you were so close to finish!

Keep it up! This is a very respectful Cert, and it will pay off!

si20

Just to balance things out here, i'm going to be that guy and say: if you do end up ducking out of the OSCP - don't fret too much and let me tell you why. I just got rejected from a pen-testing role despite having the OSCP. The OSCP covers very little SQLi and almost no XSS - the pen-testing company I went for grilled me on SQLi and XSS and I didn't even get to the telephone interview stage - I lost out at the practical assessment (first stage). I was extremely angry with myself, but then, the OSCP was more focused on infrastructure.

The OSCP is still a fantastic cert - I can't fault it too much (apart from I think the admins should definitely help more than they do). I get the "Try harder" but it really is a bit of a cop-out. Usually, you go to the admins when you've exhausted everything you can think of, even if it's not very much.

My long-winded point being: you've clearly learned a lot anyway. If you do end up leaving the course, look at certs that revolve around web app pen-testing because they'll help you much more in the current environment I feel.

But as others have said: try and stick with it. If you're just throwing away money buying labs, put it on the backburner for a while and do some offline reading and vulnhub practice, then return with a fresh mind. The OSCP was a real chore to get through. I found myself growing tired of it during the final week and only just made it through by the skin of my teeth.

ming746

Hey mate, don't quit. Just the fact you keep hitting roadblockes should provide you even Moore motivation. And provide even more of a personal victory and accomplishment for yoiyoiy once you have figured it out. Its not too hard for you yoiyoiu are just missing certain pieces to the puzzle needed to solve the riddle that's in front of you. Embrace it. Keep going over and over it no matter how many times and take each step one at a time and examine them differently till you figure it out. Like a rubix cube of sorts. Stick with it. Everyone is is going through the same trials and tribulations as yiuy are so don't feel as if you are alone

Delitor

i am having issues with the Alpha walk through myself. I have gone line by line and step by step with the videos but i can't get the alpha display. i know i am missing something small and if its pointed out it will be a massive face palm why didn't i think of or see that moment. i just wish i had a little better hints.

JDMurray

si20 wrote: »

The OSCP covers very little SQLi and almost no XSS

This is because these attacks are part of Web app pentesting. You'll find those skills in the Offensive Security Web Expert (OSWE) cert.

22306

hey man join this discord group chat! a lot of us are taking oscp and trust me itll help you https://discord.gg/AQwaeGf (no cheating)

TechGromit

cyberguypr wrote: »

Seriously, I know my limitations and the patience required for this cert is something I do not have. Therefore, I will never bother attempting it. I immensely respect those who go through it.

When I attempt it, I'll go with the 3 month option, I know my limitations, and I know I'll need the extra lab time.

Dr. Fluxx

Same here!

SaSkiller

I'll be honest, happened to me when I was attempting a challenge recently. Obviously beyond my knowledge, but I had a week to try it and I certainly thought several times that I was at my limit, but I kept going and trying things and while I didn't hit my goal, I got some things, and that may be what maters more than anything else.

dochood

Don't rely too heavily on the forums. Sometimes, someone lets something slip that is "too helpful," and the admins don't catch it right away before censoring it. Or, if you privately ask a student for a "nudge," some of them will shove you all the way across the goal line, robbing you of the opportunity to "try harder" and really feel good about the box.

If you rely on the forums to get a bunch of boxes, then go take your test, you will be in a world of hurt. The test requires you to "bulldog it" and keep working. The test also has built-in "time wasters," to try to distract you from focusing, which really gets hard to do anyway after about hour 16 or 17, no matter how good of progress you make up until then.

I essentially passed the test at hour 17, with 10 point "easy" machine and one 25 point machine left... and I got neither of those. The homework and lab report pushed me over 70. Oh, and I got 53 out of 55 machines... but I probably should have completely ignored the forums and stuck with going completely alone. The victory wasn't quite as sweet after getting a machine from too generous of a forum hint.

Dr. Fluxx

dochood wrote: »

Don't rely too heavily on the forums. Sometimes, someone lets something slip that is "too helpful," and the admins don't catch it right away before censoring it. Or, if you privately ask a student for a "nudge," some of them will shove you all the way across the goal line, robbing you of the opportunity to "try harder" and really feel good about the box.

If you rely on the forums to get a bunch of boxes, then go take your test, you will be in a world of hurt. The test requires you to "bulldog it" and keep working. The test also has built-in "time wasters," to try to distract you from focusing, which really gets hard to do anyway after about hour 16 or 17, no matter how good of progress you make up until then.

I essentially passed the test at hour 17, with 10 point "easy" machine and one 25 point machine left... and I got neither of those. The homework and lab report pushed me over 70. Oh, and I got 53 out of 55 machines... but I probably should have completely ignored the forums and stuck with going completely alone. The victory wasn't quite as sweet after getting a machine from too generous of a forum hint.

I may be strange but that concerns me too about hints an such.

[Deleted User]

So I thought I would provide a small update on my OSCP journey. After this thread, I have pwned about 20 public servers and unlocked the IT network as of today 3/7/2017!!!

I am thinking about attempting the exam and was hoping that someone can provide me with insight to "how to pass the exam" without any cheats just solid advice!!

JoJoCal19

If you're not in the OSCP Discord group, I highly recommend it. There's a couple of people who have passed it there, and a ton of people at different phases of prep for it. No cheats, just great discussion!

chopsticks

Good thread.

airzero

I started about the same time as you and have failed once earlier this year. But you gotta just keep going man, break a couple of keyboards, punch some walls and you'll make it through. At the very least attempt the test, when I failed it actually boosted my confidence cause I did better then I thought I would and learned what I needed to work on.

Just go for it and if you fail then learn from your mistakes and keep moving forward. I've learned more from this course than any other training I've ever had so it is definitley worth it. By the way, from what i learned in this course and HOW I learned in this course, I was able to get OSWP, eJPT, and CEH all in a span of a few weeks. Just learn everything you can and even if you the fail the exam, the experience is worth the time and money.

thatguy67

22306 wrote: »

hey man join this discord group chat! a lot of us are taking oscp and trust me itll help you https://discord.gg/AQwaeGf (no cheating)

Hey, is there an updated link for this Discord group? The link appears to have expired.

Terminator X

thatguy67 wrote: »

Hey, is there an updated link for this Discord group? The link appears to have expired.

Wondering the same.

p@r0tuXus

Agreed. Where are the links?! lol

airzero

PM me and I'll send you the link.

vynx

airzero wrote: »

PM me and I'll send you the link.

can i get the link?

josephandre

just post it in the thread. what's with the secrecy