OSCP journey starts 4/29/17, Lets go!

2

Comments

  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Wow, wow, wow.

    Just spent a few hours last night and this morning on Payday. Finally have root and contents of proof.txt.

    Seriously? lol
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Lab time expired end of July. Took a break during Blackhat/Defcon week and started WGU same time. After I knockout Secure Software Design I'll get warmed back up and I'll purchase another 30 days. Exam has been set for 10/20!
  • m4v3r1ckm4v3r1ck Posts: 29Member ■■□□□□□□□□
    Good luck on the upcoming exam. How many boxes have you popped so far?
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Exam was pushed back to 11/24. I am far from prepared as I have been working on my MS since 8/3. Will take exam, finish my Capstone and then in January buy some more lab time and focus 100% on this journey.
  • CyberCop123CyberCop123 Senior Member Posts: 334Member ■■■■□□□□□□
    Blucodex wrote: »
    Exam was pushed back to 11/24. I am far from prepared as I have been working on my MS since 8/3. Will take exam, finish my Capstone and then in January buy some more lab time and focus 100% on this journey.

    You sound busy Blucodex! Good luck with it all

    Quick question for you...

    I know you can get more lab time. But can you let your current lab time expire and then return in say 6 weeks time and buy 30 more days access?

    I wasn't sure if they let you stop and then start again or whether it had to be continuous time with extensions
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2020: MCSA, OSCE
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    You sound busy Blucodex! Good luck with it all

    Quick question for you...

    I know you can get more lab time. But can you let your current lab time expire and then return in say 6 weeks time and buy 30 more days access?

    I wasn't sure if they let you stop and then start again or whether it had to be continuous time with extensions

    My lab time expired a couple months ago. I can still buy:

    1 month: $250
    2 months: $450
    3 months $600
  • CyberCop123CyberCop123 Senior Member Posts: 334Member ■■■■□□□□□□
    Did you do your exam then or was it pushed back again?
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2020: MCSA, OSCE
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Did you do your exam then or was it pushed back again?

    I'm locked in for 2/24. So, trying to finish my MS by Xmas then buy 2 more months of lab time to get ready.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Almost time to continue this journey. I completed my MS from WGU in 5 months. I didn't realize that it's been that long since I started my OSCP journey but I am really excited to be back. Since I paused this journey I've completed my MS and have started a new position as a SOC Analyst in a large corporation. Definitely a different day to day than I was used to as a medium-sized business Security Admin (Architect, Engineer, Admin).

    I'm all set to purchase 60 more days of lab time on 12/26. That will end on 2/23 and my exam starts the next day on 2/24.

    My plan is to start going over the PDF again starting today and to work the following list of VulHubs:

    Kioptrix: Level 1 (#1)
    Kioptrix: Level 1.1 (#2)
    Kioptrix: Level 1.2 (#3)
    Kioptrix: Level 1.3 (#4)
    FristiLeaks: 1.3
    Stapler: 1
    PwnLab: init
    Kioptrix: 2014
    Brainpan: 1
    Mr-Robot: 1
    HackLAB: Vulnix
    VulnOS: 2
    SickOs: 1.2
    /dev/random: scream
    pWnOS: 2.0
    SkyTower: 1
    IMF

    Lets go!!!
  • CyberCop123CyberCop123 Senior Member Posts: 334Member ■■■■□□□□□□
    Good luck!!! icon_cheers.gif
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2020: MCSA, OSCE
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Alright, re-upped my lab time and was able to get my legs back under me last night. Started off where I left off back in July--a low priv. shell on Bob/Bob2 after figuring out how I got it in the first place, kinda tricky because I needed to access something on the machine before my exploit would work. Tonight I'll spend some time on the priv. escalation part after going over a few blogs today.

    Rooted (6): Alice, Barry, DJ, Mike, Payday, Ralph
  • CyberCop123CyberCop123 Senior Member Posts: 334Member ■■■■□□□□□□
    Great progress and good blog so far! Keep up the good work.

    People say "enumeration enumeration enumeration" etc...

    It took me ages to work out what that meant. It just meant to keep digging. For example, if you have more than one HTTP web service, then make sure you do nikto on both, make sure you do dirb on both, check robots.txt on both.

    Try http://10..... and also https://10.... as sometimes they vary.

    Look at wireshark as sometimes something weird is happening

    Identify version numbers as soon as you can

    Always check source code just in case

    Don#t bother with brute forcing logins, it's not part of the OSCP (that's not a spoiler, it's widely publicised).


    Forum help

    Honestly, the jury is out on this one. I've used the forums and have two mindsets:

    1) you're here to learn, so use the forums to guide you. No point in being stuck for weeks. If after 4-5 hours you're still stuck then look at the forum!!

    2) avoid it if you can as it's just helping you, you won't have that in the exam

    My exam is in 14 days and I can probably say which one of these is right. Honestly thouhg, I think it's more than likely that number 1 is right. It's a learning experience, don't waste weeks on one machine. If you can have a hint like "look at port XXXX" then great - but obviously look at this after say 3-4-5 hours of trying.

    Also, after about 10 machines I found that I started instinctively identifying ports of interest. I almost knew which ports were a bit pointless in starting with.

    Other advice is to always post enumerate. I have paid the price and I am still paying the price. GEt the user account details, get the passwrods, get the IP detalis and route detalis, search for *network-secret*, etc.....


    Good luck for the rest of the labs
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2020: MCSA, OSCE
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    I was finally able to get Bob2 this morning. Know that I know what to do it was not nearly has hard as I made it. Just needed to stop and do some critical thinking around the techniques and services. I spent a lot of time on this box. Probably 15-20 hours during all of my lab time but most recently I only spent probably 3 hours. Woke up this morning with new direction and had him within 45 minutes.

    I think this box is going to be very helpful going forward and on the exam.

    Rooted (7): Alice, Barry, Bob2, DJ, Mike, Payday, Ralph
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    And down goes bob. Time to move on and pop more shells.

    Rooted (eight): Alice, Barry, Bob, Bob2, DJ, Mike, Payday, Ralph
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Down goes JD! Super easy box.

    Rooted (9): Alice, Barry, Bob, Bob2, DJ, JD, Mike, Payday, Ralph
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    And down goes Master. This one should have a lot of goodies to investigate. I think I'll spend some time here.

    Rooted (10): Alice, Barry, Bob, Bob2, DJ, JD, Master, Mike, Payday, Ralph
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Helpdesk Down.

    I didn't expect boxes to start dropping so fast but I must be rolling the dice on some easy ones. Won't be updating until later next week. Have a happy New Year everyone.

    Rooted (11): Alice, Barry, Bob, Bob2, DJ, Helpdesk, JD, Master, Mike, Payday, Ralph
  • CyberCop123CyberCop123 Senior Member Posts: 334Member ■■■■□□□□□□
    Great progress, keep it up!

    I always found it easier to keep remembering there is a place to go.... there is a hacking point.... just keep digging!

    Keep going!
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2020: MCSA, OSCE
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Been awhile since I last updated.

    Been really busy the last few weeks but I've managed to work through about about 60% of the PWK. Like others have said, DO THIS FIRST. These will help you immensely in the lab.

    Looking to wrap this PDF up by the weeks end and then I'll have 2 weeks to hit the lab, gather notes, and sit for the exam on 2/24.
  • HiggsxHiggsx Posts: 72Member ■■□□□□□□□□
    Good luck :)
    My lab time starts on 18th February. Can't wait anymore :D
  • liz4rdliz4rd Posts: 51Member ■■□□□□□□□□
    Blucodex wrote: »
    Been awhile since I last updated.

    Been really busy the last few weeks but I've managed to work through about about 60% of the PWK. Like others have said, DO THIS FIRST. These will help you immensely in the lab.

    Looking to wrap this PDF up by the weeks end and then I'll have 2 weeks to hit the lab, gather notes, and sit for the exam on 2/24.

    Hey Blucodex

    I'm confused I thought you'd finished the PWK material as per post below?

    06-14-2017 02:39 AM
    #17
    It's been a slow journey so far. After popping Alice the first day I did some lab enumeration but did not attempt any more boxes. I went and did the entire PDF. I haven't dedicated enough time to this and have been pretty busy but I did manage to finish the lab material this week and last night I got to work on another low hanging fruit in Barry.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    liz4rd wrote: »
    Hey Blucodex

    I'm confused I thought you'd finished the PWK material as per post below?

    06-14-2017 02:39 AM
    #17
    It's been a slow journey so far. After popping Alice the first day I did some lab enumeration but did not attempt any more boxes. I went and did the entire PDF. I haven't dedicated enough time to this and have been pretty busy but I did manage to finish the lab material this week and last night I got to work on another low hanging fruit in Barry.

    I did go through the PDF but did not do all the exercises. Plus, it's been a long time since I originally started so a refresher is good.
  • liz4rdliz4rd Posts: 51Member ■■□□□□□□□□
    Blucodex wrote: »
    I did go through the PDF but did not do all the exercises. Plus, it's been a long time since I originally started so a refresher is good.

    Ah I see... Well good luck. I'm on the 3rd week out of my 90 days.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Coming up on exam date. Time to pay the piper. I'll be working on the lab machines this week as I make final preparations. Here's a tentative schedule I've setup in hopes of keeping my motivation high during the exam. I feel like just under 17 hours of lab time seems a little slim but I also don't see how getting less than 5 hours of sleep is going to allow me to stay focused.

    OSCP Exam Schedule

    Date/Time: 2/24/2018 @ 3:00PM (Saturday)
    • 6-11am – Gather scripts, put together plan for lab enumeration, work on remaining lab tasks, take care of any outstanding chores, and get food/drink for lab.
    • 11-2pm Take nap to get refreshed for exam.
    • 2-3pm Wakeup and get energized, finalize last minute preparation.
    • 3-7pm Lab Time!!! (4 hours)
    • 7-8pm Dinner break w/family
    • 8-1am Lab Time!!! (5 hours)
    • 1-6am Sleep Break: If I have any long scripts/chron jobs to do kick off now
    • 6-6:30am Breakfast
    • 6:30 – 11am Lab Time!!! (4.5 hours)
    • 11-11:30am Lunch Break
    • 11:30 – 2:45pm Lab Time!!! (3.25 hours)
    Total lab time = 16.75 hours
  • chazb0tchazb0t Posts: 42Member ■■□□□□□□□□
    3pm is actually the best start time IMO, if you sleep for 6 hours, you can work 3pm to midnight and sleep 6 hours. Then work 6am to 3pm, so you get two 9-hour days/sessions to work on it. My first two attempts i started early in the morning, worked until like midnight got burnt out and was a zombie the next morning and couldn't think clearly. On my third attempt I scheduled it for 3pm, and i barely failed at the end by running out of time I think I had 65/70 with my extra credit.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Checking in before the exam starts here in about 30 minutes. Hoping for the best but prepared for the worst because I know I could really use more lab time. Let's go!
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    No way to to sugar coat it. Got my lunch handed to me. I knew I wasn't going to pass but thought I would make a little more head way. Leaving town for work tomorrow then have CCNA Cyber Ops starting first week of April. Even though it was a hard fail--I really enjoyed working on the machines!

    As much as I want to buy 30 days and hit the labs hard to test before CCNA Cyber Ops I'm thinking I might be better off working on vulnhubs until CCNA Cyber Ops is over. Then buy 30-60 days of OSCP labs and trying again.
  • JoJoCal19JoJoCal19 California Kid Posts: 2,801Mod Mod
    Sorry to hear it Blucodex. So I don't have to search the thread, how many machines did you pop in the labs? I'd say in addition to vulnhub, look at HTB.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    JoJoCal19 wrote: »
    Sorry to hear it Blucodex. So I don't have to search the thread, how many machines did you pop in the labs? I'd say in addition to vulnhub, look at HTB.


    I only got 12 boxes down and I used MSF on all but 1 or 2. I recognize that I have a lot to do to be prepared. Thanks for the resources!

    Exam scheduled for April 27th. Will re-up lab time when I return home Friday.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Spent the week and weekend working on my buffer overflow skills. Gained a much better understanding on what they are, how to interact with vulnerable applications, and python sockets. Signing up for 60 more days of labs starting tonight and will update once I have over 20 boxes shelled without using Metasploit.
Sign In or Register to comment.