OSCP journey starts 4/29/17, Lets go!

I was going to sit for the CISA in May but knowing I'll be starting my MS at WGU this fall I decided this may be the only chance I get to take this training (work sponsored) with plenty of free time.

I've been reading the forums and think I have an idea as to how much time I will need to put in. I signed up for 90 days of lab access. This next month I'll be working on the boxes at vulnhub, reading, reading, and I'll be putting together a binder with commands, tips, and techniques that I learn this next 3.5 weeks.

Any advice or relevant chat group recommendations are welcomes and appreciated. In a perfect world I'll get this done right before I head to DefCon this summer.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

Blucodex

Update. Finally rooted 20 boxes. I see that my previous post says w/o Metasploit. Well, I don't have 20 manually but I don't care

I'm just stoked I got to 20 and knocked down Pain which wasn't too hard after all. Test is scheduled for 4/27. Next goal is to get to 30 roots with knocking over humble and severance prior to test date. Feeling pretty good compared to where I was a few months ago and still have 3 weeks to prepare.

Manually rooted Alice, Alpha, Barry, Beta, Dotty, Mike, Pain, Phoenix, and Suzie. The rest I just haven't came back to try manually as I've been focused to getting into more boxes.

JoJoCal19

Good work Blucodex!

Blucodex

Thanks JoJo. Been a lot of fun the last go round since I've been able to spend more time in the lab. Knocked out Core today manually. Time to shop for patio furniture before getting back to more boxes.

Small world, went to a local security meetup Friday and ran into a guy with his OSCP. He ended up not only being in the TechExams OSCP Discord channel but DM history shows we talked in July of last year when we both started the class. What are the odds?

Blucodex

Exam date is coming up this Friday at 3pm. I feel a lot better than I did last time but could use more lab time. I'm only up to 24 roots at the moment and LP shells on Gamma and Bethany. Also working on Sherlock at the moment. I definitely need better post exploitation enumeration. Heck, I could use better everything

My May is pretty booked between a work trip, vacation, and the Cisco CCNA CyberOps scholarship. Current plan is to sit the exam, if I fail, chew through the month of May while fitting in some Vulnhubs. Either sit the exam again, or purchase another 60 days of lab time and finish all (hopefully) the rest of the boxes and sit the exam.

Blucodex

I ain't dead yet. Been super busy at work and have had a lot on my plate. I am now able to get back focused on the OSCP. Currently working through HTB free boxes. Will update again when I get more boxes under my belt. Current goal is to sit for the exam sometime after BH/BS/DEFCON week. Probably late August or early September.

JoJoCal19

Woah he lives!! Good luck man.

Mooseboost

Blucodex wrote: »

I ain't dead yet. Been super busy at work and have had a lot on my plate. I am now able to get back focused on the OSCP. Currently working through HTB free boxes. Will update again when I get more boxes under my belt. Current goal is to sit for the exam sometime after BH/BS/DEFCON week. Probably late August or early September.

HTB is definitely a great way to go. If you do well on there, you will do well in the labs. IMO some of the HTB boxes were tougher than the exam machines.

Blucodex

Mooseboost wrote: »

HTB is definitely a great way to go. If you do well on there, you will do well in the labs. IMO some of the HTB boxes were tougher than the exam machines.

I've heard that as well. I just want to do the low budget option to get better before taking the exam or buying more lab time.

Blucodex

Update: Been back in the labs for another month and some change. I am up to 35 boxes completed and 33 of those done manually. I'm going for the exam again on 4/19.

This has been a very long on and off again journey but I am motivated to get this done right now. Since I started my OSCP I started and finished my Masters, earned a ton of blue team certs, and had a few job changes. Looking back I can say these labs have helped me immensely in my career even though I have not completed the certification. I don't have another training until 7/27 so hopefully now is when I become... OSCP

EANx

Good on ya for not giving up. The whole point of a cert is to have independent verification of knowledge but it's the knowledge that's key and it sounds like you're making use of what you've learned.

Blade3D

I'm thinking about starting my journey back up as well. I've just been so busy recently.

Good luck!

Blucodex

Update: Sat for the exam yesterday and was able to get 3 root shells and 2 low-privs. Just submitted my exam and lab reports. If all goes well I will finally be OSCP certified by the weekend.

Infosec_Sam

Blucodex said:

Update: Sat for the exam yesterday and was able to get 3 root shells and 2 low-privs. Just submitted my exam and lab reports. If all goes well I will finally be OSCP certified by the weekend.

I'm crossing my fingers for you! How do you think it went during the exam? Pretty smooth, or did you hit any snags?

Blucodex

Infosec_Sam said:

Blucodex said:

Update: Sat for the exam yesterday and was able to get 3 root shells and 2 low-privs. Just submitted my exam and lab reports. If all goes well I will finally be OSCP certified by the weekend.

I'm crossing my fingers for you! How do you think it went during the exam? Pretty smooth, or did you hit any snags?

No snags at all. Assuming you are referring to environment behavior.

Blucodex

OSCP certified!

Wow, this has been quite a journey for me but it worked out for the best. Since I started I've really dug into InfoSec and have achieved my MS in Cyber, GCIA, GMON, GCIH, CCNA CyberOps, and a few other lesser known certs. I've also had two job changes and started to learn scripting and forensics. It's been a busy but amazing ride.

My best advice for those new to this subject is to stay calm and enjoy the journey. This is very much a self-paced learning experience with the icing on the cake being an industry respected certification. You'll get out of this what you put in.

I know these resources have been sprayed around but I'll put a few of my favorites here:

HTB/VulnHub Writeups: https://www.hackingarticles.in/
Enumeration Tools/Techniques: https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html
Directory Enumeration Tool: https://github.com/maurosoria/dirsearch
Windows Privilege Escalation: https://www.fuzzysecurity.com/tutorials/16.html
Linux Privilege Escalation: https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
SecLists: https://github.com/danielmiessler/SecLists

Raj Chandel's blog is a great resource for beginners to get a feel for the process on attacking boxes.