OSCP journey starts 4/29/17, Lets go!

13»

Comments

  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Update. Finally rooted 20 boxes. I see that my previous post says w/o Metasploit. Well, I don't have 20 manually but I don't care :) I'm just stoked I got to 20 and knocked down Pain which wasn't too hard after all. Test is scheduled for 4/27. Next goal is to get to 30 roots with knocking over humble and severance prior to test date. Feeling pretty good compared to where I was a few months ago and still have 3 weeks to prepare.

    Manually rooted Alice, Alpha, Barry, Beta, Dotty, Mike, Pain, Phoenix, and Suzie. The rest I just haven't came back to try manually as I've been focused to getting into more boxes.
  • JoJoCal19JoJoCal19 California Kid Posts: 2,801Mod Mod
    Good work Blucodex!
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Thanks JoJo. Been a lot of fun the last go round since I've been able to spend more time in the lab. Knocked out Core today manually. Time to shop for patio furniture before getting back to more boxes.

    Small world, went to a local security meetup Friday and ran into a guy with his OSCP. He ended up not only being in the TechExams OSCP Discord channel but DM history shows we talked in July of last year when we both started the class. What are the odds?
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Exam date is coming up this Friday at 3pm. I feel a lot better than I did last time but could use more lab time. I'm only up to 24 roots at the moment and LP shells on Gamma and Bethany. Also working on Sherlock at the moment. I definitely need better post exploitation enumeration. Heck, I could use better everything :)

    My May is pretty booked between a work trip, vacation, and the Cisco CCNA CyberOps scholarship. Current plan is to sit the exam, if I fail, chew through the month of May while fitting in some Vulnhubs. Either sit the exam again, or purchase another 60 days of lab time and finish all (hopefully) the rest of the boxes and sit the exam.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    I ain't dead yet. Been super busy at work and have had a lot on my plate. I am now able to get back focused on the OSCP. Currently working through HTB free boxes. Will update again when I get more boxes under my belt. Current goal is to sit for the exam sometime after BH/BS/DEFCON week. Probably late August or early September.
  • JoJoCal19JoJoCal19 California Kid Posts: 2,801Mod Mod
    Woah he lives!! Good luck man.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • MooseboostMooseboost Senior Member Posts: 775Member ■■■■□□□□□□
    Blucodex wrote: »
    I ain't dead yet. Been super busy at work and have had a lot on my plate. I am now able to get back focused on the OSCP. Currently working through HTB free boxes. Will update again when I get more boxes under my belt. Current goal is to sit for the exam sometime after BH/BS/DEFCON week. Probably late August or early September.

    HTB is definitely a great way to go. If you do well on there, you will do well in the labs. IMO some of the HTB boxes were tougher than the exam machines.
    2020 Certification Goals: OSCE GXPN
    Blog: https://hackfox.net
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Mooseboost wrote: »
    HTB is definitely a great way to go. If you do well on there, you will do well in the labs. IMO some of the HTB boxes were tougher than the exam machines.

    I've heard that as well. I just want to do the low budget option to get better before taking the exam or buying more lab time.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Update:  Been back in the labs for another month and some change.  I am up to 35 boxes completed and 33 of those done manually.  I'm going for the exam again on 4/19.

    This has been a very long on and off again journey but I am motivated to get this done right now.  Since I started my OSCP I started and finished my Masters, earned a ton of blue team certs, and had a few job changes.  Looking back I can say these labs have helped me immensely in my career even though I have not completed the certification.  I don't have another training until 7/27 so hopefully now is when I become... OSCP :)


  • EANxEANx Posts: 1,078Member ■■■■■■■■□□
    Good on ya for not giving up. The whole point of a cert is to have independent verification of knowledge but it's the knowledge that's key and it sounds like you're making use of what you've learned.
  • Blade3DBlade3D Posts: 105Member ■■■□□□□□□□
    I'm thinking about starting my journey back up as well. I've just been so busy recently.

    Good luck!
    Title: Systems Designer
    Degree: B.S. in Computing Science, emphasis Information Assurance
    Certifications: CISSP, Network+, Security+, OSWP
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    Update:  Sat for the exam yesterday and was able to get 3 root shells and 2 low-privs.  Just submitted my exam and lab reports.  If all goes well I will finally be OSCP certified by the weekend.
  • Infosec_SamInfosec_Sam Security+, CCENT, ITIL Foundation, A+ Madison, WIPosts: 384Admin Admin
    Blucodex said:
    Update:  Sat for the exam yesterday and was able to get 3 root shells and 2 low-privs.  Just submitted my exam and lab reports.  If all goes well I will finally be OSCP certified by the weekend.
    I'm crossing my fingers for you! How do you think it went during the exam? Pretty smooth, or did you hit any snags?
    Community Manager at Infosec!
    Who we are | What we do
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    edited June 3
    Blucodex said:
    Update:  Sat for the exam yesterday and was able to get 3 root shells and 2 low-privs.  Just submitted my exam and lab reports.  If all goes well I will finally be OSCP certified by the weekend.
    I'm crossing my fingers for you! How do you think it went during the exam? Pretty smooth, or did you hit any snags?

    No snags at all.  Assuming you are referring to environment behavior.
  • BlucodexBlucodex OSCP, GCIA, GCIH, GMON, CISSP, CEH, CHFI, CCNA CyberOps, Security+ Posts: 430Member ■■■■□□□□□□
    OSCP certified!

    Wow, this has been quite a journey for me but it worked out for the best.  Since I started I've really dug into InfoSec and have achieved my MS in Cyber, GCIA, GMON, GCIH, CCNA CyberOps, and a few other lesser known certs.  I've also had two job changes and started to learn scripting and forensics.  It's been a busy but amazing ride.

    My best advice for those new to this subject is to stay calm and enjoy the journey.  This is very much a self-paced learning experience with the icing on the cake being an industry respected certification.  You'll get out of this what you put in.

    I know these resources have been sprayed around but I'll put a few of my favorites here:

    HTB/VulnHub Writeups: https://www.hackingarticles.in/
    Enumeration Tools/Techniques: https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html
    Directory Enumeration Tool: https://github.com/maurosoria/dirsearch
    Windows Privilege Escalation: https://www.fuzzysecurity.com/tutorials/16.html
    Linux Privilege Escalation: https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
    SecLists: https://github.com/danielmiessler/SecLists

    Raj Chandel's blog is a great resource for beginners to get a feel for the process on attacking boxes.





Sign In or Register to comment.