OSCP Journey Starts 08/13

locod64

Journey ahead!

So I been supporting the troops out in Afghanistan in the Info sec field.
after work out here i find myself with a lot of free time, so decided to tackle down the OSCP.
I have read plenty of materials on OSCP and what is expected in order to pass.
I look forward in sharing my journey as many before me have done.

also, if anyone has started or will begin their OSCP around my time frame please do reach out..

TTYL

Locod64

adrenaline19

Don't rush through the pdf and videos. Everyone is eager to hit the labs, but the devil is in the details. Sign up for 90 days, not 30 or 60.

vynx

adrenaline19 wrote: »

Don't rush through the pdf and videos. Everyone is eager to hit the labs, but the devil is in the details. Sign up for 90 days, not 30 or 60.

can i know the reason for 90 ?

adrenaline19

I've been where locod is; it can get stressful quickly. Sometimes, it's best to step back and relax for a day or two, but you can't do that if you feel pressed for time. Locod have nothing else to do, so he/she might as well do OSCP right.

Besides, it gives you extra time to play in the labs and hone your skills; who wouldn't want that?

locod64

yeah I went with the 90 day lab package. I wanted to make sure I got plenty of exposure and lab time.

i downloaded the kali image that they provided. My question is, are there any other programs that I should install for this course, or most are already included in Kali?

Im doing my last minute preps to make sure I get most out of this course.

adrenaline19

You only need the image, PDF, and videos. All of those are delivered together in one email. I assume you already tested the VPN tunnel, right?

You'll be given a test box to do your exercises before you are unleashed on the lab boxes.

They give you everything. It really is a great course.

locod64

I tested the VPN connection and also downloaded the VM they sent in the email.

I was referring to any other software that would help with the course that might not be included in Kali..

After reading a few reviews, the best plan is to read the PDF, watch the videos and complete the section assignment..
after jump in the labs..

Im finishing a BURP SUITE class, picked up a lot of new skills on web pentesting... how much SQL is cover in the Course?
I would say that would be my weakest area..

thanks for the feedback.

BuhRock

Not a lot of sql injection is in the OSCP.

Hornswoggler

Hey Loco! I'm also starting that weekend! Part of me wishes it were here already, and another part of me wants more time to prepare, LOL! Can't wait to get started and learn a ton.


Like you I've already downloaded the kali image and connected to VPN (so I could get the link to pay). I'll be working through as many vulnhub machines as possible in the next 3 weeks, and will practice putting the results in the offsec reporting format (for the practice).


I've joined the IRC and offsec forums, also found a channel on Slack. https://netsecfocus.herokuapp.com/ . I hear there is a Discord group out there but haven't looked too deep.


Best of Luck!!!

adrenaline19

Don't download any vulnerability scanners or anything that isn't included in your student image. If I were you, I'd clone your student VM several times before you start and update them throughout the course. I don't know your hardware, but upgrading to 16gb of ram would be helpful too.

As far as software, you are all set!

locod64

I havent added anything to it yet.. I wish you could some how get the study aid package with the registration...
Been practicing on vulhub, other than that I can wait to start learning.. Hornswoggler I will def look into does groups. I will be updating this thread and you are welcome to update it as well..

locod64

As of 08/13 I started my OSCP jouney. Like most have said before, I got the email with course material, and lab PVN log in.

I will follow the (watch video-then read PDF) format.. after each section I will complete the exercises, OneNote has been my prefer note keeping software. I also created a shared folder within kali to my local HOST. from there I added that shared folder to my dropbox. so when I save my Notes it automatically gets added to dropbox. I have also downloaded most of the tools that Jelly-frog mention on his OSCP review. I will recommend to actually try to open each one as some required so updating for them to work.. So far I have completed the first 80 pages of the PDF and videos..

if anyone has started around my time frame, and would like to create a study group, please dont hesitate to drop me a mesg.
Will update this thread with more info once I actually touch the labs...

TTYL
locod64

Hornswoggler

Exciting!! You aren't wasting any time.

Hornswoggler

I'm only up to page 70 and it feels like work, lol. I keep waiting for the fun part. The exercises are cool but the reporting is a chore. I enjoy it once I've started. Nothing profound so far that I haven't seen before. Can't wait to get past the material and spend more time in the lab.

JoJoCal19

Ha, it's supposed to be fun & pain! I start on 9/2 and am looking forward to it!

katawia

JoJoCal19 wrote: »

Ha, it's supposed to be fun & pain! I start on 9/2 and am looking forward to it!

Will be starting mine from 11/2017. In the meantime, I'm filling some necessary gaps. It may be an overkill; however, I'll rather over learn than under learn in prep for the OSCP and beyond.

billows

any preference or plan on which box should be pwned?

lynad

Hey, i started on the 8/13 also, couldn't send a PM, I'm interested in the study group

EANx

billows wrote: »

any preference or plan on which box should be pwned?

All of them

locod64

Update,

so far I have rooted Alice lol.. the exercise for SMB kinda gives you the answer (make sure you rooted it manually) learned a bunch from it.. the Buffer over flow took most of my time this week. should be finish with the exercises by Sunday.
I have created a scripts folder, with reverse shells, ftp options, and the raw exploit code for each vulnerability I find.
also, I created a list with all user I find in my enumeration, with their respected hash or password. I have the feeling some might work in other boxes.

so far I can say I have sharpen my overall understanding in pen testing. I know the real challenge will begin for me shortly.
for now i will enjoy my 1-1 record from rooting Alice hehe...

lets get a study group going, im down to work with others..

JoJoCal19

locod64 wrote: »

lets get a study group going, im down to work with others..

Hey, I start on 9/2. I'll be participating in the Discord channel when I start mine, but if you also want a smaller meetup, we can connect on Discord or Slack.

Hornswoggler

How does one join the discord channel? Anybody got a link?

Hornswoggler

Two weeks in... how is everybody doing??


I'm not as far as I would have liked... been taking my time with the Windows buffer overflow material and exercises. It takes every bit of concentration I have at times, lol. I don't have much programming or scripting experience so a few parts are over my head but I was able to follow along enough to write the exploit for VulnServer.exe. It was a relief to complete! I took the time to make good notes, both for the lab report and so I could replicate my steps in the exam/lab. I'm thinking BOF will be the toughest part for me since I am a newb in that department.

locod64

@Hornswoggler,

for BOF it was a complete new concept, I new the theory behind it but never actually created and exploited a system with it. because of this, i took extra time in this section to make sure I understood the entire process. I have finish the course work and exercises. this week will focus full time on the labs.
so far i have gain a good understanding on non staged/staged payloads!.. have rooted alice, and Phoenix. will update more frequently now that im on the labs!! look forward on reading everyone's progress.

locod64

locod64

This week has been super interesting.

the current problem im facing is.. Found a RFI on a machine, im able to call a reverse shell from my apache2 server with a javascript through the url.
the problem is with my apache server rendering the reverse shell instead of the vuln server im after. I figure is because my reverse shell is PHP and the server is reading and executing the code, instead of pushing forward the file. I have played around with changing the .php to .txt and even .gif.. I know its something simple im over looking. this cert has gotten my full attention.. the amount of self-studying is crazy compare to other certs.. will update as soon as i root this machine..

locod64

Mefistogr

@locod64 Try using SimpleHTTPServer. This will solve your problem.

m4v3r1ck

Adding to Mefistogr's comment, see the link below. Dan Helton mentions that he uses SimpleHTTPServer over Apache and gives his reasoning. Worth a quick read.

Hornswoggler

loco, you booked your exam yet? My 90 days is coming to an end... I'll miss these labs!!

Hornswoggler

locod64 wrote: »

@Hornswoggler,

for BOF it was a complete new concept, I new the theory behind it but never actually created and exploited a system with it. because of this, i took extra time in this section to make sure I understood the entire process. I have finish the course work and exercises. this week will focus full time on the labs.
so far i have gain a good understanding on non staged/staged payloads!.. have rooted alice, and Phoenix. will update more frequently now that im on the labs!! look forward on reading everyone's progress.

locod64

Looking back I was absolutely terrified of the BOF section but now I think that was the best part of PWK. I have a much deeper appreciation and understanding of exploits now even if I'm not going to be a bug bounty hunter. Good luck on your upcoming exam loco!