Need advice about OSCP

Higgsx

Hello all.
Last year I passed GCIH exam with 87% score. Since then I dream about taking PWK training and passing OSCP exam. Recently I managed to find money to invest and buy the PWK labs.

I read almost every review about OSCP on the internet and my preparation plan was based on that.

1) I read Georgia Weidman's book - Penetration Testing hands-on hacking 2 times
2) I downloaded 8 or 9 vulnhub machines(OSCP like machines-all linux) and rooted almost everyone(with a very little bit help of walkthroughs), I learned many things.
3) I did 3 linux machines on the hackthebox. Also did some challenges on root-me.org
4) refreshed my skills in linux by reading LPIC-1 book and playing with Arch linux

I also have some more preparation in my mind but I think I'm just starting to over-prepare.
I have plan this year: OSCP->SLAE->OSCE

My background: I've a job at national CSIRT team and I have almost 2 year web application penetration testing experience, Also 1 year experience in malware analysis.I know basics of python. Coded many things. Also I know C language very well including some linux kernel syscalls. Also coded little bit assembly code. I know basic instructions(mov,add,xch,sub etc) and linux/windows memory layouts. I know what is stack,heap,.data,.bss,.rodata sections and so on.

What is your advice? Which is better, start today or wait for a while and prepare more before buying PWK labs?

airzero

From the sounds of it you'll be pretty prepared for the PWK. I'd say to just go for it, take your time working through the material and then spend as much time in the labs as you can. As long as you learn from your experience in the labs you can be successful in the exam.

GirlyGirl

Higgsx wrote: »

Hello all.
Last year I passed GCIH exam with 87% score. Since then I dream about taking PWK training and passing OSCP exam. Recently I managed to find money to invest and buy the PWK labs.

I read almost every review about OSCP on the internet and my preparation plan was based on that.

1) I read Georgia Weidman's book - Penetration Testing hands-on hacking 2 times
2) I downloaded 8 or 9 vulnhub machines(OSCP like machines-all linux) and rooted almost everyone(with a very little bit help of walkthroughs), I learned many things.
3) I did 3 linux machines on the hackthebox. Also did some challenges on root-me.org
4) refreshed my skills in linux by reading LPIC-1 book and playing with Arch linux

I also have some more preparation in my mind but I think I'm just starting to over-prepare.
I have plan this year: OSCP->SLAE->OSCE

My background: I've a job at national CSIRT team and I have almost 2 year web application penetration testing experience, Also 1 year experience in malware analysis.I know basics of python. Coded many things. Also I know C language very well including some linux kernel syscalls. Also coded little bit assembly code. I know basic instructions(mov,add,xch,sub etc) and linux/windows memory layouts. I know what is stack,heap,.data,.bss,.rodata sections and so on.

What is your advice? Which is better, start today or wait for a while and prepare more before buying PWK labs?

I buy e-books like candy. I just go to amazon and do the one click buy, 1 minute later I can read them on my computer. I bought the book from Ms. Weidman and it was very introductory. One thing I personally didn't care for is the heavy Metasploit. The fact of that matter is, a tool is available for everything. With regards to penetration testing, hacking, or whatever name you call it a tool exists. Personally, If I wanted to know how to use Metasploit, I would buy a Metasploit focused book. That is assuming I don't know how. What I will say is that I never finished her book. Maybe it's a great book, I don't know. She got my money and I hope she spends it wisely.

You said you downlaoded 8 or 9 vulnhub machines. We should be honest here. Vulnhub has "Easy" machines and "hard" machines. How do we know you didn't download 8 or 9 "easy" machines? I would like the machines names please. Just playing, or am I? No matter what website you name the level of difficulty is going to vary. So, it's hard to give an answer or recommendation on that. You say you did 3 Linux machines. You didn't say how you did on them. That is key information.

It is better to over prepare than to under prepare. Why wait for tomorrow when tomorrow is not promised? What is the hold up? People have said that they had no experience and passed the exam. So, I am not sure experience or coding really is the difference between pass or fail. It just might make it semi-easier for some folks.

It's enough threads on this site and 100x more on the internet that has enough information to keep you reading for 4 months.

Higgsx

airzero wrote: »

From the sounds of it you'll be pretty prepared for the PWK. I'd say to just go for it, take your time working through the material and then spend as much time in the labs as you can. As long as you learn from your experience in the labs you can be successful in the exam.

Thanks for the answer

GirlyGirl wrote: »

I buy e-books like candy. I just go to amazon and do the one click buy, 1 minute later I can read them on my computer. I bought the book from Ms. Weidman and it was very introductory. One thing I personally didn't care for is the heavy Metasploit. The fact of that matter is, a tool is available for everything. With regards to penetration testing, hacking, or whatever name you call it a tool exists. Personally, If I wanted to know how to use Metasploit, I would buy a Metasploit focused book. That is assuming I don't know how. What I will say is that I never finished her book. Maybe it's a great book, I don't know. She got my money and I hope she spends it wisely.

You said you downlaoded 8 or 9 vulnhub machines. We should be honest here. Vulnhub has "Easy" machines and "hard" machines. How do we know you didn't download 8 or 9 "easy" machines? I would like the machines names please. Just playing, or am I? No matter what website you name the level of difficulty is going to vary. So, it's hard to give an answer or recommendation on that. You say you did 3 Linux machines. You didn't say how you did on them. That is key information.

It is better to over prepare than to under prepare. Why wait for tomorrow when tomorrow is not promised? What is the hold up? People have said that they had no experience and passed the exam. So, I am not sure experience or coding really is the difference between pass or fail. It just might make it semi-easier for some folks.

It's enough threads on this site and 100x more on the internet that has enough information to keep you reading for 4 months.

metasploitable 2 - quite basics,exploited 2-3 services and rooted easily
Kioptrix: Level 1 (#1) - little bit hard but managed to root
Kioptrix: Level 1.1 (#2) - easy
Kioptrix: Level 1.2 (#3)
Kioptrix: Level 1.3 (#4)
FristiLeaks: 1.3
Stapler: 1
PwnLab: init
Brainpan: 1 -- I did it but couldn't finish because of Buffer overflow stuff. I don't know that much to write my own exploit code
SickOs: 1.2 - I liked because it was very real world scenario.
SickOs: 1.1 - I liked it so much
IMF - didn't finish It requires own buffer overflow exploit
*****: 1 very easy
LordOfTheRoot 1.0.1 - rooted also. It was fun

That's a list I did

And on HackTheBox I did:
1) Blue
2) SolidState
3) Mirai(Don't remember exact name)

CyberCop123

GirlyGirl wrote: »

I bought the book from Ms. Weidman and it was very introductory. One thing I personally didn't care for is the heavy Metasploit

100% agree. It's frustrating also that many "how to" articles online focus entirely on metasploit.

Eg, searching for portforwarding and pivoting links to Metasploit, search of an exploit, and it says "just open up metasploit, and launch it".... it's hardly helpful really.

.............


To the OP, you sound very well prepared and I think you'd find the OSCP more than manageable based on your experience so far.

Your route after, to get to OSCE is one I've seen work for others. It's one I'm considering myself too, later in the year.


Good luck

LonerVamp

From the sounds of your background, you're more than ready to take the PWK->OSCP.

Keep in mind that the PWK comes with course materials. These walk you through the steps of a pen test and various tricks, very much like Weidman's course/book.

Me, personally, I expect students can pass the exam and see success in the labs even if they've never returned a root shell from a remote system before. The materials will walk students through that.

I actually disagree, in this case, that it is better to over-prepare. I think you need a basic understanding and basic experience in a few things (Windows, Linux, Kali, Metasploit, LAN networking+firewalls, web server administration, scripting/coding), but the course otherwise gives you the knowledge and beginnings to start walking on your own.

In addition, the lab environment is tailored to be accessible and doable by students who read the material and do some research on their own (though honestly, it's nothing compared to researching blindly for vulnhub or HTB boxes at times). The course and the exam have a very distinct scope to them, and you don't really delve outside of that scope with maybe one or two very minor exceptions in the lab.

Don't over-prepare. Jump in. Do it.

Higgsx

Thank you guys so much for replying me. I'm so so so motivated to buy and start this awesome journey.
I'll create a new thread about my journey when I start.

I have one question about registration(I don't want to create new thread about that).

1) I have non-free email address from my employer but I don't want to use that(I don't trust their mail server ). I want to use Gmail email and register with my scanned ID. Is this a bad idea? I know it is permitted but I want to be sure this will not make me any problems in future

GirlyGirl

Higgsx wrote: »

Thank you guys so much for replying me. I'm so so so motivated to buy and start this awesome journey.
I'll create a new thread about my journey when I start.

I have one question about registration(I don't want to create new thread about that).

1) I have non-free email address from my employer but I don't want to use that(I don't trust their mail server ). I want to use Gmail email and register with my scanned ID. Is this a bad idea? I know it is permitted but I want to be sure this will not make me any problems in future

'


First and foremost, you aren't dealing with CompTia, E-Learn Sefurity<- (no this wasn't a typo)or Ec-Council here.

Second, I tried the little game you are playing and failed. You will as well. Here is what I got when I attempted it:

[FONT=&amp]Dear MasterDearMasterPenTestMasterofMastersInTheUniverse[/FONT]

[FONT=&amp]The email address you have provided unfortunately does not allow us to conduct proof of identity. [/FONT]

[FONT=&amp]Please provide us with a different non-free email address by replying to this email. Do not submit a new registration request via our website.[/FONT]

[FONT=&amp]Alternatively, you may provide us with a scanned ID (in color) such as a driver's license or passport that is printed in English. Should you choose to do so, please blur out the ID number and email it to: youarenotslick[/FONT]@offensive-security.com[FONT=&amp]. [/FONT]
[FONT=&amp]Our OpenPGP key can be found at the following link: [/FONT]http://blahblahblahblah


P.S.

You are welcome

McxRisley

You can do what I did and sign up with a non-free email and then have them switch your main email to your free one after they verify your identity.

Higgsx

Thank you guys
I decided to buy PWK labs tomorrow so it will start soon!
It's my dream for 2 years to take PWK labs and pass OSCP exam. SO no more WAITING