OSCP Narrative

(((DISCLAIMER)))This is going to be very long. Sooooooo,

I'm starting my OSCP journey tomorrow. I signed up for 30 days as that's what I can only afford as of this moment. I know that lab time is not enough considering my background (I'll get to it later on). However, I will make sure that I will get the most out of it. I will dedicate roughly 10 hours of videos/exercises while at work and around 8 hours after work. I work on a 4days ON/OFF schedule so I could get to learn on such basis.

I made sure though that the missus understands what I will be going through and couldn't be more thankful of her support. However, we have a 2 year old son who won't understand that daddy has to drift away in the labs and succumb to the 'Try Harder' state of life. So, during my days off I can only pull off maybe 4 hours nightly. I hope this schedule works for me. I'll try to be as open as possible on a personal level with these posts (I'm an open book). I am doing this just to document my journey for personal reference so I'm not expecting and replies but hopefully this can help someone just like me out there.

I believe that there is no such thing as "You've read too much OSCP reviews/experiences". I myself wanted to read alot of tips (except spoilers) as I need all the help I can get.

MY BACKGROUND

In 2011, I started out as an ISP tech support (the guys everyone yells at when there's no internet lol) for 1 year. I got into a remote support tech role (much like geek squad) where the company required and paid for my A+ cert. I've done it for 3 years. I have always been interested in Security so a colleague of mine who's kind of a mentor to me, suggested to learn Network/CCNA stuff for starters. Thinking that I could land a NOC/Network job as a pre requisite to Security, I took CCNA only to find out that you still have to have that entry level experience or atleast come from a Service Desk role. I had no luck finding that network nor security job. I, instead, started to look for a service desk role which I found on my second company where I learned mostly web hosting/cloud hosting stuff. During my down time, I would learn Security from the company's 'Skillsoft' platform. Our computers had access where we could install VirtualBox. I took advantage of it and downloaded Backtrack R5 (I heard this distro from my previous colleague that it had tools used to hack wifi passwords lol as well as the CEH) without knowing that Kali was the latest version. Through out my self studying, I read about the OSCP and was amazed that it was the same guys who created Kali/Backtrack LOL I was dumb/noob (still am). Fast forward, I eventually landed a Security role after 9 months in service desk. Thanks to my present company, the only company, who gave me the chance for THAT 1 interview and even paid for my Security+ cert.

Everything I know is 'Basic' to nothing.

- no scripting knowledge, did about 36% progress on python through Codeacademy. I forgot them now but can still understand basic python when I see it.

- linux is basic as well, only used Kali, can do basic service start/stop, cat files, know what ftp is, how web servers work, general web hosting stuff (all them GUI based for administration), still having a hard time understanding the file/directory structure

- A+ stuff still there (common places for infection, important registry stuff to check), not so good in hardware

- Confident about my Google Fu though which I learned throughout my remote support tech stint

Nothing too amazing.

OSCP Prep

- I bought my first PC two years ago, asked my colleauges for recommendations, mainly for Virtual lab practice, got distracted with games though, but I learned Metasploit, Nessus, some basic mass scanners during that phase and overall Kali stuff

- I did alot of reading. Georgia Weidman and her course on cybrary. Metasploit unleashed, some how-tos' books on pentesting that I can't remember anymore.

- I read walkthroughs of vulnhub machines as I didn't knwo what to do with them at first.

- I just recently developed sort of a really really basic methodology in doing vulnhub machines, I was able to do kioptrix 1, kioptrix 2, Quaoar, Basic Pentesting 1, Seattle v0.3. I practiced on alot of those 'easy' and 'oscp' like boxes.

- And I read alot of oscp reviews/tips/guides you name them I've read them (Personal favorite is the #aint_never_scared/Jumping in the ocean without knowing how to swim guy, I hope he passed)

- Enumeration is the key and I believe that it is true just like with the vulnhub boxes that I've tried. These machines in the lab won't be there if there is no way to get in. So if I can't get into one of those boxes, it just means that I have to enumerate more

All in all, I feel that the only way to prove that I am ready is to sign up, jump in, bite the bullet and go for it as I don't know what to expect anymore. Sure I have A LOT of things to learn and maybe had to prepare more but until I get the materials and feel the labs I wouldn't know. I'm being optimistic about this course yet I know that I will have to bang my head against the wall A LOT.

I'm sorry for the messy structure of my post if someone is reading this. Good luck to anyone who's on the same boat.

Find more posts tagged with

Comments

OS36711

So I received the link to download the materials, I am currently downloading them and plan to start the materials in 20 minutes. My study should last for 7-8 hours today.

aakashc1

Very very good luck Sir. I hope to see you OSCP too soon.

Also if you want to read one more review then read mine also ->
https://medium.com/@LearnerPentest/oscp-i-did-it-af9ee3335a1c

Thanks

khaledit2015

it is so hard but good Luck man

khaledit2015

good luck

OS36711

Alright so 5 hours in with the materials. I can say that of all the BOF tutorials I watched, I finally understood it because of Offsec. I'm still going at it and just took a 15 minute break as my eyes are hurting. I still have 2 more planned hours of sticking to the materials before I eat and sleep.

aakashc1 wrote: »

Very very good luck Sir. I hope to see you OSCP too soon.

Also if you want to read one more review then read mine also ->
https://medium.com/@LearnerPentest/oscp-i-did-it-af9ee3335a1c

Thanks

Thank you aakashc1! I've followed your oscp journey as well and glad that you passed. I enjoyed your review too as well as the gifs.

OS36711

aakashc1 wrote: »

Very very good luck Sir. I hope to see you OSCP too soon.

Also if you want to read one more review then read mine also ->
https://medium.com/@LearnerPentest/oscp-i-did-it-af9ee3335a1c

Thanks

Thank you for your well wishes Khal!

OS36711

Congrats on your pass too aakashc1! I forgot to include it on my previous reply.

LonerVamp

Yeah, the BOF stuff in the course is just wonderful. It might not have nice animated slides, but you get what's happening.

OS36711

OS36711 wrote: »

Congrats on your pass too aakashc1! I forgot to include it on my previous reply.

Right on ya LonerVamp, I've been coming across a lot of your posts here as well as on Reddit and I thank you for being very helpful at any medium you have access on.

OS36711

UPDATE

So 23 days left on my lab time access. I have rooted 8 machines aside from Bob (which I got a low priv shell and will get back to it some time). I won't name the machines (as I cant find the energy to type the names individually but if you have access to the panel it's in ascending order). I felt that this is the time to update since I got to root Pain today. I got off of work and when i got home, I immediately worked on Pain as it was the next on my list. I am doing it in chronological order. I decided to call it a night and write this post while doing a basic enum on the next machine (just to have an idea on what is next tomorrow).

I spent 6 hours on Pain as I was looking at a different vector. The lesson here guys is to just stick with the basics and do not overthink, I was thinking of a specific attack which costed me a lot of time had I not stuck to my plan. In the end, what I thought was the vector depended on other factors so I looked at another venue that gave me that much needed shell. Priv Esc is where I am very weak at so go and find ways on how to prepare and practice on priv esc.

I have learned a lot in those 7 days of which 2 days were dedicated to the materials. The labs will definitely teach you a lot as you go along. Keep on studying guys.

OS36711

PS: my quotes aren't working or I'm just stupid enough no to know how to quote, lol. I'm quoting the specific posts but it's not producing the right post so I'm sorry for the wrong quotes. LOL

Khohezion

OS36711 wrote: »

PS: my quotes aren't working or I'm just stupid enough no to know how to quote, lol. I'm quoting the specific posts but it's not producing the right post so I'm sorry for the wrong quotes. LOL

How are you studying? Are you reading then trying out the labs?

Good luck as well!

LonerVamp

8 machines + going over the materials in just 7 days is pretty good! That said, rate isn't so important as you understanding your processes and methodically poking at things. I do like your approach with 30 days and doing what you can. I think only experienced testers take only 30 days to do most (if not all) of the lab and pass the exam. But I do think taking an exam attempt before clearing the lab is beneficial to see where you're at and inform the rest of the studies and/or lab usage.

OS36711

Khohezion wrote: »

How are you studying? Are you reading then trying out the labs?

Good luck as well!

So the way that I'm studying is that I finished up the materials but skipped the things I am familiar with such as Metasploit, OpenVAS and because they aren't allowed on the exam. I've rooted the machines manually. I skipped the topics Bypassing the AntiVirus, Pivoting as they would not be required for the exam. I will learn them after the exam and would actually extend 15 days of lab just for those.

OS36711

UPDATE:

I have rooted 15 machines, still stuck at PrivEsc with Bob (I didn't try to come back yet). Gamma was supposed to be next on the list but some student was working on it and I didn't want to mess up with what he's doing so I skipped to Tophat. I rooted Tophat kinda easy yesterday but am stuck at Dotty for around 4 hours. I called it quits as I have to go to work the next morning. Now, I will continue working on Dotty. I've got 15 days of lab time left.

OS36711

LonerVamp wrote: »

8 machines + going over the materials in just 7 days is pretty good! That said, rate isn't so important as you understanding your processes and methodically poking at things. I do like your approach with 30 days and doing what you can. I think only experienced testers take only 30 days to do most (if not all) of the lab and pass the exam. But I do think taking an exam attempt before clearing the lab is beneficial to see where you're at and inform the rest of the studies and/or lab usage.

Hey LonerVamp! Thank you for your kind words. I thank you for your insight about scheduling the exam. I have scheduled my exam on April 8. I thought that since I am extending my labs for 15 days with a free retake (budget is really tight) I might as well take the exam and gauge where I am at so I can prepare for the 2nd attempt (hopefully not). I hope to pass on the first attempt so I can fully concentrate on clearing the lab on my 15 day extension.

chapter

Good luck man. I too am new to security. I passed CISSP last year, and that made me realise that I could apply myself and learn new things. I now want to solidify my knowledge with some hands-on pentest experience. I am starting off with CEH and then work my way upto OCSP.

OS36711

chapter wrote: »

Good luck man. I too am new to security. I passed CISSP last year, and that made me realise that I could apply myself and learn new things. I now want to solidify my knowledge with some hands-on pentest experience. I am starting off with CEH and then work my way upto OCSP.

Nice! I know sometimes we lose motivation but just don't lol, I suggest when you're done with CEH. Go and start learning Metasploit so you'd have an idea on how the process of port scan -> vulnerability detection -> exploitation -> post exploitation. That was what helped me at least. Then you go and tinker with vulnhub VM's. I think the most basic preparation that helped me is to know what you will do when you are presented with a vulnerable VM. If you can't successfully exploit the machine, at least you got the basics of finding that vulnerability. OSCP comes in helping you learn step by step from the basics. I have learned a lot in this course and I'm not even done yet. So good luck to us and happy learning!

chapter

OS36711 wrote: »

Nice! I know sometimes we lose motivation but just don't lol, I suggest when you're done with CEH. Go and start learning Metasploit so you'd have an idea on how the process of port scan -> vulnerability detection -> exploitation -> post exploitation. That was what helped me at least. Then you go and tinker with vulnhub VM's. I think the most basic preparation that helped me is to know what you will do when you are presented with a vulnerable VM. If you can't successfully exploit the machine, at least you got the basics of finding that vulnerability. OSCP comes in helping you learn step by step from the basics. I have learned a lot in this course and I'm not even done yet. So good luck to us and happy learning!

Thanks! I bought a bunch of the recommended books 2 weeks ago and downloaded Kali Linux onto a USB. All jargon at present lol...but should get my head around it with time.

OS36711

Alright, so It has been a long time since my last update. I did pass the exam last week and received the confirmation 48 hours after submitting my final exam report. It was the best certification I have taken, I have learned more than I can imagine in my lifetime, it has just opened up a lot of things that I know I can now learn because of this experience. It has been a week and it is still not sinking in. Best of luck to anyone in the same boat. Always remember that If I can pass this, then you shall too. That is what at least I wanted to think. If you are struggling, always ask yourself "How bad do I want this?", pick yourself up and go at it again.

Mooseboost

Congrats man! You did an awesome job with the lab and the exam.

jjones2016

Congratulations on the pass!!

JoJoCal19

Congrats on the pass!!! You moving on to more advanced PT certs?

Naruto985

Congrats on passing the exam

OS36711

Thank you all for your kind words, right now I'm trying to land a Penetration Testing job and will go from there, but Web Application is something I'm studying about right now. Thank you again guys! Please don't lose hope when you are about to.