OSCP - Perseverance Journey

PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
in Offensive Security: OSCP & OSCE
Around one year ago my Google-fu bring me to this site. This is the place where I found out about OSCP certification for the first time. I have been reading a lot of awesome OSCP journey and write-up from here and now is the time for my own journey. My 60 days PWK Course will be started this Sunday, 1 July 2018. I will write my weekly progress on my blog and post the link here for more feedbacks/suggestions/advices (My apologies if it's not allowed feel free to remove it).

Quick background:
Master degree student with 3 years of IT professional experiences on ERP, programming and data management stuff.
Zero experiences on pen-testing and newbie on info-sec field.

More detail about my background and preparation can be found here:
https://arvandy.com/oscp-preparation

Week 1: https://arvandy.com/oscp-first-week
Week 2: https://arvandy.com/oscp-second-week
Week 3: https://arvandy.com/oscp-third-week
· Share on FacebookShare on Twitter
«1

Comments

  • MalwareMikeMalwareMike Member Posts: 147 ■■■□□□□□□□
    Have fun! Ill be starting a month after you!
    Current: GSEC, GCIH, GCIA, GWAPT, GYPC, RHCSA, WCNA
    2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
    Twitter: https://twitter.com/Malware_Mike
    Website: https://www.malwaremike.com

    · Share on FacebookShare on Twitter
  • JoJoCal19JoJoCal19 Mod Posts: 2,834 Mod
    Good luck in your journey! The only advice I'd give is with what you've listed as your background, 90 days may have been a better option. But if you've got a TON of time to dedicate to this every day then 60 is definitely doable.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    MalwareMike wrote: »
    Have fun! Ill be starting a month after you!

    Lets get it!
    JoJoCal19 wrote: »
    Good luck in your journey! The only advice I'd give is with what you've listed as your background, 90 days may have been a better option. But if you've got a TON of time to dedicate to this every day then 60 is definitely doable.

    Thanks for the advice! I originally want to take 90 days Lab access but change it to 60 because I need to start my thesis research on late August. I think I can dedicate around 6-7 hours every day.
    · Share on FacebookShare on Twitter
  • tommylisttommylist Member Posts: 10 ■□□□□□□□□□
    I'll be starting the same day as you!!! i have booked 90 days lab time, it would be interesting for us to both share our thoughts on it as we're going through it at the same time! Good luckicon_lol.gif
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    tommylist wrote: »
    I'll be starting the same day as you!!! i have booked 90 days lab time, it would be interesting for us to both share our thoughts on it as we're going through it at the same time! Good luckicon_lol.gif

    Sure, sharing is learning! Good luck for you too!
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    Quick Update
    Local datetime: 4 July 2018, 11:31 AM
    Day: 4
    PDF: 380/380
    Videos: 149/149
    Exercises: 37/42
    Timespent: 30+ hours

    I start with full throttle! These past 3 days I forgetting the time and ended up spending around 9 hours a day because its FUN. There are 5 exercises that I skip for now since it requires to do the exploit on the lab machines. I familiar with most of the techniques/tools explained in the materials from struggling with machines in HackTheBox. I will start exploiting the lab machines this afternoon.
    · Share on FacebookShare on Twitter
  • MalwareMikeMalwareMike Member Posts: 147 ■■■□□□□□□□
    Are you putting in all this time while working full time?

    And keep up the good work! I start in exactly one month!
    Current: GSEC, GCIH, GCIA, GWAPT, GYPC, RHCSA, WCNA
    2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
    Twitter: https://twitter.com/Malware_Mike
    Website: https://www.malwaremike.com

    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    MalwareMike wrote: »
    Are you putting in all this time while working full time?

    And keep up the good work! I start in exactly one month!

    Nope, I am just studying for master degree at the moment.
    Try practicing on as many as machines in VulnHub and HTB. If you didnt have time do that, just read the write-up on vulnhub and watch IppSec video on HTB . It will help you obtained many techniques/attack vectors that surely help in the lab.

    I just rooted Sufferance!! tough machine with straight forward privesc.
    · Share on FacebookShare on Twitter
  • sage123sage123 Registered Users Posts: 1 ■■■□□□□□□□
    Thanks for documenting your journey, I'll be pursuing OSCP soon and your blog is really helpful. Thanks again.
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    sage123 wrote: »
    Thanks for documenting your journey, I'll be pursuing OSCP soon and your blog is really helpful. Thanks again.

    You're welcome, glad it could help!
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    Week 1


    Exploited machines: 14 (Phoenix, Alice, Helpdesk, Mike, Bob, Pain, Barry, Payday, Ralph, Sherlock, Sufferance, Kraken, Gh0st, FC4)
    Networks: 1 (Student)


    Detail: https://arvandy.com/oscp-first-week
    · Share on FacebookShare on Twitter
  • JoJoCal19JoJoCal19 Mod Posts: 2,834 Mod
    14 machines in week 1? Nice work!
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    Week 2


    Exploited machines: 34 (Phoenix, Alice, Helpdesk, Mike, Bob, Pain, Barry, Payday, Ralph, Sherlock, Sufferance, Kraken, Gh0st, FC4, Tophat, Dotty, Leftturn, DJ, Susie, Oracle, Hotline, Alpha, Beta, Gamma, Core, Kevin, Punchout, JD, Mail, Pedro, Sean, Joe, Observer, Slave)
    Unlocked networks: 2 (Student and IT)


    I schedules my exam on 15 August.
    Detail: https://arvandy.com/oscp-second-week
    · Share on FacebookShare on Twitter
  • securitychopssecuritychops Member Posts: 52 ■■■□□□□□□□
    Sounds like you are going full tilt, awesome job!
    Current Certs   : OSCE, OSCP, CISSP, Pentest+, Security+, SLAE, SLAE64
    Goals for 2019 : OSEE
    Goals for 2020 : OSWE
    · Share on FacebookShare on Twitter
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    Perseverance wrote: »
    Week 2


    Exploited machines: 34 (Phoenix, Alice, Helpdesk, Mike, Bob, Pain, Barry, Payday, Ralph, Sherlock, Sufferance, Kraken, Gh0st, FC4, Tophat, Dotty, Leftturn, DJ, Susie, Oracle, Hotline, Alpha, Beta, Gamma, Core, Kevin, Punchout, JD, Mail, Pedro, Sean, Joe, Observer, Slave)
    Unlocked networks: 2 (Student and IT)


    I schedules my exam on 15 August.
    Detail: https://arvandy.com/oscp-second-week

    Wow. Great work. Impressed.
    · Share on FacebookShare on Twitter
  • Skyyyyy2001Skyyyyy2001 Member Posts: 57 ■■■□□□□□□□
    impressive. I will be following closely on this thread and your blog. good luck buddy.
    · Share on FacebookShare on Twitter
  • Skyyyyy2001Skyyyyy2001 Member Posts: 57 ■■■□□□□□□□
    just curious, where are you taking for your master in info security?
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    Thank you all for the support. Appreciate it.
    Skyyyyy2001 wrote: »
    just curious, where are you taking for your master in info security?
    If you asking for the place, I am taking it on university in my current city, Bandung.
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    Week 3


    Exploited machines: 50 (Alice, Alpha, Barry, Beta, Bethany, Bob, Brett, Carol, Carrie, Core, Cory, DJ, Dotty, FC4, Gamma, Gh0st, Helpdesk, Hotline, JD, James, Jeff, Joe, John, Kevin, Kraken, Leftturn, Luigi, Mail, Mario, Master, Mike, Niky, Nina, Observer, Oracle, Pain, Payday, Pedro, Phoenix, Pi, Punchout, Ralph, Sean, Sherlock, Slave, Sufferance, Susie, Timeclock, Tophat, Tricia)
    Unlocked Networks: 4
    (Public, IT, Development and Admin)


    Detail: https://arvandy.com/oscp-third-week
    · Share on FacebookShare on Twitter
  • JoJoCal19JoJoCal19 Mod Posts: 2,834 Mod
    WOW. Awesome job man. I think that’s the highest count I’ve seen here. And in 3 weeks.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    Week 4


    PDF: 380/380
    Videos: 149/149
    Exercises: 42/42
    Exploited Machines: 53
    (Alice, Alpha, Barry, Beta, Bethany, Bob, Brett, Carol, Carrie, Core, Cory, DJ, Dotty, FC4, Gamma, Gh0st, Helpdesk, Hotline, Humble, Internal, JD, Jack, James, Jeff, Joe, John, Kevin, Kraken, Leftturn, Luigi, Mail, Mario, Master, Mike, Niky, Nina, Observer, Oracle, Pain, Payday, Pedro, Phoenix, Pi, Punchout, Ralph, Sean, Sherlock, Slave, Sufferance, Susie, Timeclock, Tophat, Tricia)
    Unlocked Networks: 4 of 4
    (Public, IT, Development and Admin)


    Completed the lab report.
    Detail: https://arvandy.com/oscp-fourth-week
    · Share on FacebookShare on Twitter
  • JoJoCal19JoJoCal19 Mod Posts: 2,834 Mod
    Awesome progress! Good luck on the exam!
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    Thanks JoJo, good luck on your CCSP too!
    · Share on FacebookShare on Twitter
  • Skyyyyy2001Skyyyyy2001 Member Posts: 57 ■■■□□□□□□□
    well done. good luck bro!
    · Share on FacebookShare on Twitter
  • aakashc1aakashc1 Member Posts: 41 ■■□□□□□□□□
    First very good job to complete those machines
    Second you are not allowed to list those machines here and number of machines

    I too posted about these and i got mail from offensivesecurity that i should not disclose this so now i am warning you

    I too rooted all of those machines except 1 from total machines in lab in 30 days

    Thanks
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    Skyyyyy2001 wrote: »
    well done. good luck bro!

    Thanks buddy!
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    aakashc1 wrote: »
    First very good job to complete those machines
    Second you are not allowed to list those machines here and number of machines

    I too posted about these and i got mail from offensivesecurity that i should not disclose this so now i am warning you

    I too rooted all of those machines except 1 from total machines in lab in 30 days

    Thanks

    Hi aakashc,
    Thanks for the warning.
    I see a lot of people mentioning the machine name here that make me think its allowed.
    I already consults these matters to OffSec admin. Their answer is listing machines name are allowed as long as its only machine name, not with additional spoiler or information on how to exploit the machine such as the techniques, tools or scripts used.


    For number of machines you are right, its not allowed.
    I will edit the post as necessary.
    Cheers
    · Share on FacebookShare on Twitter
  • jonenojoneno Member Posts: 257 ■■■■□□□□□□
    Hi perseverance - Did you complete the labs?
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    joneno wrote: »
    Hi perseverance - Did you complete the labs?

    Yes joneno, I think so.
    · Share on FacebookShare on Twitter
  • PerseverancePerseverance Member Posts: 20 ■□□□□□□□□□
    Quick update:
    I did my exam on 15 August. It's not hard but a little bit tricky with a few rabbit holes.
    The exam went well and I got 80 points in 5 hours. I could not finish the last machine due to several things.
    I sent the exam & lab report yesterday and get confirmation to wait within three business days for the result.
    Three days indeed feel like three years! Hope everything goes well.


    Below is the update for week 5 and 6:
    Week 5: https://arvandy.com/oscp-fifth-week/
    Week 6: https://arvandy.com/oscp-sixth-week/
    · Share on FacebookShare on Twitter
Sign In or Register to comment.