Options
Need a project - Found a project! YFZblu's OSCP Thread
Comments
-
Options
MrAgent
Member Posts: 1,310 ■■■■■■■■□□
Sorry to hear about that.
I've extended the course twice now.. Its beast of a course and exam. -
Options
YFZblu
Member Posts: 1,462 ■■■■■■■■□□
This thread and my OSCP pursuits are still alive and well!
I completed file transfers and privilege escalation today. I also ran through this writeup on priv escalation, which is a satisfying read. It does a great job on the fundamentals:
FuzzySecurity | Windows Privilege Escalation Fundamentals
As a sidenote - Recently, I took part in the investigation of a highly targeted breach on a client's network. I was in the rare (and awesome) position of having full PCAP network logs to review after the fact - while reviewing the case, I was was a bit shocked to see the very methods OffSec teaches in the OSCP course being used to facilitate cybercrime. I suppose what I'm saying is, I encourage those on the defensive side to consider the course as well. It helped connect the dots on a few things I was seeing in that case specifically. -
Options
JoJoCal19
Mod Posts: 2,835 Mod
I was in the rare (and awesome) position of having full PCAP network logs to review after the fact - while reviewing the case, I was was a bit shocked to see the very methods OffSec teaches in the OSCP course being used to facilitate cybercrime. I suppose what I'm saying is, I encourage those on the defensive side to consider the course as well. It helped connect the dots on a few things I was seeing in that case specifically.
This was a big part of my reasoning for wanting to pursue the OSCP and I also listed it in my training proposal. Just waiting to hear if I get it approved by management.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
OptionsYFZblu
Member Posts: 1,462 ■■■■■■■■□□
Tackled client-side attacks - I'd like to take this opportunity to reiterate, that I hate Java. Next up is web-application attacks...
-
OptionsYFZblu
Member Posts: 1,462 ■■■■■■■■□□
XSS completed. The XSS portion of the course, IMO, is way too shallow. There needs to be more emphasis here. I would say the same about privilege escalation, but I'm assuming the Metasploit portion of the course will somewhat cover more of that. We'll see...
I have some SQLi stuff to do for work, so I'm going to skip Local File Inclusion and kill two birds with one stone - I'll finish SQLi today and transition that into the stuff for work...I'll round back to LFI tomorrow most likely -
OptionsYFZblu
Member Posts: 1,462 ■■■■■■■■□□
Local File Inclusion, Remote File Inclusion, and SQL Injection have been completed. The next several sections are related to password cracking, which sort of tripped me up the last time I reached this point. So I'll spend some time tonight reading man pages before tackling the exercises tomorrow. I might also read some related writeups on privilege escalation in preparation for things to come.
-
Options
ipchain
Member Posts: 297
This thread and my OSCP pursuits are still alive and well!
As a sidenote - Recently, I took part in the investigation of a highly targeted breach on a client's network. I was in the rare (and awesome) position of having full PCAP network logs to review after the fact - while reviewing the case, I was was a bit shocked to see the very methods OffSec teaches in the OSCP course being used to facilitate cybercrime. I suppose what I'm saying is, I encourage those on the defensive side to consider the course as well. It helped connect the dots on a few things I was seeing in that case specifically.
Thanks for sharing this! I actually ran into the same thing about 3 years ago. Having said that, keep up the good work!Every day hurts, the last one kills. -
OptionsYFZblu
Member Posts: 1,462 ■■■■■■■■□□
Network password attacks, password hash attacks, and the pass-the-hash exercise have been completed. This time around I compromised a couple lab machines and harvested usernames/password hashes in order to make targeted attempts for the exercise questions. Overall, it felt good to get a feel for the tools.
At this point I am going to start popping more boxes in the lab in preparation for the exam...Next up is port redirection and tunneling. I'd like to get through that tonight, but time may not permit. -
OptionsYFZblu
Member Posts: 1,462 ■■■■■■■■□□
I haven't continued with the reading material, because I got antsy and wanted to get into the lab. I'll do some reading tonight on tunneling / encapsulation / redirection...
Last night I was up until 4am getting root on something that had me stumped for a while. Great feeling when it happened though! Note to everyone: msfupdate is your friend, when it appears that you may be missing exploits in the Metasploit database. Or do what I did, and wonder why a specific exploit version is listed on Rapid7's website but not in its software for four hours.....
Coffee please. -
OptionsYFZblu
Member Posts: 1,462 ■■■■■■■■□□
Definitely - I probably need to spend another solid week in the labs. I also need to get my scripts in order and spend some time automating good recon/enumeration. But I think I'm close.
