Need a project - Found a project! YFZblu's OSCP Thread

12346»

Comments

  • MrAgentMrAgent Member Posts: 1,310 ■■■■■■■■□□
    Sorry to hear about that.

    I've extended the course twice now.. Its beast of a course and exam.
    · Share on FacebookShare on Twitter
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    This thread and my OSCP pursuits are still alive and well!

    I completed file transfers and privilege escalation today. I also ran through this writeup on priv escalation, which is a satisfying read. It does a great job on the fundamentals:

    FuzzySecurity | Windows Privilege Escalation Fundamentals

    As a sidenote - Recently, I took part in the investigation of a highly targeted breach on a client's network. I was in the rare (and awesome) position of having full PCAP network logs to review after the fact - while reviewing the case, I was was a bit shocked to see the very methods OffSec teaches in the OSCP course being used to facilitate cybercrime. I suppose what I'm saying is, I encourage those on the defensive side to consider the course as well. It helped connect the dots on a few things I was seeing in that case specifically.
    · Share on FacebookShare on Twitter
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    YFZblu wrote: »
    I was in the rare (and awesome) position of having full PCAP network logs to review after the fact - while reviewing the case, I was was a bit shocked to see the very methods OffSec teaches in the OSCP course being used to facilitate cybercrime. I suppose what I'm saying is, I encourage those on the defensive side to consider the course as well. It helped connect the dots on a few things I was seeing in that case specifically.

    This was a big part of my reasoning for wanting to pursue the OSCP and I also listed it in my training proposal. Just waiting to hear if I get it approved by management.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
    · Share on FacebookShare on Twitter
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Tackled client-side attacks - I'd like to take this opportunity to reiterate, that I hate Java. Next up is web-application attacks...
    · Share on FacebookShare on Twitter
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    XSS completed. The XSS portion of the course, IMO, is way too shallow. There needs to be more emphasis here. I would say the same about privilege escalation, but I'm assuming the Metasploit portion of the course will somewhat cover more of that. We'll see...

    I have some SQLi stuff to do for work, so I'm going to skip Local File Inclusion and kill two birds with one stone - I'll finish SQLi today and transition that into the stuff for work...I'll round back to LFI tomorrow most likely
    · Share on FacebookShare on Twitter
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Local File Inclusion, Remote File Inclusion, and SQL Injection have been completed. The next several sections are related to password cracking, which sort of tripped me up the last time I reached this point. So I'll spend some time tonight reading man pages before tackling the exercises tomorrow. I might also read some related writeups on privilege escalation in preparation for things to come.
    · Share on FacebookShare on Twitter
  • MrAgentMrAgent Member Posts: 1,310 ■■■■■■■■□□
    Keep it up! You can do this.
    · Share on FacebookShare on Twitter
  • ipchainipchain Member Posts: 297
    YFZblu wrote: »
    This thread and my OSCP pursuits are still alive and well!

    As a sidenote - Recently, I took part in the investigation of a highly targeted breach on a client's network. I was in the rare (and awesome) position of having full PCAP network logs to review after the fact - while reviewing the case, I was was a bit shocked to see the very methods OffSec teaches in the OSCP course being used to facilitate cybercrime. I suppose what I'm saying is, I encourage those on the defensive side to consider the course as well. It helped connect the dots on a few things I was seeing in that case specifically.

    Thanks for sharing this! I actually ran into the same thing about 3 years ago. Having said that, keep up the good work!
    Every day hurts, the last one kills.
    · Share on FacebookShare on Twitter
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Network password attacks, password hash attacks, and the pass-the-hash exercise have been completed. This time around I compromised a couple lab machines and harvested usernames/password hashes in order to make targeted attempts for the exercise questions. Overall, it felt good to get a feel for the tools.

    At this point I am going to start popping more boxes in the lab in preparation for the exam...Next up is port redirection and tunneling. I'd like to get through that tonight, but time may not permit.
    · Share on FacebookShare on Twitter
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    I haven't continued with the reading material, because I got antsy and wanted to get into the lab. I'll do some reading tonight on tunneling / encapsulation / redirection...

    Last night I was up until 4am getting root on something that had me stumped for a while. Great feeling when it happened though! Note to everyone: msfupdate is your friend, when it appears that you may be missing exploits in the Metasploit database. Or do what I did, and wonder why a specific exploit version is listed on Rapid7's website but not in its software for four hours.....

    Coffee please.
    · Share on FacebookShare on Twitter
  • MrAgentMrAgent Member Posts: 1,310 ■■■■■■■■□□
    Nice! Planning on taking the exam anytime soon?
    · Share on FacebookShare on Twitter
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Definitely - I probably need to spend another solid week in the labs. I also need to get my scripts in order and spend some time automating good recon/enumeration. But I think I'm close.
    · Share on FacebookShare on Twitter
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Update?
    · Share on FacebookShare on Twitter
  • EngRobEngRob Member Posts: 247 ■■■□□□□□□□
    Another update bump?
    · Share on FacebookShare on Twitter
  • Dr. FluxxDr. Fluxx Member Posts: 98 ■■□□□□□□□□
    I guess he just..fell off..
    · Share on FacebookShare on Twitter
Sign In or Register to comment.