YOLOing OSCP

9emin19emin1 Member Posts: 46 ■■■□□□□□□□
hi all!
starting my 90 days journey in a few days time...

about me:
less than a year experience in infosec industry.
passionate and enthusiastic.

although it seems way out of my league, I figured I'll be able to learn a lot even if I failed.
I've been reading and learning a lot from here so now, its my turn to give back icon_cheers.gif
I'll be updating my progress, thoughts, opinion as I progress through, as often as I possibly can, and hopefully it'll be helpful.

Cheers!

week 4
one month flew by so quickly! I'm quite delighted to be able to meet my own expectations. -> 15 host first month.
however, things seems to be getting harder and slower. no more easy priv esc exploit that works out of the box.
its tough not knowing what you are suppose to do.., even if the answer is right in-front of you.
sure there are many examples and references that helps,
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
But if no point if you have no idea how to carry on from all the outputs.. how to make use of it.., etc.
I'll continue to try harder and hopefully will be able to hit 30 host by the end of second month!
current progress: 17 system/root access, 3 low privilege.

the most useful prep work I've done so far before taking this up was to read through all the vulnhub's vm walkthrough.
if you have the time to actually do the vm it will be much beneficial.
https://www.vulnhub.com/series/kioptrix,8/

week 3
kinda busy with some personal stuff this week.. hmm.
-> done with 5 machines documentation
-> 2 system/root, 1 low-privilege shell.
currently melting my brain to escalate.
current progress: 12 system/root access, 1 low privilege.

week 2
trying to read up on everything that I don't understand (Which is a lot!). I am really glad that I took this path because I've learned so much in this 2 weeks! Being able to apply immediately on the lab machines helps so much as well..The "low-hanging" machines are almost clearing. Need to start on my documentation soon.
current progress: 10 system/root access. (9 if you don't count duplicates)

week 1
Managed to get through the videos till the buffer overflow topic. looking good and fun
I realized that it's possible my previously owned boxes might not be fully exploited by me, as I did not revert it prior attacking it. I will have to re-do them to ensure that it is my work.
it has been 1 week and I'm officially struggling my ass. REALLY REALLY huge knowledge gaps. need to read up on a wide range of topics.. looking bad.
current progress, 4 with metasploit, 1 manual.
CREST CCT APP, CRT, CPSA.
Offensive Security OSCE, OSCP, OSWP
SANS GCIH
https://9emin1.github.io/
«1

Comments

  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Best of luck! I'm thinking of attempting this later in the year. I don't really have any pentesting experience and was planning on reading:

    http://www.amazon.com/gp/aw/d/1593275641/ref=mp_s_a_1_sc_1?qid=1459985767&sr=8-1-spell&pi=AC_SX236_SY340_QL65&keywords=pentestimg

    and maybe the metasploit book from the same company before dropping like a grand on that lab time.
  • McNinjaMcNinja Member Posts: 22 ■□□□□□□□□□
    If you haven't already, read through the entirety of JollyFrog's thread. That is about the amount of work you'll need to put into it in order to pass with a high score on the exam.

    http://www.techexams.net/forums/security-certifications/110760-oscp-jollyfrogs-tale.html

    Good luck!
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    I don't have any pentesting experience as well but this will be a great learning journey I guess! I did read up a lot the past few months though. We all have to start somewhere I guess!
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    LOL @ YOLOing..I'll steal that

    Good atittude you have! YOLO-it, and go ALL IN. Noting to lose, it's all winning :)
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube channel: https://youtu.be/DRJic8vCodE 


  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Good luck on your endeavor. I'll be following your progress here.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • MrAgentMrAgent Member Posts: 1,310 ■■■■■■■■□□
    Good luck to you! Be sure to update often.
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    Thanks for all the well wishes! Trying to organize all the useful resources/commands into individual categories now.(Recon, Scanning, Exploit, Enumeration, Maintaining Access)
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • RobicusRobicus Member Posts: 144 ■■■□□□□□□□
    I love the attitude! That's awesome. It's definitely a fun course.

    P.S. -- I can only imagine that the people who would be asking for the PWK PDF would be those who haven't signed up for the course. I don't think I'd advise giving the paid course material to just anyone.
    What's Next? eLearnSecurity's eCIR

    MSISE, CISSP, GSE (#202), GSEC, GCIA, GCIH, GPEN, GMON, GCFE, GCCC, GCPM, eJPT, AWS CCP
  • JasminLandryJasminLandry Member Posts: 601 ■■■□□□□□□□
    Good luck to you 9emin1 on this journey! I'm also starting my 90 days this weekend. I can't wait to start :D
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    Robicus wrote: »
    I love the attitude! That's awesome. It's definitely a fun course.

    P.S. -- I can only imagine that the people who would be asking for the PWK PDF would be those who haven't signed up for the course. I don't think I'd advise giving the paid course material to just anyone.

    Yeah I thought about it as well. I think I'll share it with anyone who actually paid and registered for the course, but awaiting for the actual commencement date. icon_lol.gif
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    Good luck to you 9emin1 on this journey! I'm also starting my 90 days this weekend. I can't wait to start :D

    Good luck to you too! 2 more daysicon_cheers.gif
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • SurrealalucardSurrealalucard Member Posts: 18 ■□□□□□□□□□
    I'm also starting my 90days tomorrow, and also yoloing it. Only experience I have is passing elearns EJpt course. Best of luck to all starting their journey!
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    small update for day 1 edited on my opening post icon_study.gif
    anyone on the irc channel? I'm OS-21071 there:)
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • NotHackingYouNotHackingYou Member Posts: 1,460 ■■■■■■■■□□
    @nothackingyou is irc handle
    When you go the extra mile, there's no traffic.
  • RichAsskikrRichAsskikr Member Posts: 51 ■■■□□□□□□□
    I start the course in 2 wks (*sigh*). Cant wait to get stuck in!!

    I'm also in IRC, as OS-21436
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    I start the course in 2 wks (*sigh*). Cant wait to get stuck in!!

    I'm also in IRC, as OS-21436

    looking at ur certs im sure this would be a breeze... icon_lol.gif
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • JasminLandryJasminLandry Member Posts: 601 ■■■□□□□□□□
    @9emin1, did you hit the labs or not yet?
  • RichAsskikrRichAsskikr Member Posts: 51 ■■■□□□□□□□
    9emin1 wrote: »
    looking at ur certs im sure this would be a breeze... icon_lol.gif

    Well, ignoring the "ahem" CEHv8, I'm hoping my past experience will stand me in good stead! Lol.

    But yeah, cant wait! icon_biggrin.gif
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    @9emin1, did you hit the labs or not yet?

    yeah I jumped into the labs on my first day and got stuck. So now I'm going through the videos and doing the exercises.
    How are you doing? :)
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • JasminLandryJasminLandry Member Posts: 601 ■■■□□□□□□□
    9emin1 wrote: »
    yeah I jumped into the labs on my first day and got stuck. So now I'm going through the videos and doing the exercises.
    How are you doing? :)

    I spent like 6-7 hours yesterday enumerating.. and I'm not even done. I decided to take a shot at Alice while I still had scans running and it was a pretty easy one. I'll try to get another one tonight.
  • SurrealalucardSurrealalucard Member Posts: 18 ■□□□□□□□□□
    IRC handle is Surrealalucard. Haven't started the labs yet as I want to do the workbook first then go through labs.
  • Matx91Matx91 Member Posts: 16 ■□□□□□□□□□
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    updated on week 2 progress in the main opening post! icon_thumright.gif
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    update on week 3 progress! apparently my goal of 15 machines in the first month is looking bad. icon_sad.gif
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • JasminLandryJasminLandry Member Posts: 601 ■■■□□□□□□□
    9emin1 wrote: »
    update on week 3 progress! apparently my goal of 15 machines in the first month is looking bad. icon_sad.gif

    You're only 3 hosts away from your goal and you still have 7 days, keep going at it and you'll achieve your goal!
  • SurrealalucardSurrealalucard Member Posts: 18 ■□□□□□□□□□
    Glad to see you're doing so good. I started the same time as you and only have 2 rooted and 1 low priv shell. Only having 2-4 hours when I get to work on them doesn't help much. Keep up the awesome work!
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    You're only 3 hosts away from your goal and you still have 7 days, keep going at it and you'll achieve your goal!
    icon_cheers.gif let's hope for a smooth trip for May.
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    Glad to see you're doing so good. I started the same time as you and only have 2 rooted and 1 low priv shell. Only having 2-4 hours when I get to work on them doesn't help much. Keep up the awesome work!

    things will pick up dude keep it going. having the luxury of time to commit is very important tho.
    we can help out each other on IRC icon_thumright.gif
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    first month gone!icon_rolleyes.gif
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
  • 9emin19emin1 Member Posts: 46 ■■■□□□□□□□
    week 5

    52 days of lab access left...
    Finally able to came up with a nice format for my lab machines report..! By doing documentation for 10 machines I will most likely secure 5 points for the exam. (Impossible to get 0/100 now :))
    I will probably finish up all 10 machines documentation by this weekend.

    I wanted to complete all the PDF lab exercises as well (Another additional 5 points!), but there are a few exercises which I got seriously stuck and didn't want to waste any more time. Gonna pass on this.

    Things are getting awfully slow. Bursting my brain trying to grasp the concept of ssh local/remote/dynamic port-forwarding/tunneling.
    Have yet to compromise any client-side based targets icon_sad.gif

    current progress: 24 system/root access, 2 low privilege.

    Something useful to keep in mind! -> Whenever you compromise a machine, create a text file and copy paste output from netstat and arp. When you need to exploit targets that have dependencies, you can easily grep "<IP_ADDRESS>" * in your main folder which you keep all your findings, to see which machines are taking to which ones icon_lol.gif

    For example, your main folder is /Lab and it has information for machines a,b,c, and d. (/Lab/a, /Lab/b, /Lab,c)
    Now you want to target machine e, which has a dependency on the previously exploited machines a,b,c or d.
    By issuing: grep "10.1.1.e" * in /Lab, it will show you which machine, /a, /b, /c, or /d has a connection(netstat/arp) with e.
    CREST CCT APP, CRT, CPSA.
    Offensive Security OSCE, OSCP, OSWP
    SANS GCIH
    https://9emin1.github.io/
Sign In or Register to comment.