Oscp

Looks like I will be starting OSCP 1/17. This should be a lot of fun. I can't wait to get started on it.
I bring nothing useful to the table...
«13

Comments

  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Awesome. I've done 30 days already, but I got swamped and haven't been able to touch it for awhile. I'm shooting for GPEN on 3/1, and then using that next month for another 30 days and the exam.
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    dynamik wrote: »
    Awesome. I've done 30 days already, but I got swamped and haven't been able to touch it for awhile. I'm shooting for GPEN on 3/1, and then using that next month for another 30 days and the exam.

    I've got some time on my hands, so I think I can study pretty hard for it. I only got 30 days of lab access, so I'm going to definitely try to get it finished pretty quickly.
    I bring nothing useful to the table...
  • carboncopycarboncopy Member Posts: 259
    dynamik wrote: »
    Awesome. I've done 30 days already, but I got swamped and haven't been able to touch it for awhile. I'm shooting for GPEN on 3/1, and then using that next month for another 30 days and the exam.

    How much scripting knowledge do you think is required? I really want to do this one very soon.
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSEC EnCE C|EH Cloud+ CySA+ CASP+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,406 Admin
    You have 30 days to cover 16 modules, so that's just under two days per module. Not all modules are useful for the actual OSCP exam, so you'll need to figure out which to put last. The videos and the PDF generally cover the same material, but there's information in the videos that not in the PDFs and visa versa, so use them both.

    Read the posts in each module's discussion form before starting each module. The pains and woes of former OSCP-goers will save you many wasted hours of making assumptions and mistakes.

    And you should document the exercises you do in the modules. It'll count as extra points towards your final exam score should you need them to pass.

    And although the material is BT3, BT4 is fine to use for the course.
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    JDMurray wrote: »
    You have 30 days to cover 16 modules, so that's just under two days per module. Not all modules are useful for the actual OSCP exam, so you'll need to figure out which to put last. The videos and the PDF generally cover the same material, but there's information in the videos that not in the PDFs and visa versa, so use them both.

    Read the posts in each module's discussion form before starting each module. The pains and woes of former OSCP-goers will save you many wasted hours of making assumptions and mistakes.

    And you should document the exercises you do in the modules. It'll count as extra points towards your final exam score should you need them to pass.

    And although the material is BT3, BT4 is fine to use for the course.

    Thanks for the info! I will definitely follow the advice.
    I bring nothing useful to the table...
  • carboncopycarboncopy Member Posts: 259
    Thanks JD. I am assuming that you took the course already?
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSEC EnCE C|EH Cloud+ CySA+ CASP+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,406 Admin
    carboncopy wrote: »
    Thanks JD. I am assuming that you took the course already?
    Yes. I did not finish all the labs, and I won't be taking the cert exam unless I get more lab time to complete the material and do a lot of extra studying. Unfortunately, I don't see that happening anytime in my near future.

    I should mention that the Offensive Security Penetration Testing with BackTrack (PWB) class is about application and operating system pen testing and not network pen testing. You will therefore be working with buffer overflows, shellcode exploits, fuzzing, debuggers, and generally learning how to own "root." There is very little in the way of network pen testing, and much of what there is isn't useful for, or can't be used on, the OSCP cert exam itself.

    Just something to be aware of if your interests are more in network pen testing rater than app and OS pen testing.
  • laidbackfreaklaidbackfreak Member Posts: 991
    JDMurray wrote: »
    There is very little in the way of network pen testing, and much of what there is isn't useful for, or can't be used on, the OSCP cert exam itself.

    Just something to be aware of if your interests are more in network pen testing rater than app and OS pen testing.

    Cheers for heads up on this. I'm looking around to see what's next for me after the CISSP.

    So far I'm looking at CEH and ISSAP as these are two areas of interest to me, but I like to keep an eye on what else is out there.
    if I say something that can be taken one of two ways and one of them offends, I usually mean the other one :-)
  • carboncopycarboncopy Member Posts: 259
    JDMurray wrote: »
    Yes. I did not finish all the labs, and I won't be taking the cert exam unless I get more lab time to complete the material and do a lot of extra studying. Unfortunately, I don't see that happening anytime in my near future.

    I should mention that the Offensive Security Penetration Testing with BackTrack (PWB) class is about application and operating system pen testing and not network pen testing. You will therefore be working with buffer overflows, shellcode exploits, fuzzing, debuggers, and generally learning how to own "root." There is very little in the way of network pen testing, and much of what there is isn't useful for, or can't be used on, the OSCP cert exam itself.

    Just something to be aware of if your interests are more in network pen testing rater than app and OS pen testing.

    Yes, I was aware of that. Thank you for the HU :)
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    I've been using Backtrack 4 for the course and it is definitely a little different than the videos. The biggest reason is just updated tools and utils. You'll notice right off that the bat that the commands they use to start a couple services will definitely not work with BT4. It's not hard to overcome by any means and if you have Linux familiarity you should be able to figure it out quickly.
    I bring nothing useful to the table...
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSEC EnCE C|EH Cloud+ CySA+ CASP+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,406 Admin
    Yeah, starting and stopping the Apache Web server is different. That was probably the most difficult one to figure out.
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    JDMurray wrote: »
    Yeah, starting and stopping the Apache Web server is different. That was probably the most difficult one to figure out.

    Yeah that actually took me a second to figure out too. Once I looked through the directory I felt a little stupid haha. This is a really fun class though. It's not really as hard as I thought it was going to be (my first impression just glancing through the coursework). I guess we shall see.:D
    I bring nothing useful to the table...
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSEC EnCE C|EH Cloud+ CySA+ CASP+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,406 Admin
    If you are a person whose hobby or job is to "own root" on Windows and Linux boxes with many different types of services and configurations, you should find the OSCP material very familiar and possibly even easy.
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    That's definitely true JD. I really think its a good course though. I'm pretty sure if you've had little or no experience, and havent had a lot of linux experience this would be pretty complicated. I've had a lot of fun messing with it so far. I think if you expand on the concepts even more with a little self study, you will be very good at this. I know I've had to look a little farther in BASH and netcat so far.
    I bring nothing useful to the table...
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    I'm about halfway done with the lab manual (I've been slacking a little). I've been messing with their lab environment quite a bit. Mostly right now it's been recon stuff. It's pretty fun to see what all you can get from SNMP. I'm dual studying this with GCIA, so I haven't made a ton of progress. I hope to get through the OSCP in this 30 days.
    I bring nothing useful to the table...
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSEC EnCE C|EH Cloud+ CySA+ CASP+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,406 Admin
    Don't forget about reading the offsec forum for each module and getting to know people on the #offsec IRC channel. Those can be very good learning experiences and great time savers when you have a problem.
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    JDMurray wrote: »
    Don't forget about reading the offsec forum for each module and getting to know people on the #offsec IRC channel. Those can be very good learning experiences and great time savers when you have a problem.

    Yeah I've browsed through it a little bit. It is nice to see some solutions to common problems in there. I really need to get moving on to the exploit section, I think thats where I need to gather more ecperience.
    I bring nothing useful to the table...
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    The more I take this class, the less I like it. I love the idea of this class, and it has taught some things. I also know people have raved over this class and exam, but there are just too many problems.

    If they release a new version of BackTrack, they should probably look at the training and make the proper adjustments. If you do take it, save yourself a lot of hassle and stick with BT3, simply because BT4 lacks some of the tools and files you will need to even complete the exercises. It's a pretty big pain in the @$$ sometimes.

    I think also in order to take this puppy you need to have a decent grip on security concepts, linux, common tools, and common vulnerabilities. If you are looking for a course to hold your hand and help you learn pentesting, this isn't it. I know most courses do expect you to study beyond what is taught, but I find PWB to be a little lofty in it's goals of self study/research. The biggest element of this being Perl or Python scripting. You honestly NEED to know how to script, or at least be able to steal and edit scripts. It's not really practical for you to manually enter a few thousand usernames to enumerate SMTP user information.

    It's a fun class if you have the background. I don't want to scare anyone off of taking it, but I wanted whoever takes it in the future to be fully aware of what they are getting into. I'll keep you all posted icon_twisted.gif
    I bring nothing useful to the table...
  • impelseimpelse Member Posts: 1,237 ■■■■□□□□□□
    That's the reason why they said that you need CEH knowledge and some linux and TCP/IP.

    Also we have to add that if you want the CEH you need two years of exp, so in others words, for the Offensive Security training you need: 2 years exp + some linux + TCP/IP and acording to other people like you we need some Perl or phyton programming.
    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSEC EnCE C|EH Cloud+ CySA+ CASP+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,406 Admin
    For anyone who is not an OS or app pen tester by profession, I would recommend the following course of action to be performed for a month or two before you actually start the PWB (OSCP) course:
    • If you are unfamiliar with Ubuntu (Debian) Linux or KDE, should learn how to configure networking, install and upgrade software packages using both the GUI shell and the command line.
    • If you do not know Linux at all, you invest in an Intro to Linux book or class to learn all you can about using and managing a Linux box. The objectives of the CompTIA Linux+ certification is an excellent reference of Linux commands and features you should know.
    • Browse through the tools on BackTrack available in the /pentest subdirectory and the KDE menu. Become familiar with the use of the more common pen testing tools.
    • Know how to write simple bash shell scripts or other types of UNIX or Linux shell scripting.
    • Knowing either Perl or Python is a great help in the OSCP class; they are used by several of the assignments. Spend some time learning to write very basic programs in either or both of these languages.
    • Understand the fundamental organization and operational principles of computer architecture (e.g., stack, heap, CPU registers). Understand the lifecycle of a running program and how it “lives” in the computer.
    • Learn the basics of Intel x86 assembly language and how it is used to create an operating program.
    • Learn how to use Ollydbg or IDA Pro to load and step through the execution of a program. YouTube has a lot of videos on these disassemblers. Books on reverse engineering do as well.
    • Read through the posts in the forums at forums.offensive-security.com. You will gain access to more forums after you have signed up for the course, and read through the posting on those as well.
    • If you are not on IRC then now’s the time to learn how by visiting the Offensive Security channel at [URL]irc://freenode/offsec[/URL]. For an IRC client, I use the ChatZilla add-on for FireFox.

    If you manage to accomplish most of these tasks before starting the actual PWB class, you will be well ahead of most of your fellow classmates. Much of your introductory work will already be completed and you won't waste valuable lab time trying to figure out how to do things like use Linux commands, write shell scripts, or install software. Instead, you will be ready and confidant to connect to the virtual lab and start working on the PWB modules.
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    impelse wrote: »
    That's the reason why they said that you need CEH knowledge and some linux and TCP/IP.

    Also we have to add that if you want the CEH you need two years of exp, so in others words, for the Offensive Security training you need: 2 years exp + some linux + TCP/IP and acording to other people like you we need some Perl or phyton programming.


    You need to be pretty versed in linux and scripting though. A little bit of Linux experience probably isnt going to get it. I dont have CEH, nor do I work as a pentester, and I'm doing fine with the class over all. I will say I am having some issues with writing exploit code. I have 0 experience with assembly language/ writing shellcode and find it very hard to wrap my head around.

    JD you are exactly right. Those requirements are a must. If you have never looked at that stuff, you are almost going to have to pre research.

    As far as my update goes, I've pretty much enumerated all the data I'm going to get on the lab network. It's actually a great stress release to go after the servers. I'm pretty much into the nitty gritty of the exploitation/priv escalation. This is the part where I felt I was the weakest. I have 17 days of labs left, so I should be in good shape to finish the lab manual.
    I bring nothing useful to the table...
  • impelseimpelse Member Posts: 1,237 ■■■■□□□□□□
    Thanks JDMurray, this is the information that I was needed to read before taking the training (it's in my list after two exams that I need to pass). Before your post I was thinking to study:

    Linux (this is a must)
    Metasploit (I already read this book)
    Netcat
    Wrieshark
    Google Hacking

    Now I have to add your post. In my case I do not like just to cramm, I need to understand and know my studies.
    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

  • GAngelGAngel Member Posts: 708
    impelse wrote: »
    Thanks JDMurray, this is the information that I was needed to read before taking the training (it's in my list after two exams that I need to pass). Before your post I was thinking to study:

    Linux (this is a must)
    Metasploit (I already read this book)
    Netcat
    Wrieshark
    Google Hacking

    Now I have to add your post. In my case I do not like just to cramm, I need to understand and know my studies.

    And experience of course. The single biggest factor in getting a security job is experience. Certs mean even less in this branch. These certs were just invented by companies to cash in on the craze. Admins have been doing this type of security work there whole careers and that's generally what an IT manager is looking for when hiring.
  • impelseimpelse Member Posts: 1,237 ■■■■□□□□□□
    GAngel wrote: »
    And experience of course. The single biggest factor in getting a security job is experience. Certs mean even less in this branch. These certs were just invented by companies to cash in on the craze. Admins have been doing this type of security work there whole careers and that's generally what an IT manager is looking for when hiring.

    This is true
    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Thanks for the info guys! I've been looking into taking this course and I wondered what stuff I should know before hand. Finish the CCNA, then start working on this stuff!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    I would definitely start with something like Learning Python: Amazon.com: Learning Python: Powerful Object-Oriented Programming (Animal Guide) (9780596158064): Mark Lutz: Books

    That one you mentioned is definitely not a beginner book, and it goes way beyond what is necessary for the OSCP. I'd recommend that as a prerequisite for the OSCE, along with Gray Hat Hacking, The Shellcoders Handbook, and Hacking: The Art of Exploitation (2nd).
  • _Dark_Knight__Dark_Knight_ Member Posts: 7 ■□□□□□□□□□
    The more I take this class, the less I like it. I love the idea of this class, and it has taught some things. I also know people have raved over this class and exam, but there are just too many problems.

    If they release a new version of BackTrack, they should probably look at the training and make the proper adjustments. If you do take it, save yourself a lot of hassle and stick with BT3, simply because BT4 lacks some of the tools and files you will need to even complete the exercises. It's a pretty big pain in the @$$ sometimes.

    I think also in order to take this puppy you need to have a decent grip on security concepts, linux, common tools, and common vulnerabilities. If you are looking for a course to hold your hand and help you learn pentesting, this isn't it. I know most courses do expect you to study beyond what is taught, but I find PWB to be a little lofty in it's goals of self study/research. The biggest element of this being Perl or Python scripting. You honestly NEED to know how to script, or at least be able to steal and edit scripts. It's not really practical for you to manually enter a few thousand usernames to enumerate SMTP user information.

    It's a fun class if you have the background. I don't want to scare anyone off of taking it, but I wanted whoever takes it in the future to be fully aware of what they are getting into. I'll keep you all posted icon_twisted.gif

    I don't necessarily agree with the ^^. I did the course albeit using BackTrack 3 and a lot of what you mentioned is needed I did not have. I did not have as you put it "decent grip on security concepts, linux, common tools, and common vulnerabilities". Now I don't know what your definition of decent grip is, but prior to taking the course all I had under my belt was the CEH. And in my opinion the CEH does not account for a decent grip on anything.

    You also mentioned that one NEEDS to know how to script, or at least be able to steal and edit scripts. Again I don't necessarily agree as the FIRST time I wrote a script using perl/python was actually during the course. Was it a challenge? Indeed it was. I must hasten to add though that my background is in programming.

    I hear you on the point of self study research as during the course I felt the same way. It can be quite FRUSTRATING at times. Especially when you are at your wits end and all you can hear is Try Harder. In fact I even emailed muts complaining about the approach. And was still told to try harder icon_lol.gif. However what helped me TREMENDOUSLY was the irc channel.

    The final challenge was indeed that, one HELL of a CHALLENGE. At one point during the challenge I again told muts that it was just not going to work. And that I wanted to end my attempt and try again another day. He told me that if I didn't complete it he would kick my ****icon_lol.gif Suffice to say I persisted and earned the cert.

    I will agree that if your looking for some one to hold your hand then yes its not for you. It was during the OSCP that I did assembly for the FIRST TIME. Prior to that I had no clue what a JMP ESP meant etc. I will admit it did take some getting used to. But it was fun.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    I don't necessarily agree with the ^^. I did the course albeit using BackTrack 3 and a lot of what you mentioned is needed I did not have. I did not have as you put it "decent grip on security concepts, linux, common tools, and common vulnerabilities". Now I don't know what your definition of decent grip is, but prior to taking the course all I had under my belt was the CEH. And in my opinion the CEH does not account for a decent grip on anything.

    You also mentioned that one NEEDS to know how to script, or at least be able to steal and edit scripts. Again I don't necessarily agree as the FIRST time I wrote a script using perl/python was actually during the course. Was it a challenge? Indeed it was. I must hasten to add though that my background is in programming.

    I hear you on the point of self study research as during the course I felt the same way. It can be quite FRUSTRATING at times. Especially when you are at your wits end and all you can hear is Try Harder. In fact I even emailed muts complaining about the approach. And was still told to try harder icon_lol.gif. However what helped me TREMENDOUSLY was the irc channel.

    The final challenge was indeed that, one HELL of a CHALLENGE. At one point during the challenge I again told muts that it was just not going to work. And that I wanted to end my attempt and try again another day. He told me that if I didn't complete it he would kick my ****icon_lol.gif Suffice to say I persisted and earned the cert.

    I will agree that if your looking for some one to hold your hand then yes its not for you. It was during the OSCP that I did assembly for the FIRST TIME. Prior to that I had no clue what a JMP ESP meant etc. I will admit it did take some getting used to. But it was fun.

    From my personal experience, your experience seems to be much closer to mine than some of the other reviews. This course is as much as learning how to think creatively and come up with solutions on your own as it is straight-forward instruction.

    I'd encourage people to not get scared off by things like exploit development. Just walk through the examples and get a basic understanding of how things like that work. I never write my own exploits, but I have had to make minor tweaks to the code. I also like to able to have a general understanding of what they're doing since you're not always able just point-and-click with Metasploit; sometimes you actually have to compile the code and execute an exploit that way. Nothing ruins a pen tester's day like getting yourself owned icon_lol.gif

    Welcome to the forums DK! :D
  • _Dark_Knight__Dark_Knight_ Member Posts: 7 ■□□□□□□□□□
    dynamik wrote: »
    From my personal experience, your experience seems to be much closer to mine than some of the other reviews. This course is as much as learning how to think creatively and come up with solutions on your own as it is straight-forward instruction.

    I'd encourage people to not get scared off by things like exploit development. Just walk through the examples and get a basic understanding of how things like that work. I never write my own exploits, but I have had to make minor tweaks to the code. I also like to able to have a general understanding of what they're doing since you're not always able just point-and-click with Metasploit; sometimes you actually have to compile the code and execute an exploit that way. Nothing ruins a pen tester's day like getting yourself owned icon_lol.gif

    Welcome to the forums DK! :D
    I totally agree. Thanks for the welcome :)
Sign In or Register to comment.