Need a project - Found a project! YFZblu's OSCP Thread

YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
Hey all,

I haven't completed an official certification since Last September (I think it was September) when I went through the SANS GCIH track. Anyway, I've been looking at a lot more red team related training/education lately - not because I want to become a 1337 haxor, but because I want context to what I see every day in the SOC and to continue making hard pushes to expand my skillset; what better way to accomplish this than to feel the pressure of an actual red team engagement, and the growing pains that come with learning new topics at a deep level?

I've been doing a lot of Python scripting lately, studying a lot of compsci topics (memory, process, C programming) and think now is the time. I start Offensive Security's 'Penetration Testing With Kali' course this Sunday, 4/20, and I'm pumped.

I'm creating this thread now in an effort to document the end-to-end process of OffSec's registration, payment, lab testing, studying, and the exam itself. I will be posting to this thread daily with any and all progress I make towards accomplishing this task - which includes posting links to the best 3rd party resources I utilize while rolling through the course topics. I purchased the 30-day course, and have absolutely no plans to extend the time frame. I understand 30 days is easier said than done, but I'm focused and have no other projects at the moment.

Waiting the next five days will be rough, I'm super anxious to get my hands on the material.
«13456

Comments

  • Master Of PuppetsMaster Of Puppets Member Posts: 1,210
    That's awesome news! I'm sure you're gonna enjoy the challenge and learn a great deal. Also, many thanks for your plan to keep us updated throughout this.
    Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.
  • BodanelBodanel Member Posts: 214 ■■■□□□□□□□
    I will be watching very closely your progress. I think it will be a good read. Good luck
  • ZoovashZoovash Member Posts: 84 ■■□□□□□□□□
    Good luck! And don't forget to sleep!
  • wes allenwes allen Member Posts: 540 ■■■■■□□□□□
    30 days while working is tough, but good luck for sure. Check out the IRC channel as much as you can as well, I didn't at first and missed a great resource for a couple months.


    !pain
    !sufferance
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Looking forward to your posts in this thread. I am thinking of starting the OSCP at the beginning of next year.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • cgrimaldocgrimaldo Member Posts: 439 ■■■■□□□□□□
    Subscribed! Good luck!
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    wes allen wrote: »
    30 days while working is tough, but good luck for sure. Check out the IRC channel as much as you can as well, I didn't at first and missed a great resource for a couple months.


    !pain
    !sufferance


    This is actually a GREAT point. You can enter the name of any host in the IRC channel in this format...

    Examples:
    !ALICE
    !BOB
    !PEDRO
    !GHOST
    !PAIN

    Each of these will return hints on how the box can be popped. Some are very helpful. Others are so cryptic that even after you pop the box...you'll wonder what it meant.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    NovaHax wrote: »
    This is actually a GREAT point. You can enter the name of any host in the IRC channel in this format...

    Examples:
    !ALICE
    !BOB
    !PEDRO
    !GHOST
    !PAIN

    Each of these will return hints on how the box can be popped. Some are very helpful. Others are so cryptic that even after you pop the box...you'll wonder what it meant.

    That's awesome - I appreciate the tips guys
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Pre-Registration

    If you'd like to register for Penetration Testing With Kali (PWK), you will have to provide OffSec with your name and email address; a non-free email address. After doing that I received an email with the following:

    -Support hours
    -Course information
    -PWK Syllabus
    -Cost
    -Course prerequisites
    -Certification information
    -Information on how to officially register for the course - This includes a registration link with a TTL of 72 hours. If 72 hours goes by and you still haven't registered, you will have to submit your information again and wait for another email.

    Registration (pre payment)


    After officially registering for the course, I received yet another email which contained:

    -Confirmation of your course and start date
    -OffSec ID number
    -Instructions to test connectivity to the lab environment before proceeding with payment
    -Link to download Kali Linux
    -Link to purchase the course
    -This email also has a TTL of 72 hours; failure to complete everything in that time frame bumps the student to a later start date

    Payment


    Payment was as easy as clicking the link in the second email I received, and entering my credit card information. I then received two confirmation emails - One indicating that the payment was successful, and another with an attached invoice
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    And so it begins...
  • wes allenwes allen Member Posts: 540 ■■■■■□□□□□
    YFZblu wrote: »

    Payment


    Payment was as easy as clicking the link in the second email I received, and entering my credit card information. I then received two confirmation emails - One indicating that the payment was successful, and another with an attached invoice

    One thing to be aware of though, is that their payment processor is outside the USA, which caused my bank (BOA at the time)to add an extra fee, and my company couldn't pay for the class for me with corporate cards, due to the policy of no outside US charges allowed. My current bank doesn't charge a fee, but I have gotten fraud warning calls when paying for classes. So just a heads up on that for everyone.

    And, if you don't have a non free email, you can still register, you just need to send them a copy of ID. The billing department has been good to deal with - quick to respond and always helpful.
  • ZoovashZoovash Member Posts: 84 ■■□□□□□□□□
    Is there a VAT fee added for EU countries ?
    SecurityTube didn't charge any VAT but I know eLearnSec collects VAT.
  • bobloblawbobloblaw Member Posts: 228
    Good luck. Looking forward to your write-ups.
  • MSP-ITMSP-IT Member Posts: 752 ■■■□□□□□□□
    I'll be watching this thread diligently.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Lab connectivity test

    For this we are asked to boot into our Kali Linux boxes, and utilize the OpenVPN utility to connect to the lab network. This involves simply ping'ing a host on our subnet, and keeping the VPN connection up for a while to ensure stability.
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    YFZblu wrote: »
    Lab connectivity test

    For this we are asked to boot into our Kali Linux boxes, and utilize the OpenVPN utility to connect to the lab network. This involves simply ping'ing a host on our subnet, and keeping the VPN connection up for a while to ensure stability.

    I don't think you're supposed to...but I was already guns blazing with Nmap during the 24-hour lab connectivity test window.
  • ramrunner800ramrunner800 Member Posts: 238
    I just started in the labs today. Good luck to you!
    Currently Studying For: GXPN
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    NovaHax wrote: »
    I don't think you're supposed to...but I was already guns blazing with Nmap during the 24-hour lab connectivity test window.

    That's awesome - About 8 hours until the materials hit my inbox. Looking forward to it.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Downloaded my course materials tonight! A 361 page PDF, and ~8 hours of instructional video. I also logged into the IRC channel, and poked around the forums reading the FAQ's. Going to start reading the PDF tonight.

    Random note - Each page of the PDF is watermarked with my OffSec ID number and full name; obviously to identify those those who distribute the material. Never seen that before.
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    Yup...they've been doing that for a minute. Mine was watermarked back when I took PWB in 2012.
  • BlackBeretBlackBeret Member Posts: 683 ■■■■■□□□□□
    I'd suggest watching the videos before reading the guide, module by module. The videos cover what's in the guide, then the guide goes in to a few more details. I was rapidly deployed in 2010 and unable to make use of the labs or attempt the exam so I decided to pay to upgrade my materials to PWK and am going through it all now, in a few weeks I'll add the lab time and attempt the test hopefully around July 4th holiday time. Good luck to you as well.

    Remember a lot of it requires outside study. I'd read up Windows Escalation for a start try FuzzySecurity | Windows Privilege Escalation Fundamentals
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Excellent fuzzysecurity link, I appreciate that
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    I personally disagree with BlackBeret's approach. It worked better for me to read through the PDFs at the same time as watching the videos (since they pretty much follow the same track). But to each his own. Everyone learns in different ways.

    Good resource though. Its easy to get over-confident though when you start exploiting boxes, and forget about the importance of privilege escalation. Trust me...you will need to know how to move from basic access to root or SYSTEM icon_wink.gif.

    The g0tm1lk Linux privilege escalation guide is also a MUST.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    The first two days have been pretty easy going, it has basically been an intro to the course itself, the basics of navigating Kali linux, and an intro to bash scripting.

    Right away, it's clear that one must be 'at home' using Linux CLI - not at an admin level, but understanding the meat and potatoes of the OS is essential; opening files, navigating the file system, environment variables, starting/stopping services, configuration changes, etc.

    I was happy to see bash scripting early on, it's something I'll have to learn on the fly. As I said in my OP, I have learned a few languages recently and I'm glad I did - the Student is expected to have the ability to whip a script together in multiple high level languages.

    I'm definitely pacing myself at the moment. I have Thursday - Saturday off each week, and a slow work day on Sundays. That's when I plan on going deep and hitting the books/lab for 8+ hours per day. At work tomorrow I'll also get myself familiar with the basics of bash scripting; syntax, data types, iteration, etc.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    NovaHax wrote: »
    It worked better for me to read through the PDFs at the same time as watching the videos (since they pretty much follow the same track).

    Same - I am much more comfortable reading the material and hashing it out internally. For whatever reason I find myself getting distracted / sleepy during video presentation, unless I'm totally clueless about a topic and absolutely need the hand-holding (which I'm sure will happen many times in the next 28 days).
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Woke up a bit early to get some bash scripting done
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    I wish I could do this course/cert sooner than later but I'm pretty booked for certs this year. I will definitely be starting it January next year.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • Master Of PuppetsMaster Of Puppets Member Posts: 1,210
    Check out tldp.org for some bash. I liked it when I was learning it.
    Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Nice - Browsing it now, thanks!

    Sidenote: There was a very small piece of regex-fu during the bash section, it's worthwhile to know the most common and basic syntax. For this I like to visit http://www.regexone.com
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Good stuff. I'll be following this thread...
Sign In or Register to comment.