OSCP Study

Roottoor

I am currently tackling the OSCP, and finding it quite difficult. Is they anybody interested in working as a group through the labs.

Thanks

syklops

Roottoor wrote: »

I am currently tackling the OSCP, and finding it quite difficult. Is they anybody interested in working as a group through the labs.

Thanks

Sure, where are you based?

Roottoor

syklops wrote: »

Sure, where are you based?

Hi skylops, I am based in Dublin 15. Are you currently working towards the oscp ??

syklops

Roottoor wrote: »

Hi skylops, I am based in Dublin 15. Are you currently working towards the oscp ??

Yeah. I have been reading the material, but I got a bit distracted the last couple of months. My friend sat the exam on Saturday and it has rekindled my motivation to pass it.

Roottoor

Its defo one to be tackled over time. I booked ninety days and threw away 10 for holidays. Hoped to tackle it hard for last week or so I was off but I have just decided to tip away at it for the next 60 days. I am not a pentester, but I work in infosec. I wanted to take this on for fun and to learn, although its a lot harder than I thought.

Are you based in Dublin?

syklops

Roottoor wrote: »

Are you based in Dublin?

Yep. South Side. Lets take this to PMs.

B00MSTICK

I'll be taking a 15 day extension and booking the exam soon after that - I have a good few of the initial lab machines done

t4ff

I'll be registering for it in 30 days or so. I currently work freelance so will be able to give a good amount of time to it (borderline full-time hours), but still unsure if I should go for 60 days vs 30?

pah

Going to start this myself in about 2 weeks when I'm back from hols. Been meaning to do it for over 18 months now. I think I'm going to go for 90 days of lab access. I'm in Cork.
What about a discussion group on viber/WhatsApp or something similar?

syklops

For people who are about to register for Lab Access, make sure you're exploit dev skills are up to speed. If not, you risk wasting lab access time getting up to speed on how to develop exploits for the services you encounter.

Ctrl Alt Del

Hi,
Whats the realistic time frame from registering,studying and sitting the exam !?
Thanks

syklops

Ctrl Alt Del wrote: »

Hi,
Whats the realistic time frame from registering,studying and sitting the exam !?
Thanks

Depends on your skills before you start, but I would recommend 3 months of pre-study/pre-reading, and then 3 months to register, study the material and go for the exam.

Pre-study would involve, if you arent already familiar:

Linux commands, navigation of a linux system etc(no issue for you Ctrl Alt Del )
Basic Python
Basic C
Basic Shell scripts
Shell coders Handbook is a worthy read
Be comfortable with Metasploit, but dont rely on it.
Review some Web App pen testing methodologies and try out vulnerable web apps like Damn Vulnerable Web App and Metasploitable.

YMMV depending on your experience, for some people the above can be accomplished in a weekend, for others it'd take 3 months, but either way have the above as a minimum before registering.

t4ff

syklops wrote: »

Depends on your skills before you start, but I would recommend 3 months of pre-study/pre-reading, and then 3 months to register, study the material and go for the exam.

Pre-study would involve, if you arent already familiar:

Linux commands, navigation of a linux system etc(no issue for you Ctrl Alt Del )
Basic Python
Basic C
Basic Shell scripts
Shell coders Handbook is a worthy read
Be comfortable with Metasploit, but dont rely on it.
Review some Web App pen testing methodologies and try out vulnerable web apps like Damn Vulnerable Web App and Metasploitable.

YMMV depending on your experience, for some people the above can be accomplished in a weekend, for others it'd take 3 months, but either way have the above as a minimum before registering.

This is pretty much the exact list of stuff I've been working on recently.

What about a Slack group or something for Boards.ie guys working on it?

Roottoor

t4ff wrote: »

This is pretty much the exact list of stuff I've been working on recently.

What about a Slack group or something for Boards.ie guys working on it?

Sorry guys I started a new job on Monday but I will pick this back up this weekend. I would like to get a group together to tackle this. If any interested parties want to pm me we can take this offline.

By the way I jumped straight into it with 90 days and flew through the labs and guide book. This was when I was off for nearly two weeks. Once I started tackling the labs I hit a wall. I should have followed something like the advice above but I am knee deep now, so no going back.

Roottoor

Roottoor wrote: »

Once I started tackling the labs I hit a wall. I should have followed something like the advice above but I am knee deep now, so no going back.

The materials are more like a guide to the process, there really is a lot of research required before taking on the labs.

I had the same issue with the labs, I was too busy with work and other things going on that I didn't dedicate enough time
I'll be interested in joining you guys after August just don't have enough time at the moment to dedicate.

For anybody else thinking of taking this exam, skylops summarised the prep really well above. Also the book "Penetration Testing : A Hands-on Introduction to Hacking" is a good intro on what to expect.

Keyzer

Roottoor wrote: »

Sorry guys I started a new job on Monday but I will pick this back up this weekend. I would like to get a group together to tackle this. If any interested parties want to pm me we can take this offline.

By the way I jumped straight into it with 90 days and flew through the labs and guide book. This was when I was off for nearly two weeks. Once I started tackling the labs I hit a wall. I should have followed something like the advice above but I am knee deep now, so no going back.

What background are you coming from? Do you have prior experience in this stuff beforehand?

I'm based in D15 also but I wont be going near OSCP for at least two years. Two young kids dominate my free time at the moment. That and my commitments as an international drug smuggler.

syklops

t4ff wrote: »

This is pretty much the exact list of stuff I've been working on recently.

What about a Slack group or something for Boards.ie guys working on it?

+1 for a slack group.

Maybe define a reading list which everyone should read? It'll prevent us going over old ground. Just a thought.

Keyzer

Does anyone know of any resources that can allow someone to prep for the labs in a practical sense?

I know vulnhub.com has an incredible amount of virtual machines but I struggle at times to find them relevant. They are more like puzzles where the author finds some obscure web server software with a specific vulnerability and hides clues in the likes of pictures.

All well and good but I'm looking for more real world examples. I have a domain controller running on my mac along with an instance of Kali and recently pulled all the files required to crack the AD database and own the domain. Very satisfying and something which would be useful in a real world testing scenario.

syklops

Keyzer wrote: »

Does anyone know of any resources that can allow someone to prep for the labs in a practical sense?

I know vulnhub.com has an incredible amount of virtual machines but I struggle at times to find them relevant. They are more like puzzles where the author finds some obscure web server software with a specific vulnerability and hides clues in the likes of pictures.

All well and good but I'm looking for more real world examples. I have a domain controller running on my mac along with an instance of Kali and recently pulled all the files required to crack the AD database and own the domain. Very satisfying and something which would be useful in a real world testing scenario.

I have just what you want right here: lab.pentestit.ru

Keyzer

syklops wrote: »

I have just what you want right here: lab.pentestit.ru

Brilliant - I came across that before but lost the link along the way. Nice one...

I like the idea of this thread, we should put some structure around it i.e. reading materials, practical learning etc.

pah

Keyzer wrote: »

Roottoor wrote: »

Sorry guys I started a new job on Monday but I will pick this back up this weekend. I would like to get a group together to tackle this. If any interested parties want to pm me we can take this offline.

By the way I jumped straight into it with 90 days and flew through the labs and guide book. This was when I was off for nearly two weeks. Once I started tackling the labs I hit a wall. I should have followed something like the advice above but I am knee deep now, so no going back.

What background are you coming from? Do you have prior experience in this stuff beforehand?

I'm based in D15 also but I wont be going near OSCP for at least two years. Two young kids dominate my free time at the moment. That and my commitments as an international drug smuggler.

Meh. I've 5 young kids and I'm going to go for it.

Keyzer

pah wrote: »

Meh. I've 5 young kids and I'm going to go for it.

Where are you going to find the time to dedicate to studying for this? From research, the recommended amount of time required to study for this exam is 3-4 hours. Daily. Unless you can study in work, I don't know how you could find the time or the right environment to study in with 5 kids.

t4ff

syklops wrote: »

I have just what you want right here: lab.pentestit.ru

CTF365.com is also also a good resource. Similar setup to the PWK labs. Option for free or pay monthly, but you get a free 30 days when you first sign up (I think they're still doing that).

They've also had a new update that gives paid users boxes to harden and defend, while attacking other team's servers.

syklops

t4ff wrote: »

CTF365.com is also also a good resource. Similar setup to the PWK labs. Option for free or pay monthly, but you get a free 30 days when you first sign up (I think they're still doing that).

They've also had a new update that gives paid users boxes to harden and defend, while attacking other team's servers.

And then CTF365 spams you morning noon and night until you setup a filter to delete messages from them or actually pay for "platinum access" or whatever it is they call it. Pentestit.ru is totally free and amazingly similar to the real OSCP lab.

t4ff

syklops wrote: »

And then CTF365 spams you morning noon and night until you setup a filter to delete messages from them or actually pay for "platinum access" or whatever it is they call it. Pentestit.ru is totally free and amazingly similar to the real OSCP lab.

Just took a look and seems like all my CTF365 e-mails go to spam by default. Not a problem I ever noticed!

I took full advantage of the free 30 days, but there's not quite enough there to convince me to shell out for the monthly fee.

pah

Keyzer wrote: »

pah wrote: »

Meh. I've 5 young kids and I'm going to go for it.

Where are you going to find the time to dedicate to studying for this? From research, the recommended amount of time required to study for this exam is 3-4 hours. Daily. Unless you can study in work, I don't know how you could find the time or the right environment to study in with 5 kids.

Finished my masters last Dec, 2 yrs part time and #5 arrived right in the middle. I just get on with it, great support from OH. I work shifts and I'm pretty busy most of the time in work but sometimes I can do a bit when I'm on nights, not very often though. I might be underestimating OSCP I've been thinking 12-15hrs PW should do it. I'm coming off the back of lots of linux, python, and bash from my masters so hope to keep that rolling into this.

Once I get the lab access I'll be going all out for the 90 days. I'll try and take the exam then within 2 weeks of finishing the labs.

Keyzer

Created a slack group for this. If anyone is interested in joining then DM me your email address.

t4ff

Keyzer wrote: »

Created a slack group for this. If anyone is interested in joining then DM me your email address.

DM sent!

pah

Keyzer wrote: »

Created a slack group for this. If anyone is interested in joining then DM me your email address.

DM sent also. Great idea.

calmness

Keyzer wrote: »

Created a slack group for this. If anyone is interested in joining then DM me your email address.

Hi, I'm also preparing for OSCP. Can you please add me to the group? Sent DM.

rreimao

I'm also preparing for OSCP. I will DM you guys.

I'm currently doing the lab.pentestit.ru, does anyone know if it's harder/easier than the OCSP?
Some of the labs on the pentestit.ru are insane. Not for being hard, but for being things that I would never imagine (like port knocking).

syklops

rreimao wrote: »

I'm also preparing for OSCP. I will DM you guys.

I'm currently doing the lab.pentestit.ru, does anyone know if it's harder/easier than the OCSP?
Some of the labs on the pentestit.ru are insane. Not for being hard, but for being things that I would never imagine (like port knocking).

A pentester I hold in the highest regard spent 3 months on pentestit.ru and then failed the OSCP exam. The OSCP mantra is "Try Harder". With that kind of mentality behind it, I suppose it can't be difficult enough. Hopefully its a bit harder than the OSCP test environment.

Roottoor

I am also tackling the OSCP, wondering can I get added to the group. Thanks

moneymad

Anyone one of you take the exam yet?
I've started my studying today.

Keyzer

I'm binning the Slack group next Monday due to lack of activity - anyone else wants to become Admin let me know.

Keyzer

Keyzer wrote: »

I'm binning the Slack group next Monday due to lack of activity - anyone else wants to become Admin let me know.

To be honest the boards thread is probably enough if people have questions. Slack and IRC for things like this can serve as more of a distraction than anything.

moneymad

I'm signing up this Monday for the 90 days lab access, course starts FEB 12th.
I came across a very good thread on techexams called oscp-jollyfrogs-tale.

moneymad

Dear ######,

We are happy to inform you that you have reserved a seat for the Offensive Security Penetration Testing with Kali Linux (PWK) online course starting on Sun, 29 Jan 2017, 00:00 (Europe/Dublin). Your seat will be confirmed and scheduled after payment has been received.

I'm really looking forward to this challenge.

Best of luck moneymad, I need to get back to doing this myself. Working a full time job in forensics doesn't make it easy

Kur4mA

So did anyone actually get their OSCP certification yet?

I'm going to brush up on my coding/scripting at the moment reading Automate the Boring Stuff with Python and doing all of the exercises, then creating a few handy scripts based on what I learn. After that, I plan to get back to doing some VM's from VulnHub and reading as much of the recommended reading material given by jollyfrogs on techexams. His path to the OSCP was linked above and has lots of great detail. His reading material is fairly exhaustive as he says and might have been insanely over the top but I've already read a fair few of them on my travels.

I spent the most interesting part of my degree in college using Kali and learning a ton, but never stuck to my plan of going after the OSCP. I plan to get cracking on it later in the year, all going to plan.

moneymad

Deleted User wrote: »

Best of luck moneymad, I need to get back to doing this myself. Working a full time job in forensics doesn't make it easy

Thanks Niall. I know the feeling very well. Forensics would be very interesting.

moneymad

Kur4mA, Ya, scripting is a massive part of it. The amount of reading material is sickening. Jollyfrogs approach to obtaining the cert was brilliant.

Kur4mA

moneymad wrote: »

Kur4mA, Ya, scripting is a massive part of it. The amount of reading material is sickening. Jollyfrogs approach to obtaining the cert was brilliant.

Very clever approach but just that reading material alone is a massive undertaking, lol. Hopefully the missus doesn't disown me!

moneymad

Nearly one week into the course and I spent the whole week learning bash scripting.
So far I've automated the creation of a folder structure for each live host along with nmap scan results copied into each hosts folder.
150 lines of bash , christ
Next onto service enumeration. Another week of that id say.

moneymad

Hi, took the exam yesterday at 3pm and finished today at 3pm. I managed to only get 25 points out of 100.

This cert is deadly lads. I've added more lab time and i'm going for it again in a few weeks.
Anyone thinking of doing this cert I would say go for it. It's very enjoyable and you learn so much cool stuff.

moneymad

Took the exam again last week and failed with around 45%.
I have to wait 2 weeks before i can book it again.

timmywex

Keep trucking, identify what you're missing or areas that you need to brush up on and really concentrate on them. Sometimes a bit of luck helps you along the way too!

moneymad

moneymad wrote: »

Took the exam again last week and failed with around 45%.
I have to wait 2 weeks before i can book it again.

I wouldnt rush into another attempt. Identify the areas you didn't do well in and brush up on them. Maybe your technique needs streamlining.

Chin up. Theres a reason its one of the most difficult exams out there, and theres a reason for the respect it commands once you get it.

Edit: I've said this before but one of my friends who I reckon is one of the best hackers in Ireland did the OSCP and failed on the first attempt.

moneymad

Rock solid advice lads. I held off on the quick retake and waited till last week - I was 10 points off a pass.
Nearly there.

moneymad

Failed at my fourth attempt. I'm 2 weeks into a 6 week cooling off period. I'm sitting it again at the beginning of October. My methodology is not working at all.
Moving onto doing vulnhub and metasoloitable VMS as the labs are costing me a fortune since February.

moneymad

Great news. After not giving up I passed it on my sixth attempt on Wednesday. With 20 minutes left I got the last machine to pass.