Tag Archives: OSCP

OSCP Diary 3

I didn’t intend on taking so much time in between posts, but with work, Christmas and the OSCP I have been swamped!

So sitrep: Progress has been slow and steady, maybe a little slower than I would have liked…in fact definitely slower than I would have liked.

So my main issue has been myself.. I am arrogant, I procrastinate a lot and I am a weak!

So let me explain each in turn; I am arrogant. Coming into the OSCP, I was telling myself, how hard can this be, you’ve been in this game for a few years now, you have lots of Linux experience, you have used most and if not all of these tools before. This should be a formality.

Well it turns out it isn’t a formality, yes I have been in this game before, but never on the attacking side, sure I’ve done the vulnhub stuff, the uni classes and even a little bit of dabbling in the real world, but this is different, it isn’t just about knowing how to use the tools or following tutorials. This requires you to sit down and plan and conduct the tools like a conductor conducts an orchestra. This is about knowing what to use when, about what steps to take first, about developing a repeatable but dynamic process.

This is hard….way harder than it sounds, I think the only way to really learn this is via time, practice and effort.

While we are on the subject of effort, let’s move on to my next failing; procrastination. All too often have I got up and told myself today I will spend the entire day on this..and sometimes I do. But that also involves picking up my phone to check Facebook, stopping to make tea, going on youtube etc etc. This wastes lots of time. I need to stop this.

My next failing is weakness….I will admit it, I have had the “I can’t do this” moment(s), it has hit me and it has hit me hard.

I will be working on a box, I will be following an attack vector all is well, I’m in full on Neo from the matrix mode…then boom. Brickwall….I get stuck and I cannot get any further. This has happened to me a few times now.

But…a few days ago I hit a milestone, I pwned not 1..but 2 boxes. Sure they were exploiting the same vulnerability, but the joy of getting a shell on those boxes with a custom exploit was good!

I had my first “I CAN DO THIS!” moment, from these I have had a number of small victories, finding the odd thing here and there, I am beginning to feel like I am making progress.

Right that is enough for today, I’m not sure exactly when my next post will be but I will try make it sooner than this one took me!

OSCP Diary Day 2 and 3

I’m now on day 3 of 90 of the OSCP. How has progress been!?…well, steady.

Time has been tight, with work, family etc. It’s hard to set aside blocks of time to really sit down and concentrate. I have the luxury of being able to do a bit at work (cause my work is awesome!), but much of that is broken up in between work stuff (Which obviously takes priority) so I haven’t had a huge amount of time to just sit down and focus on working though the course work.

But steady progress is better than no progress… and today…*druuum roooollllll* I popped my first box. Although it was very…VERY low hanging fruit.

I have also made some great progress in regards to enumeration. So all in all, the last couple of days while not being perfect have been okay.

I will need to take a day off tomorrow as I am attending a Cyber Security Conference (Which I am really pumped up for), but I will be back in action on Friday
I’ve still not had that “I can’t do this moment”…but I haven’t tried hard enough yet. Friday I hope to have a few hours of time to dedicate to this, so maybe that moment will come then!

Meaningful time in labs: 9 hours.

OSCP Diary Day 1

Welcome to my OSCP diary, somewhere for me to brain dump my thoughts as I work my way through the Penetration Testing with Kali Linux (PWK) course and then take the Offensive Security Certified Professional (OSCP) Exam.

The PWK/OSCP are under strict NDA so I will not be going into details here, I will be very general and very vague. So if you are looking for PWK tutorials and howtos, then you have come to the wrong place.

After weeks of waiting I finally got my OSCP lab access last night at 0000 Hours, as the bell tolled midnight the email that I had not patiently waited for was finally delivered.

The plan was wait up until midnight, get the email download all the stuff that I needed to get onto the labs, all the course materials etc. etc. then go to bed get a solid 7 hours sleep and be ready to spend Sunday pwning n00bs and popping shells!

So that was the plan, the reality however was somewhat more chaotic. Like a schoolboy at Christmas I have been getting a lot little hyped up over the last few days counting down the minutes to 0000 on my lab access day, thus I was already a little sleep deprived when I waited up to receive my email.

So the email comes in and I feel the rush of adrenalin surge though me (well about as much as a rush as you can get from receiving an email after a 20 hour day), and off I go dutifully downloading all the stuff I needed.

So I finished getting all the stuff and headed off to bed and sleep for a solid 7 hours….no I’m just kidding. I thought to myself, “ahh well I may as well configure everything just now so I’m ready to go in the morning.”, so off I go configuring all the things, getting everything just so.

It is now around 0100 everything is downloaded, everything is configured, all I need to do now is get some shut eye.

“But maybe I should just have a wee tincy wincy look at what I have in store for me”….so I open the course materials, pop on the forums, check out the IRC…it’s now 0200.

My mindset has now changed, I’m now thinking “well I’ve went this far I may as well get on the labs and have a look”…3 hours later it 0500 and I’ve just sat up all night, excited scanning all the things!
At this stage tiredness gets the better of me and I decide to call it a night (well technically morning).

So to bed I go 3 and bit hours later I’m awake again it is now 0830 and I am feeling compelled to get back in the labs. So to the labs I go…now it may be the sleep deprivation, it may be the excessive amount espressos I’ve consumed or it could be a combination of both, but I could not focus on any one thing. I must have wasted hours jumping around from one thing to another. I went from going rouge and jumping ahead of the game hitting random boxes to deciding to slow down and methodically just work my way though things from beginning to end.

In the end it now approaching 1800 I need to get things ready for the day job tomorrow (who I owe a big thank you to for putting me though the OSCP!), and I need to step away for a bit let everything from last 18 hours sink in.

The two take aways from day 1 are:

1: Sleep (it is a requirement unfortunately)
2: Plan ahead and prepare your day. (this will save a lot of time later on!)

Now roll on day 2 (of 90).

Meaningful time in labs: 6 Hours