A Script Kiddie’s guide to Passing OSCP on your first attempt.

2»

Comments

  • Many congratulations on passing the exam!! A nicely written article, which has cleared my mind a lot, and I am having a breath of relief 😅 I've been freaking out since I registered for the PWK, but now thanks to you I am feeling a bit relaxed.. I'm a script kiddie too here, but i've pwned all the vulnhub VMs in abatchy's blog, and a few more as well..

  • Nice,this is valuable information indeed.
    Thank you for sharing sir.

  • Thank you for this awesome write up!
  • Sir, i've a question. While doing my OSCP, can i use nmap vulner to scan for CVE then access into it's script. instead of using metasploit to automate. i "kiddie script" manually. in this situtation do i need to cite the source of the script (probably with screenshots or whatever means)? and will i fail the exam?

    I love to play my birds(Lovebirds) but now HTB has been taking away my love for them.
    '>.<

  • Another question.. As I'm browsing thru the ocsp report template. Section 3.4 House cleaning : after collecting trophies from the exam network was completed, the student removed all user account and passwords as well as the meterpreter services installed on the system. Offensive security should not have to remove any user accounts or services from the system.

    Does this means once done must clean up as it originally is?

    I love to play my birds(Lovebirds) but now HTB has been taking away my love for them.
    '>.<

  • edited November 2019

    .

  • edited November 2019

    Type your comment> @SlaCk3rxD said:

    Another question.. As I'm browsing thru the ocsp report template. Section 3.4 House cleaning : after collecting trophies from the exam network was completed, the student removed all user account and passwords as well as the meterpreter services installed on the system. Offensive security should not have to remove any user accounts or services from the system.

    Does this means once done must clean up as it originally is?

    Hi,
    For the first question: exam guide have explicit manual about this. If you wrote a script or made any changes to existent script you should provide a link to the source code and include all the code into the report and highlight the changes.
    Nmap itself and its scripting engine is fully permitted on the exam, there are no restrictions like msf/meterpreter

    For the second question: you do not need to delete all the traces in the exam network. This section is more like awareness about your future reports to the real customers

  • Hi @3XsAGbKHsb7FPY as I read somewhere before. Oscp only allow us to use msf/meterpreter once in the whole exam. Okay good to know there's no need to cleanup. Otherwise it will be a waste of time.. Thanks!

    I love to play my birds(Lovebirds) but now HTB has been taking away my love for them.
    '>.<

Sign In to comment.