Advice: OSCP

@izzie said:

@Bear said:
When you say metasploit box, you’d get 10 points for using that to get priv esc or in general for using it (e.g, aux scanners?)

You are not allowed to use msfconsole in OSCP exam btw.

Metasploit is allowd to use one time but
The student are Restricted to use Metasploit on multiple machines duing the exam Exam

Yes, oscp helps your career. The exam is excellent. I found the exam much more enjoyable than the labs. It took me two attempts to pass the exam, because I made the exam harder than it actually was. You won’t need metasploit for any of it.

@izzie
To be honest, I try not to use metasploit anyway - I’ll just try not use it even more!

I have some ability around computing and have had a few years of experience of my own doing around the ‘scene’, for me OSCP is just a little decoration to the fact I’m actually able to do some things that I’ll be adding to my CV as an entry point into the paid employment doing it. Of course, it may backfire and be a 24 hours of stress for nothing, but having seen and spoken to some people that deal with top companies in top consultancies… I don’t think I have that much to worry about :slight_smile:

Thank you @delo

@Bear said:
Hello experts,

I am looking next year to embark on OSCP.

Are the labs like Mischief, Rabbit & the what I’d call the ‘sneakier’ type labs what you’d expect in this learning/examination? I love those labs as they’re a challenge but I can see myself failing miserably if it’s a few of those boxes on the exam!

Bear

This is a great question btw, so thanks for that.

@Bear said:
Hello experts,

I am looking next year to embark on OSCP.

Are the labs like Mischief, Rabbit & the what I’d call the ‘sneakier’ type labs what you’d expect in this learning/examination? I love those labs as they’re a challenge but I can see myself failing miserably if it’s a few of those boxes on the exam!

Bear

Machines are indeed easier in OSCP exam, but time mgmt. is issue. 24h is not so much for five machines, especially in the stressful exam conditions. If you stuck on one, there might be not enough time.

Agree with @macw141 . Time is real problem as are various ‘rabbit holes’. Approach is different in oscp as very rarely need to run 4 hour dirbusting scans. I found some htb machines easier than oscp. oscp requires a different mindset, one which has taken me a lot longer than I thought it would, especially coming from a development background. Still waiting for the magic passed email, although still working towards it!

so far in my small experience of HTB and oscp lab , i found oscp windows machines easier and the web exploitation is also not soo hard for getting reverse shell. but the big 4 machines in oscp lab is something i can say are harder, if someone like me faced those in exam for surely gonna fail

without breaking any rules i honestly thought the exam boxes a massive step up from the big 4 boxes

hi richeze - i hardly get any success with the big4 in the oscp lab, so far i rooted 30 machines in the lab, some people say oscp exam is not much harder but “try harder mantra” is something which keeps bugging me, i am not from the field of pentesting but what i experience here on htb and oscp lab gives me a mixed feeling on exam fail/pass :slight_smile: anything suggestions on gaining more skills would be helpful - thanks

hi guys - anyone wants to team up for OSCP? mine is next month, i am bit halfway way feel like not read :slight_smile:

what’s the average time one should spend on a HTB box while learning ?

I know that is a vague question and I would like to pwn it without looking at the hints. Some times I feel like I’m spending way too much time and I’m not making any progress.

Giving me approximate times for easy/moderate/hard boxes would help me make some kind of progress instead of making zero progress. THanks!

It’s depending on your experience on the boxes or pen testing. If you are day time pen tester, you can pwn easy boxes in an hour or two.
But if you are new to pen testing, it may take days to pwn easy machines.

@masuse said:
hi guys - anyone wants to team up for OSCP? mine is next month, i am bit halfway way feel like not read :slight_smile:

That’s a pretty cool idea! Mine will be on Dec, but I’m already preparing for it!

@masuse said:
hi guys - anyone wants to team up for OSCP? mine is next month, i am bit halfway way feel like not read :slight_smile:

I will have mine one in early Nov.

Hi, I would like to pick this topic for speak about OSCP!

I made a decision, in december and January is it OSCP time! :slight_smile: I’m IT Engineer since 12 years, especally in Windows platform"Active Directory, VMware Virtualisation, Hyper-V, Storage, Network “CCNA”.
Do you have any adive of book for preparing this certification, book of Web Exploitation or any like this would be help to learn before OSCP.

Thanks !

@petitponeybzh said:
Hi, I would like to pick this topic for speak about OSCP!

I made a decision, in december and January is it OSCP time! :slight_smile: I’m IT Engineer since 12 years, especally in Windows platform"Active Directory, VMware Virtualisation, Hyper-V, Storage, Network “CCNA”.
Do you have any adive of book for preparing this certification, book of Web Exploitation or any like this would be help to learn before OSCP.

Thanks !

The only two books you’ll need for Web Exploitation are “The Web Application Hacker’s Handbook” and “Owasp Testing Guide”. In addition to that, check “Network Security Assessment”, “The Hacker Playbook” series or “Penetration Testing” and then… practice, practice, practice with boxes here as much as you can! Oh, and then this → https://twitter.com/0xdea/status/1053568325597442048

@mrcopy thanks for you anwser :slight_smile:
I take in account!

@petitponeybzh said:
Hi, I would like to pick this topic for speak about OSCP!

I made a decision, in december and January is it OSCP time! :slight_smile: I’m IT Engineer since 12 years, especally in Windows platform"Active Directory, VMware Virtualisation, Hyper-V, Storage, Network “CCNA”.
Do you have any adive of book for preparing this certification, book of Web Exploitation or any like this would be help to learn before OSCP.

Thanks !

I’m in the same place. I decided on starting up the labs in January for the OSCP exam. I’ve been in IT for about 10 years in the same type of fields. Good Luck!

HTB are intended for you to attack through an expected vector, usually because the systems are all patched.

OSCP systems are not patched to the latest version. This means that while there is probably an “intended” attack vector to privesc, you don’t even need to use it. If you’re good at exploitation you can privesc with a lot of the new proof of concepts (like ALPC). You just have to compile them. I spent an ungodly amount of time on a privesc (enumerated literally everything) when I could’ve just compiled an exploit. (I still don’t know the stupid “intended” route for that…)

Also, don’t overestimate OSCP exam. The bar is very low. Stupid stuff is configured. Stuff that would probably never be in the real world.

The best thing you can learn from HTB is looking at how other people solved the problem. The github has the solutions for every box. The password is the root hash. Look at them. You might read stuff you never even thought of.