@wirepigeon said:
OSCP exam is hard & demoralizing if you fail, but the ‘hard’ machines in oscp (pain, sufferance, humble, gh0st) imo are far easier than some of the machines on htb
I think the main issue on this exam is time… It’s hard to manage this. It is far from the confort on HTB where, yes, you want to make it the most quickly as you can, but no matter if it take 2-3 hours or more to succeed on one machine. Here you have several machine, limited times and you have to manage stress and the fact that the more time you spent the more you ll be tired and less focus…
you cannot compare OSCP with HTB
HTB is much more difficult than OSCP if you have done all the machines in HTB or if you are one of the active member from last 1 year you can easily do OSCP in fact earlier many machines were similar like OSCP.
OSCP will help you to increase your thinking power you don’t have to craft any exploit on your own but you should be able to modify it.
Lab machines are not that tough but exam machines are difficult with limited time constrain
@DeepinX said:
I need to ask a few questions about BOF in general. For some reasons I have never heard of someone not being able to get the BOF in the exam but I could not get it when I did the exam.
So what I wanted is for someone to point me to a guide that could help. I have done the SLmail BOF more than 6 times already with no problems. So is there a encoder I should look at other than msfvenom for BOF or am I missing something stupid?
Please don’t “over share” as I don’t want to lose the cert before I even get it xD
I will be doing the exam on Monday and this will be my second time.
If you follow the PDF, you should be good. Keep the following process;
Finding buffer length, make sure you can overflow EIP
Finding badcharacters is important, you’ll have to do this for the BO
Use an appropriate amount of NOPs
Try first with calc.exe instead of a (reverse) shell
I’ve spent a lot of time on the BO during my OSCP exam. At the end I decided to RTFM and noticed I forgot the NOPs. After a facepalm and including some \x90’s, it worked flawless.
Other subject “HTB” is harder than “OSCP” - In my opinion, overall the machines on HTB require some more digging than the average OSCP machine. I find both environments challenging and most of all: a lot of fun!
Do the BOF first as soon as the exam opens up if you can. Get it out of the way. Also, walk into the exam knowing how to find badchars in your sleep. If your box was anything like mine, this is a necessity.
Don’t get discouraged - it’s hard to pick up at first but you will get there.
Mastering BOF is all about getting used to assembly level debugging. Single step your target, look at which point it does not execute code you expect and then find out why.
I had a similar issue on my exam. had it working on the test machine after <1 hr but wasted a further 8 hrs getting to work on the exam box, eventually found the problem. pm me if you wanna discuss.
As others mentioned, the lost time and the pressure after that was too much and i failed the exam, i felt that i could not walk away for a break and ended spending almost all of the 24hrs at the desk chasing in and spinning my wheels in full brain fog mode.
I took heart from the fact that i only just fell short and (probably one user shell away), after having 0 pts on the board after 10 hrs. Looking forward to re-taking having learnt from the experience.
@AgentTiro said:
I bet he was taking a jmp esp from an OS .dll rather than the programme. Then when he tried on exam it failed because of differences in OS.