OSCP Exam review "2019" + Notes & Gift inside!

Really liking nmapAutomator so far. Thanks! And thanks for the OSCP review. That’s my next challenge.

@21y4d nmapAutomator has been great! I modified it locally just slightly (changed a few things to match my personal preference (i.e. added some additional defaults to gobuster and nikto). Your hard work is much appreciated, and congrats on your OSCP!

Thanks… I’m glad you like it, and feel free to modify it to match your preferences.
If anyone can improve upon can PM me so I can implement the ideas :slight_smile:

Thank you, thank you, thank you!

I have set the OSCP as my target in the near future. I got CEH a couple of months ago and I’m now reading everything I get my hands on, and getting new skills with the HTB boxes.

Your review has somehow calmed me down a bit, cause I had a much more difficult mental image of it (I’ll try not to get overconfident LOL).

Oh, and thanks for the script! I’m sure it will come handy in many scenarios!

@GibParadox said:
Thank you, thank you, thank you!

I have set the OSCP as my target in the near future. I got CEH a couple of months ago and I’m now reading everything I get my hands on, and getting new skills with the HTB boxes.

Your review has somehow calmed me down a bit, cause I had a much more difficult mental image of it (I’ll try not to get overconfident LOL).

Oh, and thanks for the script! I’m sure it will come handy in many scenarios!

Wish you all the best.
No need to panic, simply train hard and keep “trying harder” and you can definitely get there from your first attempt.

Recent machines I would rank as average OSCP exam level are “SwagShop and Luke”, which are probably one of the easiest currently active machines. Like I said, it’s a balance between difficulty, time, and rabbit holes, as you will have to do five of those.

Thank s for your review! Really helpful. I am taking the PWK course at the moment. In my second week of 90 days lab time.

Query about the PWK course / OSCP exam.
I read somewhere that a specific VM is provided for the course/exam to ensure that everything you need is available, is that the case still? If so how many used that VM over your own?

Type your comment> @DameDrewby said:

Query about the PWK course / OSCP exam.
I read somewhere that a specific VM is provided for the course/exam to ensure that everything you need is available, is that the case still? If so how many used that VM over your own?

Yes there is, I think it’s 2018 build of Kali at this point. It’s 32bit and contains a couple of extra things that don’t come with stock Kali. Personally I used my everyday 64bit build and only touched the 32bit for compiling 32bit exploits.

Type your comment> @BROX said:

Type your comment> @DameDrewby said:

Query about the PWK course / OSCP exam.
I read somewhere that a specific VM is provided for the course/exam to ensure that everything you need is available, is that the case still? If so how many used that VM over your own?

Yes there is, I think it’s 2018 build of Kali at this point. It’s 32bit and contains a couple of extra things that don’t come with stock Kali. Personally I used my everyday 64bit build and only touched the 32bit for compiling 32bit exploits.

Understood, thanks.

@DameDrewby said:
Query about the PWK course / OSCP exam.
I read somewhere that a specific VM is provided for the course/exam to ensure that everything you need is available, is that the case still? If so how many used that VM over your own?

Yes they do, and it is usually updated on yearly basis.
Personally I did not use it, and I think it is recommended for those who never used Kali, but if you have your own then there’s no good reason to switch.
The main two things in the VM are:
1-it’s 32-bit, to try out linux 32-bit BOF “which aren’t part of the exam, and a can still be compiled and tested on 64-bit machine”
2-It has a a bunch of extra applications installed, most of which aren’t needed for the exam.

So in case you already use Kali, there’s really no point to consider their VM.

Type your comment> @21y4d said:

@DameDrewby said:
Query about the PWK course / OSCP exam.
I read somewhere that a specific VM is provided for the course/exam to ensure that everything you need is available, is that the case still? If so how many used that VM over your own?

Yes they do, and it is usually updated on yearly basis.
Personally I did not use it, and I think it is recommended for those who never used Kali, but if you have your own then there’s no good reason to switch.
The main two things in the VM are:
1-it’s 32-bit, to try out linux 32-bit BOF “which aren’t part of the exam, and a can still be compiled and tested on 64-bit machine”
2-It has a a bunch of extra applications installed, most of which aren’t needed for the exam.

So in case you already use Kali, there’s really no point to consider their VM.

Perfect, thank you.

Great tool mate, will be using it on my exam!

Which box here on HTB was metasploit only?

@21y4d I’m a freshman in University, with a deep love of Linux, Any Windows “Strategy”/Course suggest for me? (I know very little about Windows, since HTB mostly in Linux)

@0verfl00w Any suggestion on doing Granny&Grandpa without MSF? (These machines retired.)

@kmahyyg said:
@21y4d I’m a freshman in University, with a deep love of Linux, Any Windows “Strategy”/Course suggest for me? (I know very little about Windows, since HTB mostly in Linux)

@0verfl00w Any suggestion on doing Granny&Grandpa without MSF? (These machines retired.)

The OSCP material on Windows is good, and most of their machines are Windows, so you’ll get plenty of exercise there.

My suggestion would be to get a VIP subscription here in HTB if you can, and go through retired Windows boxes following the PDF guides or @ippsec videos. You can start from easy boxes and go up, and that should give you a very good experience with Windows machines.

If you need more material after OSCP, you can check Pentester Academy, as they have several courses on Windows that cover various other areas.

I hope this helps.

Thank you for the info and the tool. Very very cool :slight_smile:

im still looking for the manual way for ms17-010, cant really find something working

Just received my oscp material - timer has kicked in.

Might not be on here as much for a while guys.
maybe…

Type your comment> @peek said:

I’m still looking for the manual way for ms17-010, can’t really find something working

@peek maybe this will come in handy for you.

@21y4d congrats and thanks for this great review on OSCP, really appreciated.

@peek
Do check out
MS17-010/send_and_execute.py at master · helviojunior/MS17-010 · GitHub