OSCP Exam review "2019" + Notes & Gift inside!

@21y4d I’m a freshman in University, with a deep love of Linux, Any Windows “Strategy”/Course suggest for me? (I know very little about Windows, since HTB mostly in Linux)

@0verfl00w Any suggestion on doing Granny&Grandpa without MSF? (These machines retired.)

@kmahyyg said:
@21y4d I’m a freshman in University, with a deep love of Linux, Any Windows “Strategy”/Course suggest for me? (I know very little about Windows, since HTB mostly in Linux)

@0verfl00w Any suggestion on doing Granny&Grandpa without MSF? (These machines retired.)

The OSCP material on Windows is good, and most of their machines are Windows, so you’ll get plenty of exercise there.

My suggestion would be to get a VIP subscription here in HTB if you can, and go through retired Windows boxes following the PDF guides or @ippsec videos. You can start from easy boxes and go up, and that should give you a very good experience with Windows machines.

If you need more material after OSCP, you can check Pentester Academy, as they have several courses on Windows that cover various other areas.

I hope this helps.

Thank you for the info and the tool. Very very cool :slight_smile:

im still looking for the manual way for ms17-010, cant really find something working

Just received my oscp material - timer has kicked in.

Might not be on here as much for a while guys.
maybe…

Type your comment> @peek said:

I’m still looking for the manual way for ms17-010, can’t really find something working

@peek maybe this will come in handy for you.

@21y4d congrats and thanks for this great review on OSCP, really appreciated.

@peek
Do check out
MS17-010/send_and_execute.py at master · helviojunior/MS17-010 · GitHub

Type your comment> @7axm1 said:

@peek
Do check out
https://github.com/helviojunior/MS17-010/blob/master/send_and_execute.py
i will test

Type your comment> @peek said:

Type your comment> @7axm1 said:

@peek
Do check out
https://github.com/helviojunior/MS17-010/blob/master/send_and_execute.py
i will test

I used it on PWK Lab and it worked quite well. Just look for a NamedPip

@Baikuya
Is this what you asked to look for
Managed services ??
Kindly correct me if I am wrong. :slight_smile:

Great tool! Thanks!

Very well written review. I started OSCP last year and had to take some time away after two failed exam attempts. Starting back up now using HTB so that I can have some of the same insight that you have given here. Thank you for writing this up as it justifies my decisions on how to prepare now.

Very good and guiding writeup. Great tool. I will try.
For OSCP whether kali 2019.4 can be used. If so, whether updates can be regular or we have to use without any update.
What extra tools are to be installed in kali.
I dont get this in any write up or I miss it.

Type your comment> @singham said:

Very good and guiding writeup. Great tool. I will try.
For OSCP whether kali 2019.4 can be used. If so, whether updates can be regular or we have to use without any update.
What extra tools are to be installed in kali.
I dont get this in any write up or I miss it.

I just took the exam on July 26th, and got confirmation that I passed 2 days ago. I can tell you that I did not use the Kali image that was provided to me for the PWK course. I used Kali 2019.2. I did apply some updates to it, and I installed some extra tools. Mostly these were tools, and scripts, that I discovered to help me in my attacking boxes on HTB.

In reply to some of the things you said about no auto exploits, and anyone can chime in on this, does that include things like autoblue or things along those lines?

Hi ,thank you so much for that detailed review.

I wanna ask about this BOF machine.

Does it has to be windows or can be linux also?

Thansk

@cspence10 said:
In reply to some of the things you said about no auto exploits, and anyone can chime in on this, does that include things like autoblue or things along those lines?

Basically any tool that does the exploitation for you is not allowed, apart from Metasploit, which is allowed on 1 machine only.

You mainly have to know how to find, edit, and use exploit scripts “in Python, C, PHP…etc”

@Tugzen said:
Hi ,thank you so much for that detailed review.

I wanna ask about this BOF machine.

Does it has to be windows or can be linux also?

Thansk

Only Windows, similar to the demo shown on the OSCP course, and similar to the Windows machine you will receive with the course for BOF practice.

Just got here via another post, the tool is awesome! Thanks for developing it and releasing it for all of us to use

the script nmapAutomator it’s can be use in the exam ?