A Script Kiddie’s guide to Passing OSCP on your first attempt.

Congratulations of passing you just motivate another one that it can be done.
but as you wrote Time and hard study is the secret here !
Thanks 4 your post !

Type your comment> @rowra said:

Congratulations!
And thank you a lot for your post. I set my mind to get OSCP and OSCE too, both without any due dates. Thing is I’m a weird ■■■ borderliner. I feel extremely anxious right up until the point I feel omnipotent.
Reading your experiences makes me feel a little eased, like in the near future I could possibly start the course, at least.

Thank you again. It was really nice reading another point of view, not the zomgg so d1fficUlT u g0tta be 1337est evr and like you gotta write the new 0day kernel exploit brah

You’ll keep going towards OSCE too?

Stay calm and collected, at the end of the day its just another exam which you have done most of your life at school.

I’m going to hopefully start AWAE soon!

@Th3R3dP1ll said:
Great analysis of the OSCP, I went into it earlier this year and overthought everything which was a major reason why I didn’t pass. Now I’ve spent a bit more time in the industry and started to think more logically about the entire process I feel that I would be better suited for this exam maybe in the next year or so. Experience is a must!

Thanks again!

No probs! Study hard and keep hacking…

@m0zzare11a said:
Excellent writeup. Congrats on passing!

Thank you!

@Blu3wolf said:
Congratulations of passing you just motivate another one that it can be done.
but as you wrote Time and hard study is the secret here !
Thanks 4 your post !

Thank you! Im glad you see it as motivation!

Excellent. I’m also a father of two in a sysadmin / engineer role so it’s especially salient.
Thanks.

i failed my first attempt only got 25 points means BOF :frowning:

Thank you for sharing your experience here. Very insightful and encouraging!

Many congratulations on passing the exam!! A nicely written article, which has cleared my mind a lot, and I am having a breath of relief ? I’ve been freaking out since I registered for the PWK, but now thanks to you I am feeling a bit relaxed… I’m a script kiddie too here, but i’ve pwned all the vulnhub VMs in abatchy’s blog, and a few more as well…

Nice,this is valuable information indeed.
Thank you for sharing sir.

Thank you for this awesome write up!

Sir, i’ve a question. While doing my OSCP, can i use nmap vulner to scan for CVE then access into it’s script. instead of using metasploit to automate. i “kiddie script” manually. in this situtation do i need to cite the source of the script (probably with screenshots or whatever means)? and will i fail the exam?

Another question… As I’m browsing thru the ocsp report template. Section 3.4 House cleaning : after collecting trophies from the exam network was completed, the student removed all user account and passwords as well as the meterpreter services installed on the system. Offensive security should not have to remove any user accounts or services from the system.

Does this means once done must clean up as it originally is?

.

Type your comment> @SlaCk3rxD said:

Another question… As I’m browsing thru the ocsp report template. Section 3.4 House cleaning : after collecting trophies from the exam network was completed, the student removed all user account and passwords as well as the meterpreter services installed on the system. Offensive security should not have to remove any user accounts or services from the system.

Does this means once done must clean up as it originally is?

Hi,
For the first question: exam guide have explicit manual about this. If you wrote a script or made any changes to existent script you should provide a link to the source code and include all the code into the report and highlight the changes.
Nmap itself and its scripting engine is fully permitted on the exam, there are no restrictions like msf/meterpreter

For the second question: you do not need to delete all the traces in the exam network. This section is more like awareness about your future reports to the real customers

Hi @3XsAGbKHsb7FPY as I read somewhere before. Oscp only allow us to use msf/meterpreter once in the whole exam. Okay good to know there’s no need to cleanup. Otherwise it will be a waste of time… Thanks!

thx!

Gr8 Write-up with motivation and achieving set goal. if we buy 90 days material and go through properly. will it be enough to take exam and pass? ( if good on networking, linux). how did you manage step by step recording of each steps during exam. which os you are allowed to connect? other than oscp what you recommend for quick notes and review before an exam?

Thank you for sharing! I’m going to be attempting my OSCP exam soon so this is definitely helpful.

Did my 2nd attempt on OSCP yesterday.
The first time, I got problems with the BoF-challange, which took me 6 hours, after that i was stressed and collecte aprox 60 points allover, in 18 hours.

I had a cooldown period for 3 months (self decided, as the labs kind of burned me out, my girlfriend complained about me not being around with my son).

This 2nd time around,
I got 50 points in 2 hours, had 90 (given that i only acccess local.txt and its worth half value) points within 6 hours.

Pretty great to have such amount of time left and be able to use it to write the report, retake screenshots that looks strange in your report and such.

Let’s just hope I pass :>