A Script Kiddie’s guide to Passing OSCP on your first attempt.

Sir, i’ve a question. While doing my OSCP, can i use nmap vulner to scan for CVE then access into it’s script. instead of using metasploit to automate. i “kiddie script” manually. in this situtation do i need to cite the source of the script (probably with screenshots or whatever means)? and will i fail the exam?

Another question… As I’m browsing thru the ocsp report template. Section 3.4 House cleaning : after collecting trophies from the exam network was completed, the student removed all user account and passwords as well as the meterpreter services installed on the system. Offensive security should not have to remove any user accounts or services from the system.

Does this means once done must clean up as it originally is?

.

Type your comment> @SlaCk3rxD said:

Another question… As I’m browsing thru the ocsp report template. Section 3.4 House cleaning : after collecting trophies from the exam network was completed, the student removed all user account and passwords as well as the meterpreter services installed on the system. Offensive security should not have to remove any user accounts or services from the system.

Does this means once done must clean up as it originally is?

Hi,
For the first question: exam guide have explicit manual about this. If you wrote a script or made any changes to existent script you should provide a link to the source code and include all the code into the report and highlight the changes.
Nmap itself and its scripting engine is fully permitted on the exam, there are no restrictions like msf/meterpreter

For the second question: you do not need to delete all the traces in the exam network. This section is more like awareness about your future reports to the real customers

Hi @3XsAGbKHsb7FPY as I read somewhere before. Oscp only allow us to use msf/meterpreter once in the whole exam. Okay good to know there’s no need to cleanup. Otherwise it will be a waste of time… Thanks!

thx!

Gr8 Write-up with motivation and achieving set goal. if we buy 90 days material and go through properly. will it be enough to take exam and pass? ( if good on networking, linux). how did you manage step by step recording of each steps during exam. which os you are allowed to connect? other than oscp what you recommend for quick notes and review before an exam?

Thank you for sharing! I’m going to be attempting my OSCP exam soon so this is definitely helpful.

Did my 2nd attempt on OSCP yesterday.
The first time, I got problems with the BoF-challange, which took me 6 hours, after that i was stressed and collecte aprox 60 points allover, in 18 hours.

I had a cooldown period for 3 months (self decided, as the labs kind of burned me out, my girlfriend complained about me not being around with my son).

This 2nd time around,
I got 50 points in 2 hours, had 90 (given that i only acccess local.txt and its worth half value) points within 6 hours.

Pretty great to have such amount of time left and be able to use it to write the report, retake screenshots that looks strange in your report and such.

Let’s just hope I pass :>

So I ended up failing my first OSCP attempt, which I know isn’t a bad thing. It just means I need more practice. I looked over the list of OSCP-type boxes suggested from NetSec/TJ Null, and I feel I should start there to get more experience before even attempting again. I managed to pass the BOF challenge in the exam, which I had no issues with.

I also learned that familiarizing myself with programming/scripting languages such as Python and C will be of benefit to me since the exploits I’ve ran into had me guessing some of the time of what it did, which I know isn’t a good place to be at.

Anywho, just thought I’d share my experience, it was difficult but I’ll try again at some point.

Type your comment> @q8cloud said:

Gr8 Write-up with motivation and achieving set goal. if we buy 90 days material and go through properly. will it be enough to take exam and pass? ( if good on networking, linux). how did you manage step by step recording of each steps during exam. which os you are allowed to connect? other than oscp what you recommend for quick notes and review before an exam?

Sorry for the late reply. It really depends on your experience and how much time you have to dedicate to it. If you can spend time after-work every day plus the weekend, and feel ready… then you should go for it. I personally didn’t have all that time with kids so I didn’t take the test after 9 months.

@extincted said:
Did my 2nd attempt on OSCP yesterday.
The first time, I got problems with the BoF-challange, which took me 6 hours, after that i was stressed and collecte aprox 60 points allover, in 18 hours.

I had a cooldown period for 3 months (self decided, as the labs kind of burned me out, my girlfriend complained about me not being around with my son).

This 2nd time around,
I got 50 points in 2 hours, had 90 (given that i only acccess local.txt and its worth half value) points within 6 hours.

Pretty great to have such amount of time left and be able to use it to write the report, retake screenshots that looks strange in your report and such.

Let’s just hope I pass :>

You will, don’t rush and give yourself time to absorb, learn, rinse and repeat. Then go for the exam. Every box I failed to pwn in htb and vulnhub I wrote down where I failed and created a list of “have you tried these techniques” to help me remember.

@darkrealm12 said:
So I ended up failing my first OSCP attempt, which I know isn’t a bad thing. It just means I need more practice. I looked over the list of OSCP-type boxes suggested from NetSec/TJ Null, and I feel I should start there to get more experience before even attempting again. I managed to pass the BOF challenge in the exam, which I had no issues with.

I also learned that familiarizing myself with programming/scripting languages such as Python and C will be of benefit to me since the exploits I’ve ran into had me guessing some of the time of what it did, which I know isn’t a good place to be at.

Anywho, just thought I’d share my experience, it was difficult but I’ll try again at some point.

Keep your head up and figure out your weaknesses. You will get better and pass.

really motivated …nice writeup…hope i will clear my exam

Type your comment> @LRNZO said:

@extincted said:
Did my 2nd attempt on OSCP yesterday.
The first time, I got problems with the BoF-challange, which took me 6 hours, after that i was stressed and collecte aprox 60 points allover, in 18 hours.

I had a cooldown period for 3 months (self decided, as the labs kind of burned me out, my girlfriend complained about me not being around with my son).

This 2nd time around,
I got 50 points in 2 hours, had 90 (given that i only acccess local.txt and its worth half value) points within 6 hours.

Pretty great to have such amount of time left and be able to use it to write the report, retake screenshots that looks strange in your report and such.

Let’s just hope I pass :>

You will, don’t rush and give yourself time to absorb, learn, rinse and repeat. Then go for the exam. Every box I failed to pwn in htb and vulnhub I wrote down where I failed and created a list of “have you tried these techniques” to help me remember.

Well I got my OSCP :slight_smile: So the feeling was correct.

@extincted said:

Well I got my OSCP :slight_smile: So the feeling was correct.

Nice work ! Really good news.

Type your comment> @extincted

Well I got my OSCP :slight_smile: So the feeling was correct.

Congratulations buddy ?

Just failed my first attempt with root only on BoF.
I spent one hour in BoF, and stuck on remaining four machines. Found several pieces of exploit but still not allowing me to get shell.
Even the 10 points one, not many port were there, and it had one easy search BoF exploit. I tried with the manual one, it did not work. Modified the payload, still not work. May be I should try to install the same application and try with the BoF. Anyway, I thought that should work with the auto way. However, I was wrong.
And I was able to get into a file system in another machine. Find the user proof, but with out any visible plan to lead me to the low priv shell.
Similar issue occurred on remaining two machines, with the exploit that I found, I got some information about the system(even some passwords, but it couldn’t help).
I spent one day after my fail in exam to review what mistake that I may make during the exam preparation. I think I always relay on hints while getting low priv shell. May be just a word or a riddle, that could help me to focus on specific thing to get shell. But in the exam, I cannot even have a byte of hints.
Seems like I should improve my enumeration skill first.

Type your comment> @6uta said:

Just failed my first attempt with root only on BoF.

I don’t know what to say but Don’t give up. Note down all your mistakes and weak areas. Set a timetable to practice clearly for all the areas you felt need to improve. Just one thing, whatever happens, just don’t quit. You can do it in next attempt. :wink: Good luck brother.

Type your comment> @gunroot said:

Type your comment> @6uta said:

Just failed my first attempt with root only on BoF.

I don’t know what to say but Don’t give up.

Thank you.
I won’t give up but just felt upset to fail in this way.
Anyway, I could complete the BoF in one hour means I don’t need to worry about it to much. I can focus on redo every OSCP like machines all over again.