EH-Net

Hey guys,

My labtime expires coming Tuesday. But I found out that the 16th is the last day I can schedule my exam, because the Offsec guys will be having vacation starting next week. So I decided to just schedule it and suffer once again. I could have waited another 2 weeks, but it will be right before I start my new job. Also, I don't like doing it during the weekends.

So I'll just give it my best shot tomorrow. I penetrated almost the entire student network and some hosts on the other subnets, so I think I'm ready. Unfortunately I lost the notes from about 15-20 machines I rooted during my lab extension. I was stupid enough to not read the exploit code, and it wiped almost all of my files from my virtual machine >_<

But that's ok, now for sure I'll never EVER skip reading exploit code. Yeah 91 bytes for a bind shell seems small :P And calling a function pointer that points to the shellcode also doesn't seem harmless :-[ Though, now I can laugh about it.

Anyway, tomorrow at 4pm my exam will start. I couldn't schedule it to be sooner, but oh well. I expect things to go a lot smoother/faster, but who knows. I'll try to keep you guys up to date during the exam, if time allows it.

Good Luck!

Good luck, zeroflaw!

Best of luck!

Thanks guys! Waiting for the e-mail now. Got my command shells with nmap, nikto and dirbuster ready :)

Did you complete your exam? How it went? good luck

Good Luck!!! Remember to keep some refreshments and music handy.

Good luck.

Let us know how it was..

Got one shell. Few passwords and some interesting things on other boxes. It's not going well I'm afraid. Though during my previous attempt it took about this long to root the first box. Doing my best at the moment..

Thought I'd give you guys an update. Even though things are going kinda bad now, I just did my most epic privilege escalation ever :D Rooted one box just now, I'm saving another easier one for later. Slowly getting some points..

5:43 AM now. I guess I won't be sleeping tonight  :-[

Hey, perhaps a little bit late, but good luck! any update on how it went? i'm guessing you are sleeping it off right now, hehe...

Still trying.. But it's all just dead ends so it seems. Guess I'll be failing this for the third time >_>

Don't give up till it's over.

Exam was way different, as expected. Though, I didn't expect it was much harder then the previous attempt. I only got 2 shells now, and some vulnerabilities that didn't turn into shells. I skipped one of the machines on purpose and saved it for last. Figured I was going to fail anyway if I didn't get some of the others first.

I'm afraid that as this point, I just don't have what it takes to become an OSCP. On several machines everything checked out, the right kernel version, installed services. It sucks because I thought I was much better prepared this time, bought the labtime after all. Rooted almost the whole student network and some boxes on the other networks.

On my previous attempt, I even hardly practised beforehand and did better. I guess at this point for me it really depends on the machines. I had a shell on a high point machine, but couldn't get a shell on a machine that had the lowest points. I didn't sleep again, but I took some breaks. I had enough energy, and could think straight most of the time.

Now I'll be having a go at this again in maybe a month or so. I'm not sure what to learn or to practice on, considering my labtime ends tomorrow. I've learned some cool tricks today, and I could say that's what counts, but I'm just not feeling that right now. I really thought I would pass this time. Better luck next time I hope. I'll get different machines and different chances.

I respect those who passed the exam in one attempt :P Or actually everyone that passed it lol. I'll just accept that I still have a lot to learn, and a lot of experience to gain.

You might want to focus on rooting all the way to the admin network. Just getting the student network might not be enough...

Hey ZF - sorry to hear about your bad luck. Are you still planning on retaking the exam? I've heard some say that you're better off doing it right away because of the likelihood that the exam is the same.

zeroflaw.. sorry to hear that, failing leads to success, you will get it sooner or later ;). I am planning to join OSCP sometime this year, even though i've seen scary reviews all around about the exam. (this is not one of them :p)

A few questions to who ever took this course, do they teach you python or C? I am trying to improve my programming skills in Assembly (also memory mapping) + C before entering the OSCP, that actually helped me understanding Buffer Overflow concepts, do you guys have to program or something during the exam?

Cheers!

I keep adding lab time, I do not know how will I remember all the info.....keep working, but let me tell you that this training open me a lot my ayes.

You're welcome to write code in any language, but for the course, they focus on python and shell scripting. If you prefer perl, ruby, or whatever else, that's fine too. You should know some shell scripting anyway as you'll be interacting with Linux machines, so being able to quickly script something is ideal.

No, they do not teach python, C, Ruby, Bash, or any other language. "Introduce" might be a better word. The key thing here is that you don't need to be fluent in any of the languages, just familiar enough so you can understand what's going on. However, like ZO said, it's predominantly python & bash. Realistically, if you can read/write python you can probably do enough ruby & perl with a little googling.

just curious do we need to write buffer overfow (shellcode) in exam to get root shell?

That's to find out during the exam. Ideally you should be familiar with all topics covered in the syllabus before attempting the exam.

Have you done the exam how did it go ? any tips for other that may be taking the exam soon??

As good pentester I always start any certification with some OSINT  ;) So I came across a post that said metasploit can not be used (or just once) and I agree with this limitation but does this also mean we can't use the scripts for exploit writing? I am talking specificly about pattern_create and patter_offset.

Before your exam starts you'll receive an exam guide which contains information about what's prohibited to use.

What the best way to prep for OSCP course and good luck with exam

I think the best way to prep is just to dive in and start. It's part of the experience to figure it all out as you go along.

Cool any advice for the exam apart from pray lol

In my review (http://awesec.com/reviews/certifications/oscp_review.php) I gave some general advice regarding the exam. It's also worth to read other reviews on the exam to pick up some more details and recommendations.

Cool thanks will have a look at it

Sorry to hear. Did you do the extra mile challenges during the course? Hard to remember but I think when I was going through, I was looking deeper than I needed to look. Taking a quick nap for a few hours was also helpful.

I'm taking the course now but I'm not trying to get exam hints. Does your question imply that the (somewhat uncovered) concepts in the extra mile(s) are needed for the exam? If so, why doesn't Offsec teach them as part of the core material?

The course materials are just the tip of the iceberg. The most difficult parts of the course are research, problem solving, and staying organized. The Extra Mile exercises and lab activities help you development these skills. It's not something they can simply teach by expanding on the written/video resources.

It's just like how you can't learn how to juggle by reading about it. If you're not even putting the time into doing the majority of the Extra Mile exercises and lab systems, you're not obtaining the skills to do well on the exam (or out in the real-world).

I'm going to preface this response by saying that it is in no way, shape, or form meant to come across as snarky or negative.

Maybe it's issue of interpretation. I take "extra" literally, i.e. beyond what is usual, expected, or necessary. In the past I've seen "extra mile" exercises to mean, "good skill/information to know but not necessary for the exam." So, if I'm weighing my time (class, work, family, a wife who has only seen the back of my head for the last 5 weeks), I might be tempted to skip the extra mile in favor of brushing up on ruby or catching up on some household chores, etc, etc. And if the extra miles are mean to impart research, problem solving, and organization skills,  critical to passing the exam, then why not simply move the extra mile exercises into the main body of the course?

I don't have a problem with extra practice, and I think it's been made very clear that we're supposed to hone our skills on the lab machines. My issue is with extra mile exercises that cover concepts that may or may not be on the exam but weren't covered in the lecture.

It would be good if the lab time was more flexible from what I understnad your labs time starts and you get the amount days you paid for. It would be better if you could have 30 days worth so that mean sometimes like sunday you can spean all day in labs and other when you have work and other commitments you could spend less but not loss lab time.

Certain sections in the course can be done offline. You have three months to schedule your exam after your lab time ends, so you could easily spend an extra three months working on those sections you feel weak in before you take the exam. Things like buffer overflows are good a good example of things you can practice offline. You can download vulnerable virtual machine images made to be broken into for practice during that time as well, there's plenty of material out there to practice on once your lab time ends.

@DragonGorge: without going back and looking through the manuals, I don't believe anything in the 'extra mile' challenges was _required_ to pass the exam. The exercises completed within the course itself, along with a little further understanding of what you're doing and hopefully some previous experience, is what's required. This is why many people don't recommend this course for a beginner. The extra mile challenges do help to give you some extra points for the exam though - so if you're struggling and are "on the ledge," they may just bump you over to a passing score.

Personally, I like the fact that they put these in there. They show you where to go to further expand your skills and provide you the direction - it's up to you to continue the research. This is a critical skill and something important for everyone in this field to understand. Working anywhere in security requires you to constantly keep up-to-date on just about everything.

I certainly understand where you're coming from though. It's very tough working in this field and balancing the rest of life along with it. I believe they state in the guide somewhere that the extra mile challenges are just that, extra.

@Jamie.R: Maybe they'll consider doing it that way with the lab time in the future (similar to eLS). I think that's a great way of going about it.

Yes me too billV makes more sense and better value for money for people who work or who have family.

Just to clarify on lab time, once they let you loose in the lab, your timer starts ticking 24/7 and stops only when your 30/60/90 days are up? No hitting "pause"? So its not "connected to the lab and working" time, its "you have this block of days allotted"

I am seriously considering this course and want to be sure I take it at the right time. My wife and kids like to see me occasionally too.

Yeah that's it. I'm planning on getting the 90 version and setting aside money for a 90 day extension. I would rather be way over prepared for the test than face 24 hours of misery :)

@jjwinter - That's correct. No hitting pause. Your lab time starts as soon as your admitted into the course. I would advise 90 days just to get the most of your time. The network has been expanded like never before and you get most of your experience by hacking away. You'll feel most prepared for the exam the more machines you break into. The extra miles are a good way to get more practice too!

I heard it was possible to ask just for the lab guide and video first and start your lab time off at later date can anyone confirm this?

I've never heard that, personally.  Sorry I can't help confirm for you...

Likewise. I'm pretty sure I asked for a delay when I originally purchased the course and was told that wasn't an option.

I think it was just wishful thinking.

There is no such thing as a pause. The OSCP is all about the labs.