Sorry to hear that H1t M0nk3y, but did you read these?
The Penetration Testers Open Source Toolkit vol. 2
and NIST SP800-42 (it's outdated I know, but read it anyway. It will give you some good ideas you can use when you perform pentests.)

Also, about privilege escalation:
- On Windows, the Meterpreter shell has a lot of options including privilege escalation, is it not possible to use that only? (Code your own exploits, and use a meterpreter as a payload.)
 
- On Linux, did you search on Exploit-DB for privilege escalation exploits and checked what was running on the target machine as root with "ps faux"?

It's just a few ideas, to help you the next time you attempt OSCP because I actually believed you would pass 

For now I would say that you could (or should) play with similar challenges and prepare for your last and final retake (where you will certainly pass).


Nothing is impossible, it just takes time! 

Anyway, good luck with whatever you choose to do now. I'm sure you will pass OSCP the next time if you study hard for a long time and prepare yourself even more, remember, expect the unexpected. Especially during OffSec exam challenges ;-)



Best regards,
MaXe

Thanks a lot to all of you, it was a huge satisfaction to finally pass and become certified since it's one of my dreams to take all the best certifications and I believe Offensive Security is some of the very best courses + certifications  (Even though they're not easy, they're awesome imho.)

Dear community of The Ethical Hacker Network,



After many months of struggle I have finally been able to pass my OSCE examination and I am now Offensive Security Certified Expert. The course it self was hard but not impossible to learn, do and complete however the examination was not easy at all.

It isn't for fun you're certified as an "Expert" when you do the OSCE certification because it really is that hard in my opinion, but far from impossible as you can see since there are OSCE's in this world.

I don't think it would be appropriate by copy+pasting my process here through CTP (Cracking the Perimeter) and the OSCE examination, so here's the links to my 4 blog entries about the course and the final examination.

Links:
http://forum.intern0t.net/blogs/maxe/95-cracking-perimeter-part-1.html
http://forum.intern0t.net/blogs/maxe/101-cracking-perimeter-part-2.html
http://forum.intern0t.net/blogs/maxe/108-cracking-perimeter-part-3.html
http://forum.intern0t.net/blogs/maxe/111-cracking-perimeter-part-4.html

You can read about the certification here:
http://www.offensive-security.com/information-security-certifications/#OSCE



Best regards,
MaXe

Good luck! Even though he's already doing the exam as far as I know 

Excuse me for being cryptic, what I meant was a course meant for pros at Web App Sec

I know it sounds cryptic, but hehe nevermind  Forget what I said :-P

Looks like I have to do some serious work soon then  Something for people already knowing Web App Sec 

This was also posted in the "Information Security" group on LinkedIn.

As someone posted on LinkedIn, we'd like more information about who is hosting this event and preferably more details. 

Thanks, check out Hacking Lab too! They hot a challenge going on at the moment 
http://www.hacking-lab.com/events/swiss-cyber-storm-3-cargame-challenge.html

Nice, glad to hear you enjoy their courses 

However, I always validate the exploits I use and perform. Else you can't really confirm it exists nor that the target is vulnerable. There are of course some scenarios with IRL vulnerability assessments where you're not allowed to test exploits on critical infrastructure, but if you're allowed then it's a good idea to check if the target really is unpatched / insecure.

Neither 

If you're into really advanced penetration testing, Cracking the Perimeter by Offensive Security is the way to go. They got live and online courses.

If you want to write advanced exploits on Windows, then sign up for their AWE class.

It's most likely also a lot cheaper and you'll also, most likely gain a lot more knowledge.

Awesome, good luck to anyone participating and of course the winner when that time comes 

Thanks, did you do OSCE yet?  (I know this topic is about OSCP, but I am doing OSCE currently.) 

Anyway I'll make a thread if I am successful 

Check out these books from Syngress too:
- The Metasploit Toolkit (may seem a bit outdated)
- The Penetration Testers Open Source Toolkit vol. 2 (highly recommendable)

Also if you don't know a scripting language, learn Python or Perl, or perhaps Ruby and then a Web Application language like PHP as well. That will help you a lot 

The most important thing you need to do, is to find out why you possibly failed if you did, and then know what you need to improve on accurately and then take your time to learn this area a lot more, even if you already know it.

Anyway, good luck :-)

Welcome TeknoGod,


If you're in for a bit more detailed and technical content, check out http://InterN0T.net too which has some nice videos too you might want to check out. Stay away from the script kiddie communities and hopefully stay ethical too   (Exploit-DB has a nice blog section with some very nice entries as well imho)



Best regards,
MaXe

Awesome!  You'll like it, after all it's free and realistic