- This topic has 82 replies, 19 voices, and was last updated 8 years, 6 months ago by
azmatt.
-
AuthorPosts
-
-
August 6, 2012 at 10:38 am #7752
YuckTheFankees
ParticipantAfter hearing and reading so many positive reviews over the past year, I decided to take the plunge. I received my materials late Saturday (08/04) evening, which was technically 08/05 00:00 GMT. So far I have about 8 hours invested into the course and I have enjoyed everything so far. At first, I started reading the modules in order (lab pdf) but then I decided to briefly fly through the entire lab pdf, just to see exactly what I will be learning. Sooo..I’ve been reading/slighty skimming through the lab for about 4-6 hours and I’m only on module 8, so that should give people an indication to how much material is packed into the lab pdf.
Just like so many people have mentioned, I can get through the first five modules pretty easy (learning backtrack, learning some BASH/python, port scanning, enumeration, etc..)but from module six and on, I know I will have to do A LOT of outside research…which I’m completely fine with. I’m not going to lie, going through the buffer overflow section for the first time was like reading Japanese.
The further I get into the Lab pdf, the more I feel a little overwhelmed. I kind of wish OffSec would give you the choice of going through the PDF and Video’s for a week or two, then starting the lab time. The material is totally worth it but I can’t help but think I’m losing money by reading, researching, and watching video’s..rather than messing with the lab.
My personal goal is to get everything done within 60 lab days and take the test some time after that.
Well I better get back to the pdf. Any comments are welcomed.
-
August 6, 2012 at 11:54 am #48424
RoleReversal
ParticipantGood luck with the course.
From my own experience, try not to get too worried about the buffer overflow section. If it only seems like Japanese you’re probably doing alright :). After a couple of run throughs and the hands-on examples everything starts making sense.
When I did the final challenge (and (hopefully) without giving too much away from my own challanges) I finished one section, sat back in the chair with a grin on my face, and the question of ‘did I really just do that’ going through my mind.
The material is tough, but you should get there in the end. Although I do agree with you re: offsetting courseware/lab time, I took an extension to get more time in the labs (partly for extra practice, and partly just because the labs are FUN).
-
August 6, 2012 at 2:31 pm #48425
DragonGorge
Participant@YuckTheFankees wrote:
I kind of wish OffSec would give you the choice of going through the PDF and Video’s for a week or two, then starting the lab time. The material is totally worth it but I can’t help but think I’m losing money by reading, researching, and watching video’s..rather than messing with the lab.
I completely agree. I think the key here is your loss = their gain as a lot of people seem to end up buying extensions.
One thing I’d caution you on is to use BOTH the pdf & video – I got hung up in a big way on the buffer overflow section because the pdf skipped over a key component. The video on the other hand covered it correctly.
-
August 6, 2012 at 3:14 pm #48426
Jamie.R
ParticipantCool good luck I hope to be doing this course soon too just trying free up extra money…
-
August 6, 2012 at 9:03 pm #48427
YuckTheFankees
ParticipantWhat other resources did you use to learn buffer overflows?
I have about 5 links but any other suggestions would be nice.
-
August 6, 2012 at 9:44 pm #48428
dynamik
Participant@YuckTheFankees wrote:
What other resources did you use to learn buffer overflows?
I have about 5 links but any other suggestions would be nice.
Exploit Writing Tutorials: https://www.corelan.be/index.php/articles/
Buffer Overflow Megaprimer: http://www.securitytube.net/groups?operation=view&groupId=4
Smashing the Stack in 2010: http://pentest.cryptocity.net/files/exploitation/stsi2010.pdf
Reviewing exploits on ExploitDB. I believe cd1zz recommended FreeFloat FTP as a good service to play around with.
-
August 6, 2012 at 10:13 pm #48429
shadowzero
ParticipantThis is also a pretty handy resource, using vulnserver: http://www.backtrack-linux.org/forums/showthread.php?t=203
-
August 6, 2012 at 10:34 pm #48430
YuckTheFankees
Participantthanks for the link
-
August 6, 2012 at 11:05 pm #48431
dynamik
Participant@shadowzero wrote:
This is also a pretty handy resource, using vulnserver: http://www.backtrack-linux.org/forums/showthread.php?t=203
Yes, great link. I hadn’t seen that one before.
Also, I just remember that the Metasploit blog recently started providing these types of tutorials as well: https://community.rapid7.com/community/metasploit/blog/2012/07/05/part-1-metasploit-module-development–the-series
-
August 7, 2012 at 1:45 am #48432
Darktaurus
Participant@shadowzero wrote:
This is also a pretty handy resource, using vulnserver: http://www.backtrack-linux.org/forums/showthread.php?t=203
+1 Definitely agree. Do not stress the course however. It is easy to feel too much pressure and stress. It will be a fun, painful ride either way. Have fun.
-
August 7, 2012 at 2:39 am #48433
cd1zz
ParticipantAgree with Agoonie. Just take it one lesson at a time and try not to stress about the stuff that sounds difficult. You can always circle back and deal with that after you’ve got some momentum.
-
August 7, 2012 at 8:25 am #48434
Jamie.R
ParticipantCool some really good advice from the more expierence guys who done the course good luck ….
-
August 10, 2012 at 8:04 am #48435
dbest
ParticipantMy advice for learning the buffer overflow is to load the vulnerable software on your own lab machine and practice it there. That’s what I did to successfully complete the exercise. 🙂
-
August 10, 2012 at 10:03 am #48436
Jamie.R
ParticipantCool bit fo advice any other advice from people who have passed ?
-
August 10, 2012 at 2:39 pm #48437
satish.lx
ParticipantI don’t know why every bufferover flow document talking about 32bit OS exploit (EIP, ESP etc..)
I didn’t find any single document about 64bit OS exploit (RIP, RSP etc..) Because it has totally different register set..
-
August 11, 2012 at 5:10 am #48438
dbest
Participant@satish.lx wrote:
I don’t know why every bufferover flow document talking about 32bit OS exploit (EIP, ESP etc..)
I didn’t find any single document about 64bit OS exploit (RIP, RSP etc..) Because it has totally different register set..
Slightly off-topic, but I suppose this may help:
http://turkeyland.net/projects/overflow/index.php -
August 11, 2012 at 6:04 am #48439
YuckTheFankees
Participantthank you for the link!
-
August 11, 2012 at 12:55 pm #48440
sh4d0wmanPP
ParticipantRight now I have not signed up and am studying many different attacks and the theory behind it. However I feel overwhelmed as well since there is so much to cover.
Besides reading many of the papers mentioned here I practise as well on smashthestack.org (mainly IO). There are many different challenges that expose you to the various types of vulnerabilities, helps you to identify them and gives you an understanding how to exploit them in a timely manner. Of course I document everything and write my own little scripts or code where I need it. You never know when you need it again.
I struggle a bit with GDB as I am used to Immunity, Olly or IDA. Yeah yeah, I am a Windows guy hehe.
There is cheatsheet worth printing:
darkdust.net/files/GDB%20Cheat%20Sheet.pdfAnd of course an Intel Assembler 80×86 one:
http://www.jegerlehner.ch/intel/Anyway it is a good prep for the OSCP cert I think. Will be signing up after OSWP. Good luck everybody 🙂
-
August 19, 2012 at 12:10 pm #48441
YuckTheFankees
ParticipantUpdate: Today will be my 16th day with the course and so far the course has met my expectations. I have currently put 42 hours into the course and I am happy to say I have gained root on 5 boxes so far . Every time I gain root on a system, my confidence in the lab goes up ten fold. Given, they might not of been the hardest systems in the vulnerable network but never-the-less, I have learned SO MUCH in the last 2 weeks.
At this point in time, I am thinking about taking the OSCP exam somewhere near the end of September/beginning of October.
-
August 19, 2012 at 1:16 pm #48442
shadowzero
Participant@YuckTheFankees wrote:
Update: Today will be my 16th day with the course and so far the course has met my expectations. I have currently put 42 hours into the course and I am happy to say I have gained root on 5 boxes so far . Every time I gain root on a system, my confidence in the lab goes up ten fold. Given, they might not of been the hardest systems in the vulnerable network but never-the-less, I have learned SO MUCH in the last 2 weeks.
At this point in time, I am thinking about taking the OSCP exam somewhere near the end of September/beginning of October.
Make sure you leave time to write the report before taking the exam.
-
August 19, 2012 at 1:34 pm #48443
YuckTheFankees
ParticipantThanks for the advice, the report has already been on my mind. I’ve read from multiple reviews that the final report is hundreds of pages…
-
August 19, 2012 at 1:41 pm #48444
Jamie.R
ParticipantJust a question is the lab you practice in the same as the exam or are you given another lab ?
-
August 19, 2012 at 1:51 pm #48445
YuckTheFankees
ParticipantThe exam is not given in the same lab you practice in.
-
August 19, 2012 at 2:55 pm #48446
sh4d0wmanPP
ParticipantDo I understand correctly that you have to create 2 reports? One for the student network that you exploit and one for the actual exam?
If so, does not owning all boxes on the student network have an impact on your final grade?
I wish you can clarify this for me.
-
August 19, 2012 at 3:07 pm #48447
Jamie.R
Participantgreat question i would like to know the answer too that too
-
August 19, 2012 at 3:11 pm #48448
YuckTheFankees
ParticipantI haven’t looked to far into the final reports but I would think they would be 2 separate reports. I don’t think they would want your lab info mixed in with your final report? But I do not know for sure.
The number of systems you own during the lab will have not hinder your OSCP grade.
I have heard of some people only owning 8 systems and taking the test, but I have also heard about people owning 30-50 systems. -
August 19, 2012 at 3:22 pm #48449
UNIX
Participant@Jamie.R wrote:
Just a question is the lab you practice in the same as the exam or are you given another lab ?
The lab environment for practicing and the exam environment are two different ones. Also, it’s not a must to document how you owned machines in the practice lab, but recommended. If you are on the edge between pass and fail of the examination, you might have better chances to pass with a report that also contains your efforts in the practice lab environment.
-
August 19, 2012 at 3:38 pm #48450
hayabusa
ParticipantAs for the report, I combined mine (but had separate sections.) My lab notes were an appendix to the exam report.
I don’t know what was considered ‘proper’, but that was how I did it.
-
August 19, 2012 at 6:28 pm #48451
cd1zz
ParticipantMy report was combined as well. It was only 78 pages…. not hundreds… 🙂
-
August 19, 2012 at 6:31 pm #48452
YuckTheFankees
ParticipantThanks for the info guys. My bad, I read one review where the guy said his report was 350ish pages, that’s crazy to me…
-
August 19, 2012 at 6:58 pm #48453
UNIX
ParticipantThere is no standard on how long the report must be. It should contain all necessary information though. 😉
-
August 19, 2012 at 8:34 pm #48454
m0wgli
ParticipantWhen writing anything try to focus on quality over quantity.
-
August 19, 2012 at 8:48 pm #48455
dynamik
Participant@cd1zz wrote:
My report was combined as well. It was only 78 pages…. not hundreds… 🙂
Wow, that’s hilarious. My exam section was ~90 pages, and combined, the entire report was just shy of 500.
@YuckTheFankees wrote:
Thanks for the info guys. My bad, I read one review where the guy said his report was 350ish pages, that’s crazy to me…
You need to remember that you’re not actually writing text for all those pages. Most of my pages only had a screenshot and a sentence or two explaining what was going on.
As I was going along, I’d just alt+printscreen whatever window I was in, add a note in Word, paste the screenshot below, add a page break for a nice transition, and repeat.
With dozens of lab systems, it’s easy to obtain a high page count with minimal effort. Think where you’ll end up with only five screenshots per day at 30, 60, and 90 days. My approach was to include a step-by-step walk-through for each system, so anyone could repeat the compromise. cd1zz was apparently much more concise ;D What’s important is that you adequately communicate your findings.
-
August 19, 2012 at 10:20 pm #48456
hayabusa
ParticipantMine wasn’t 350, either, but it WAS in the 130-150 range, if I recall correctly. Wasn’t as detailed on the lab section for MOST targets / exercises, but I did have a LOT for the data gathering section…
-
August 20, 2012 at 12:50 am #48457
cd1zz
ParticipantHOLY COW! Yeah I didn’t show every single step, except for the section that had the Exam Challenge.
The rest of the lab report was basically the vuln, and proof of exploitation.
-
August 20, 2012 at 8:30 am #48458
Jamie.R
Participantwow sounds like the reprots are pretty hardcore I was not expecting it to be that long but now thinking about it I could see why it would be.
-
August 20, 2012 at 4:14 pm #48459
Darktaurus
ParticipantMy report was 205 and the exam was about 30ish. It was a long process since I wanted to the report to be perfect but the screenshots were a pain. It would always throw off everything else in the report as far as formatting.
TIP: Work on your report while you are doing the course. At least the last two weeks of the course. It helped me out a lot.
-
August 20, 2012 at 4:37 pm #48460
Jamie.R
Participantok sorry is this is really dump question but you say work on your report how can this be done ?
From my understnading you get lab time what is another network to your exam ? Do you not get an exam network where you need to write a reprot for that ?
-
August 20, 2012 at 4:50 pm #48461
UNIX
ParticipantIt’s recommended to write the report while you progress through the course rather than at the very end of your course time. This way you have things right in memory and won’t need to spend your last time with just report writing, which might take quite a while if you are just starting with it. If you document your findings too sloppy in your temporary format, it might also be difficult to document it properly in your final report (especially if your lab time is over and you can’t go back to verify).
-
August 20, 2012 at 4:56 pm #48462
Darktaurus
ParticipantFrom what I remember, they give you a template to the report for the Lab PenTest. I am talking about the LAB portion. You should take notes while you are working on the lab. Add your notes/results to the report ( for screenshots). You can work on some of the notes after the course is over but it seemed better to me to do it while you still have access to the lab. The exam is whole other animal. But you will see once you take it. 🙂
-
August 21, 2012 at 5:18 am #48463
S3curityM0nkey
Participant@Jamie.R wrote:
ok sorry is this is really dump question but you say work on your report how can this be done ?
I see what you are saying. I think what the other guys are saying is that you include your normal Lab work in with the pen test report at the end? So work on the format of the lab work report as you go so you don’t have a heap of formatting to do right at the end…. is that correct???
-
August 21, 2012 at 6:58 am #48464
YuckTheFankees
Participantjamier,
What they are trying to say is, it’s a good idea to review the report template provided by Off-Sec before starting your attacks..so you can start writing your report as you go. Example: once you attack and gain root on your first host, you can put screen shots and all other useful information in the report at that time, so you do not have to at a later time. From the people who have taken the course, they mostly agree to create your report while you go through the lab instead of waiting to do it all at the end of your lab time.
-
August 21, 2012 at 8:08 am #48465
Jamie.R
ParticipantYah I am with you now I gussed that is what was being implied but just want to make sure.
Does the lab change that much the exam one ?
-
August 21, 2012 at 9:42 am #48466
YuckTheFankees
ParticipantI don’t believe the individuals who have taken the exam are able to answer that question. From what I have been told, if you can root the majority of the systems in the lab..you should do fine.
-
August 21, 2012 at 12:48 pm #48467
hayabusa
Participant@Jamie.R – as a former Offsec student, you should understand that we can only give you so much info on that. I’d agree with the post, above – if someone is doing well in the lab, and understands not only the specific exercises and steps to pwn those targets, but the fundamentals of what they’re seeing and doing, they SHOULD do well on the exam. If a person finds themself really struggling in the lab, then perhaps they should spend more time studying, before attempting the exam.
That’s all I’ll really give you, on that one, except to say, ‘try harder’ Put it this way, I’m currently studying for a second attempt on my OSCE exam. I thought I was ready, the first time, and, looking back, I was ‘ALMOST’ there. But I realized, after attempt #1, what I needed work on. So it’s not always an exact science, of knowing the labs to ace the exam. Labs are preparatory, but not necessarily all-inclusive. Offsec is preparing you for the real world of pentesting. Hope you are enjoying the challenge!
-
August 23, 2012 at 8:34 am #48468
sh4d0wmanPP
Participant@hayabusa would you mind telling some about the OSCE track? As I understand it this track is mostly about advanced exploit development techniques but that is all I can find.
-
August 23, 2012 at 8:43 am #48469
YuckTheFankees
ParticipantWhat questions do you have?
Have you passed the OSCP?
-
August 23, 2012 at 11:23 am #48470
dynamik
ParticipantThere’s also the Syllabus: http://www.offensive-security.com/documentation/cracking-the-perimiter-syllabus.pdf
-
August 23, 2012 at 12:32 pm #48471
hayabusa
ParticipantEasier to explain something, or discuss, if there are some ‘more specific’ questions… (sorry, but you need to give me something to work with)
-
August 23, 2012 at 12:37 pm #48472
hayabusa
ParticipantI’ll start with a couple of generalities:
CTP / OSCE teaches more about combining attack vectors in creative ways, to reach the end goal.
They do discuss 0-day bug hunting / exploit development, and also touch on some more web exploitation techniques, in ways one might not have thought to use them.
-
August 23, 2012 at 1:33 pm #48473
sh4d0wmanPP
ParticipantRead that file already yes. I was just curious what you thought of the course, does it complement OSCP well? Did you find OSCE more difficult?
Here a few other questions I came up with after thinking a bit more:
Web Application:
– how deep does it go? Since they are in the process of developing a stand alone track as well. Will I learn anything new if I master the techniques of the “Web Application Hacker Handbook”?0Day / Advanced Exploitation:
– Windows only?
– Does it touch on 64-bit?
– If I am correct, OSCP goes just in the basics of buffer overflow exploitation. Does OSCE handle things like SafeSEH/DEP/ALSR bypass, heapspraying? A yes or no is enough, no details needed if sharing is forbidden by Offensive Security. -
August 23, 2012 at 1:44 pm #48474
m0wgli
Participant@sh4d0wmanPP wrote:
@hayabusa would you mind telling some about the OSCE track? As I understand it this track is mostly about advanced exploit development techniques but that is all I can find.
There is also a review on here for it:
-
August 23, 2012 at 3:16 pm #48475
-
August 23, 2012 at 3:25 pm #48476
sh4d0wmanPP
ParticipantThanks, I did throw OSCE in the search here but did not get this article. This answers most of my questions. Already played the reg challenge but first have to complete OSCP hehe.
-
August 24, 2012 at 8:50 pm #48477
cd1zz
ParticipantHere is my review, from last May.
http://www.networkadminsecrets.com/2011/05/offensive-security-certified-expert.html
-
August 25, 2012 at 1:19 am #48478
dynamik
Participant@cd1zz wrote:
Here is my review, from last May.
http://www.networkadminsecrets.com/2011/05/offensive-security-certified-expert.html
Nice write-up. I’m curious what percentage of people pass on the first attempt. It seems like nearly everyone I know semi-personally that has one has come up short the first time around (which really adds to the intimidation factor, especially considering how much outside prep you did beforehand).
-
August 25, 2012 at 1:32 am #48479
cd1zz
ParticipantIt’s got to be a low number. I have yet to talk to anyone who passed on their first try.
-
August 25, 2012 at 5:05 am #48480
S3curityM0nkey
ParticipantThe fact that it has such a low pass rate makes it all the move valuable I think. It means that you can’t just read a couple of brain dumps and pass the exam.
-
August 27, 2012 at 2:04 am #48481
sternone
ParticipantI’m reading extra 6 books right now and are taking it more slowly to grasp the information more deeply than presented before taking the OSCP test.
I’m also going to extend my lab time huge 🙂
I’m figuring it’s the only way. Script kidding isn’t going to work in that test imho.
-
August 27, 2012 at 10:48 am #48482
Jamie.R
ParticipantOffensive course always seem to get great reviews I guess that why so many people want to jump in and do them.
The course also seem really well know all over the land what makes it appearing on your CV pretty good for job applications.
This is course that I really plan on doing sooner rather than later just hope I pass as it seems like a right challenge.
-
August 27, 2012 at 5:03 pm #48483
DragonGorge
Participant@Jamie.R wrote:
Offensive course always seem to get great reviews I guess that why so many people want to jump in and do them.
At the risk of being branded for heresy, I have to say this…I don’t understand the overwhelmingly positive reviews of the OSCP. IMHO, the OSCP training is far from perfect – there is plenty of room for improvement.
I’ve finished the core modules of the OSCP and am working through the labs at the moment. I would have to say that, instructionally speaking, the quality level could best be described as uneven. There are some excellent modules (BoFs to name one) but there are also some modules that fall short.
-
August 27, 2012 at 6:41 pm #48484
shadowzero
Participant@DragonGorge wrote:
@Jamie.R wrote:
Offensive course always seem to get great reviews I guess that why so many people want to jump in and do them.
At the risk of being branded for heresy, I have to say this…I don’t understand the overwhelmingly positive reviews of the OSCP. IMHO, the OSCP training is far from perfect – there is plenty of room for improvement.
I’ve finished the core modules of the OSCP and am working through the labs at the moment. I would have to say that, instructionally speaking, the quality level could best be described as uneven. There are some excellent modules (BoFs to name one) but there are also some modules that fall short.
Elaborate further please. A negative critique can be just as valuable as positive ones.
-
August 27, 2012 at 6:49 pm #48485
cd1zz
ParticipantI’m sure it depends on your frame of reference. If you’re an experienced pen tester when you go through OSCP, you’ll likely notice issues that others with less experience will not notice.
-
August 27, 2012 at 9:58 pm #48486
DragonGorge
Participant@shadowzero wrote:
Elaborate further please. A negative critique can be just as valuable as positive ones.
The manual is far and away my biggest complaint. There are errors in it which detract from the overall polish of the course. Not anywhere near as bad as CEH’s but still. Some of the errors were small, like *this* code not matching *that* output. But there were some that were enough to throw me off for an hour or so. I could see how it would be difficult to regularly update the videos, but a PDF? Also, I don’t expect them to have the latest BT R# syntax/path/etc in the manual, that’d be ridiculous, but couldn’t there at least be some form of errata? My suggestion would be to create a web page where students could submit errata which the offsec folks could then confirm. OSCP students are the best people to review the material.
And while the videos are great, I’m disappointed that they serve to supplement the manual rather than complement it. If I’m trying to look something up, a printed manual is much easier than scanning through multiple video segments.
Instructionally, some modules were great, others, not so much. The BoF module was excellent. Muts stepped through each item in the process methodically. That was followed by an exercise where you could practice this on your XP Client. Conversely, the port forwarding module – critical to the back labs – amounted to “here’s some cool things…try out whatever you can on whatever lab machine you think it might work on.”
I’ve learned enough in this class to make my head explode but I can’t understand why I see not even a slightly negative review. Maybe it’s just me having a low tolerance for errors in manuals. I don’t want to come across as completely knocking this class. I’m not. But like I said, there is room for improvement.
-
August 27, 2012 at 11:10 pm #48487
jjwinter
ParticipantThanks for sharing, I am considering the PWB course and its good to hear many views. Oh, and you are sooo branded. 😉
-
August 27, 2012 at 11:55 pm #48488
sternone
Participant@DragonGorge wrote:
@shadowzero wrote:
Elaborate further please. A negative critique can be just as valuable as positive ones.
I’ve learned enough in this class to make my head explode but I can’t understand why I see not even a slightly negative review. Maybe it’s just me having a low tolerance for errors in manuals. I don’t want to come across as completely knocking this class. I’m not. But like I said, there is room for improvement.
Hey hey hey !! You need to read my post more 9 days ago in my OSCP journey thread when I lost a complete DAY figuring stuff out, that made me really pissed :-)))
🙂
Thing is, I noticed that with OSCP you need to add at least 6 books that you should read before or wile doing this course.
I think we must not forget that OSCP is all about the labs, not so much about the pdf and the videos…
-
August 28, 2012 at 12:24 am #48489
S3curityM0nkey
Participant@sternone wrote:
Thing is, I noticed that with OSCP you need to add at least 6 books that you should read before or wile doing this course.
What are the 6 books you are reading?
-
August 28, 2012 at 1:26 am #48490
cd1zz
Participant@DragonGorge I can certainly understand your frustration. The reality is though, that in a pen test, lots of things don’t work perfectly. An exploit you find might be broken, a PoC might display the wrong output, this stuff happens all the time.
Now, whether or not this was done on purpose by Offsec is up for debate. I think it makes you learn to be very resourceful. This is a key skill to develop because a lot of the time during a pen test you’re going to have figure out of new stuff you’ve never seen before….just like in the OSCP labs. Compare it to boot camp, if they made it all very easy, you’d never be ready for the real deal.
I also think the reason you don’t find many negative reviews is that most people review the course when they are done and have passed the exam challenge. Usually they’re riding a big time high and they’ve already forgot about all the minutia that drove them crazy during the journey. Hang in there, I’m sure you’ll be one of these people writing a glowing review 🙂
-
August 28, 2012 at 7:45 am #48491
Jamie.R
ParticipantThis has some really good feedback and some great points.
@cd1zz Putting errors in the mateial to make you think that would not surprise me if they done that. And cant agree with you more things dont alway work and you have to deal with that.
I would also like to know the 6 books you think people should read before hand??
-
August 28, 2012 at 1:08 pm #48492
sternone
ParticipantIt’s in my thread about the OSCP
JMP http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,9115.0/
🙂
-
August 28, 2012 at 3:15 pm #48493
azmatt
ParticipantTelling people “you need to figure this out on your own” is 100% cool.
Giving incorrect information causing some people to lose an entire day is far from cool. Even a very vague errata would be a nice place to check for future students.
-
August 28, 2012 at 4:19 pm #48494
dynamik
ParticipantThey also run an IRC channel, and there’s almost always someone that’ll respond to legitimate questions / concerns. If you come across an error that you can’t correct easily, just go ask a question. There’s no need to waste an extended amount of time struggling with it. I don’t think erroneous materials are intended to be part of the experience.
-
August 29, 2012 at 6:25 pm #48495
YuckTheFankees
ParticipantUpdate: I have taken a 3-5 day break from the course because I’ve been researching so much but not making any strides in the lab. It’s a little disheartening but I know it’s part of the course.
I have currently compromised 6 systems but I have used Metasploit for each one. Over the past week, I have been doing outside research on: buffer overflows, sql injections, what to look for once I’m in the computer, and learning the network topology. There is so much too learn, it’s a little overwhelming but still a lot of fun..I’m learning so much everyday.
My goal for the next week is to root my 1st system without using metasploit, that will definitely be a good day ;D.
After get a taste of the OSCP, I can’t wait to finish this course and move onto the OSCE. A man can dream, can’t he :D.
-
August 29, 2012 at 6:28 pm #48496
Jamie.R
ParticipantI am sure if you TRY HARDER you will get there 😛
-
August 29, 2012 at 7:51 pm #48497
satish.lx
Participantis it possible to root all box in OSCP Lab without metasploit? or there are some limitation of manually exploit?
-
August 29, 2012 at 9:49 pm #48498
DragonGorge
Participant@cd1zz wrote:
I also think the reason you don’t find many negative reviews is that most people review the course when they are done and have passed the exam challenge. Usually they’re riding a big time high and they’ve already forgot about all the minutia that drove them crazy during the journey.
“Many”? I have yet to find one! 🙂
But I totally agree with the idea that the overwhelmingly positive reviews are attributable to the exam “high”. That is why I started a journal similar to sternone’s. I want to remember these issues if/when I write a review because they need to be stated. Hopefully Offsec will take steps to improve the quality of their manual.
Anyway, thanks for the words of encouragement. Regardless if I pass or not, I have learned a ton through the course (and on my own).
@azmatt wrote:
Giving incorrect information causing some people to lose an entire day is far from cool. Even a very vague errata would be a nice place to check for future students.
Most are quality control issues:
You can control the Apache server by using either the apachectl2 start / stop
It’s actually “apache2ctl”And here’s a code example:
print “Fuzzing ” + command + ” with length:” +str(len(string))
And on the next page, its output:
Fuzzing MKD:1
Fuzzing MKD:20
Doesn’t take a programming guru to see one doesn’t match the other. Again, very benign examples which hardly caused a hiccup. -
August 29, 2012 at 10:00 pm #48499
sternone
ParticipantMetasploit IS the limitation
-
August 30, 2012 at 6:06 am #48500
UNIX
Participant@satish.lx wrote:
is it possible to root all box in OSCP Lab without metasploit?
Yes. Metasploit does nothing you can’t do on your own.
-
August 30, 2012 at 8:43 am #48501
Jamie.R
ParticipantDragonGorge its good idea keeping diary i look forward to your write up
-
August 30, 2012 at 2:57 pm #48502
DragonGorge
Participant@Jamie.R wrote:
DragonGorge its good idea keeping diary i look forward to your write up
Well, I’ll have to spend some serious time sanitizing it first. Right now it’s about 50% profanity. ;D
-
August 30, 2012 at 5:43 pm #48503
Anonymous
Participant@YuckTheFankees wrote:
After hearing and reading so many positive reviews over the past year, I decided to take the plunge. I received my materials late Saturday (08/04) evening, which was technically 08/05 00:00 GMT. So far I have about 8 hours invested into the course and I have enjoyed everything so far. At first, I started reading the modules in order (lab pdf) but then I decided to briefly fly through the entire lab pdf, just to see exactly what I will be learning. Sooo..I’ve been reading/slighty skimming through the lab for about 4-6 hours and I’m only on module 8, so that should give people an indication to how much material is packed into the lab pdf.
Just like so many people have mentioned, I can get through the first five modules pretty easy (learning backtrack, learning some BASH/python, port scanning, enumeration, etc..)but from module six and on, I know I will have to do A LOT of outside research…which I’m completely fine with. I’m not going to lie, going through the buffer overflow section for the first time was like reading Japanese.
The further I get into the Lab pdf, the more I feel a little overwhelmed. I kind of wish OffSec would give you the choice of going through the PDF and Video’s for a week or two, then starting the lab time. The material is totally worth it but I can’t help but think I’m losing money by reading, researching, and watching video’s..rather than messing with the lab.
My personal goal is to get everything done within 60 lab days and take the test some time after that.
Well I better get back to the pdf. Any comments are welcomed.
Good luck! Looks like we started at the same time. I haven’t read through this entire thread, but how is day 25 treating you?
-
August 31, 2012 at 8:18 am #48504
Jamie.R
ParticipantCool well post it once you had sorted it out as I think it not only be good for future students but also people who run the course. When you run a course its good to get negative feedback as it helps make the course better.
-
August 31, 2012 at 4:07 pm #48505
azmatt
Participant@DragonGorge wrote:
@Jamie.R wrote:
DragonGorge its good idea keeping diary i look forward to your write up
Well, I’ll have to spend some serious time sanitizing it first. Right now it’s about 50% profanity. ;D
Can you please save a profane version for me 🙂
Seriously though, all of your feedback has me very excited to take this course. There are a few things that I want to get out of the way first to make sure I’m prepared for the course but it’s at the top of my 2013 list.
-
-
AuthorPosts
- You must be logged in to reply to this topic.