OSCE vs OSCP

Viewing 17 reply threads
  • Author
    Posts
    • #6075
      caissyd
      Participant

      Hey,

      I am about to start Offensive-Security “Cracking the Perimeter (CTP)” course, which leads to the OSCE exam.

      Having done “Pentesting with Backtrack (PWB)”, I now the guys at Offensive-Security will once again provide me with a tough but excellent course.

      To get ready, I have spent the last 2 weeks getting back to Intel x86 Assembly programming. Call me crazy, but I actualy enjoy coding in assembly! I bought a 60 day lab package and my goal is, in order:

      1) Go through all videos and do all exercises.

      2) Start hacking machines in the lab and build my “toolbox”.

      3) After the lab time is over, spend a month or two in my own lab working on my weaknesses.

      4) Once I feel I master what is in the course content, buy another 30 days of lab and start getting ready for the exam.

      So for those who have done both courses, did you change your approach from PWB to CTP?

      I am very excited to start this course! I am ready to suffer once again!

    • #37972
      j0rDy
      Participant

      Ha, you masochist!  😉 I admire your will to learn!

      I think the greatest advantage you have right now is that you know how Offensive Security works. By now you know what approach they want to see when you attack a box and what technical techniques they like to see when you exploit it. And last but not least, you will know the suffering involved to reach the goal but that is something you like, apparently  😛

    • #37973
      caissyd
      Participant

      No pain, no gain!  ;D

      Seriously, I pay for my training and being a consultant, I don’t get paid when I sit in a classroom. So only training is good for me. In addition, as you know, Offensive Security provides excellent training materials. So to me, it is the best bang for my buck.

      And like you mentioned, I will approach this course completely differently than PWB. A lot more seriously and more I am way more humble.

      Last thing, I believe that if I aim low, I will get low results. But if I aim high, it either works or I would have learn a ton of things! Either way, I win!

      I took a good study break and finish my kitchen’s floor. Nothing better than manual work to relax from studying!  ;D

    • #37974
      TheXero
      Participant

      Good luck 🙂

      MaXe (InterN0T) recently passed his OSCE exam and I’m sure he’s more than willing to give you a few pointers to ease the pain if you ask 🙂

      I believe OSCE/CTP is mostly about finding 0days whereas OSCP/PWB is about writing basic exploits and Penetration testing in general

      So yeah you Try Harder! hehe

    • #37975
      mambru
      Participant

      Hey H1t M0nk3y,

      Glad to hear you will be pursuing OSCE.

      Right now I’m halfway with the CTP training, and I don’t think the approach from PWB fits here, since you don’t have a similar environment where you are free to attack and compromise whatever you want. Once you receive your material you’ll understand what I mean.

      Good luck!

    • #37976
      caissyd
      Participant

      I don’t think the approach from PWB fits here, since you don’t have a similar environment where you are free to attack and compromise whatever you want.

      So you don’t have a lab with many machines to compromize?!?

      Humm, I didn’t know that. There is something you are not allow to say?

      Now you got me thinking!!  😀

    • #37977
      apollo
      Participant

      The thing that will help you most in OSCE is to verify you really understand each lesson as it is presented.  For instance, you will be walked through an exercise, then you will have to complete it on your own.  You should try this:

      1) Do the exercise with the video
      2) At end of chapter, re-create the exercise referencing the manual
      3) Rinse and Repeat until you don’t need to reference the manual at all

      This takes more time, but the worst time to figure out that you didn’t really get what was going on is during the exam.  Also, don’t be afraid to reference other material.  When I didn’t get the explanation of something, I hit up google and on occasion found some complimentary stuff which helped. 

    • #37978
      cd1zz
      Participant

      H1t –

      I am 5 weeks into OSCE. It’s quite different than OSCP which I passed a few months ago. The lab is small and there are not 50 extra boxes to pop in this compared to OSCP. Extra practice is really on your own. I’ve been talking with other OSCEs and found out that a good way to practice is to hit exploit-db and try to recreate the exploits you see there. For example, take an exploit and write it in a different language from scratch or use a different method like an egghunter if that wasnt used in the original exploit. Also download DVWA and try to pwn it in your sleep.

      The course material and video modules for this are so gnarly. I love it. I honestly thought it would all be way over my head but if you put the time in, you’ll get it. It’s another tremendously well thought out and challenging course. I’ll be taking the challenge in about a month.

      -C

    • #37979
      caissyd
      Participant

      Thanks guys for your feedback!

      1) Do the exercise with the video
      2) At end of chapter, re-create the exercise referencing the manual
      3) Rinse and Repeat until you don’t need to reference the manual at all

      That’s what I learned the hard way for OSCP. Understanding what they do in the videos is quite easy compare to doing it yourself. I take good note of this.

      I’ve been talking with other OSCEs and found out that a good way to practice is to hit exploit-db and try to recreate the exploits you see there. For example, take an exploit and write it in a different language from scratch or use a different method like an egghunter if that wasnt used in the original exploit. Also download DVWA and try to pwn it in your sleep.

      That’s a good idea. I will keep this in mind.

      I have another question: How good should you be in Assembly? I am currently going through Vivek’s video (http://www.securitytube.net) and it is going quite well. It’s been 13 years since I used it in university and I was pretty rusty. My guess is I will know enough for OSCE after I am don with these videos. At the very least, I should be able to read 90% of any assembly code without reference. Am I going too far or not enough?

      Thanks for these great replies.

    • #37980
      cd1zz
      Participant

      You’ve already done more than I did before I started. I had basic assembly knowledge but I can assure you, if you listen and watch Mati intently in the videos, he drops little hints a long the way that give you an idea of what is “possible.” I feel 1000% times better in a debugger than I did when I started just by watching and re-watching the videos and then re-creating the modules.

    • #37981
      j0rDy
      Participant

      wow, all this sounds exciting! It almost makes me want to quit my “time off” and start with it right now! Anyway, i want to wish H1t M0nk3y good luck and i am sure it will be a blast to give it a try!

    • #37982
      caissyd
      Participant

      You guys can be sure I will post my comments!

    • #37983
      MaXe
      Participant

      @H1t M0nk3y wrote:

      1) Go through all videos and do all exercises.

      2) Start hacking machines in the lab and build my “toolbox”.

      3) After the lab time is over, spend a month or two in my own lab working on my weaknesses.

      Good luck! You will need it  ;D

      1) Watch the videos => Read the document. I used the same approach and it’s also what they recommend I think  🙂

      2) You don’t need a huge toolbox, besides pure hacking skills in your mind. Knowing Web Application Security and e.g. PHP is a good idea too though, along with Exploit Development of Buffer Overflows (etc), Fuzzing, Protocol Attacks, etc.

      3) Excellent idea, know your strengths and your weaknesses. That is one of the ways to succeed.

      The most important thing is that if you don’t understand something in one of the modules, take your time to research about it so you understand exactly what was covered during the course, and try to go beyond so you know more than what is covered during the course, when you’re attempting the examination.

      Feel free to message me on IRC, I’m usually idling there 24/7 but I’m of course also online on occasion  🙂

    • #37984
      caissyd
      Participant

      Thanks MaXe!

      I will be contacting you on OffSec IRC shortly!

      My last question is: Would you guys think it is ok to use backtrack 4 R2 for the course or should I use a custom version for the course?

      Other than that, I am done going through Vivek’s videos on Assembly. So I am where I wanted to be before my course starts.

    • #37985
      cd1zz
      Participant

      R2 is fine – that’s what I’m using.

    • #37986
      caissyd
      Participant

      Ok,

      I am almost down going through the videos. My goal was to have an idea of the course materials (what I call, the first pass).

      I notice that all exploit development is done against 32 bits Windows XP or Vista.

      So my question is: To get ready to the OSCE exam, do I need to learn:

      1) Exploit development on 64 bits Windows OS?

      2) Exploit development on Linux, Unix, *BSD?

      I am planning on practicing these two points pretty soon anyway, but since I am focusing on the exam, I am trying to scope my study right now…

      Thanks!

    • #37987
      MaXe
      Participant

      About the choice of distribution, you can pretty much use whatever you want. (I didn’t use BackTrack, but I had to install some tools completely on my own, but that was just fun for me none the less.)

      @H1t M0nk3y wrote:

      Ok,

      I am almost down going through the videos. My goal was to have an idea of the course materials (what I call, the first pass).

      I notice that all exploit development is done against 32 bits Windows XP or Vista.

      So my question is: To get ready to the OSCE exam, do I need to learn:

      1) Exploit development on 64 bits Windows OS?

      2) Exploit development on Linux, Unix, *BSD?

      I am planning on practicing these two points pretty soon anyway, but since I am focusing on the exam, I am trying to scope my study right now…

      Thanks!

      1) Unlikely.

      2) Unlikely, but knowing how exploits works on almost all types of systems is a good idea 🙂

    • #37988
      caissyd
      Participant

      Thanks MaXe!

      I also got this answer from the Offensive-Security folks:

      During exams we ask students to demonstrate their creativity only on subjects similar to the ones faced during the course. We cannot say what will be or won’t be asked during the exam but, for sure, very specific subjects like 64bit exploitation (not covered at all during the course) will not be part of the challenge.

      I will be posting more questions later, as I continue working on this course.

Viewing 17 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?