- This topic has 10 replies, 6 voices, and was last updated 9 years, 7 months ago by
caissyd.
-
AuthorPosts
-
-
August 6, 2011 at 2:22 am #6671
blackzero
ParticipantOk this may not be allowed to ask but I have been thinking and in case I am crossing lines please let me know.
In a normal scenario If I were to pwn a machine remotely, after proper recon and all, I would create a local testbed for my exploits and test it against the local system before I launch it against the remote victim, Now how does this works out in exam scenario?? Are we expected to quickly test it locally or do we keep trying till we get the shell?
Please forgive me for my ignorance, I am yet to register but I just want to be sure what I am getting into.
-
August 6, 2011 at 8:08 am #41459
Data_Raid
ParticipantIn the exam, you will have a number of machines that you need to exploit, you can get partial points for partial access, meaning a local shell but not root/Administrator access will get you partial points. Full access (root/Administrator) will give you full points. Each exam scenario might be different but what will really help you is lab time and practice. The more time you can spend on different machines with different exploits, the better your chances are for passing the exam.
To answer your question: since you have limited time, you aren’t expected to test possible exploits on a local system, that would mean having different flavours of OS running along with vulnerable web applications or vulnerable software installed locally which could be anything such as an FTP service, web browser, media player etc… Detailed reconnaissance will definitely help you, and good Google skills.
I highly recommend the course, the contents are explained clearly, the labs are great and if you spend as much time as you can in the labs and practice exploiting as many machines as possible, you should do fine in the exam.Good luck!
-
August 8, 2011 at 8:38 am #41460
j0rDy
ParticipantData_Raid covers it all, believe me, the 24 hours you get are not even close to the hours you will need to replicate and properly test/hack the systems in the exam. go for the kill straight ahead, no matter how dirty it is….good luck!
-
August 10, 2011 at 11:14 am #41461
blackzero
ParticipantThank guys. J0rDy, I read your walk-through, it was great read. You mentioned how there are things on exam which are not mentioned in courseware.. I would appreciate if you could provide some pointers about the books etc you had to refer.
-
August 10, 2011 at 12:26 pm #41462
BillV
ParticipantI thought the exam was a pretty good reflection of what was covered in the course – though you will have to dig a little deeper on your own to make sure you fully understand the topics presented, and how to use them.
-
August 10, 2011 at 12:49 pm #41463
TheXero
Participant@blackzero, the exam lab is very cleverly set up it does make you try harder.
The exam is hard but not too hard, I would say it’s just right.
How is your experience with exploit development blackzero? as you need to create an exploit to complete the exam, but remember Try Harder! 😛
-
August 11, 2011 at 4:17 am #41464
blackzero
Participant@TheXero, I have been working with exploit writing from couple of months now, I completed lupin’s articles (awesome series) and first few tuts of corelan. I can write basic stack overflow and SEH based exploits with ease. But Adv topics like ASLR/DEP evading etc are still way above my understanding.
I want to cover most of the basic readings etc before I get into OSCP lab.
Thanks!
-
August 11, 2011 at 7:49 am #41465
j0rDy
Participantthat will be more then enough to understand the buffer overflow part in the OSCP course. use the internet as your main resource and if you can’t seem to find particular information (for example in depth knowledge of nmap) focus on available books. Good luck and i think you will do just fine!
-
August 11, 2011 at 1:51 pm #41466
caissyd
ParticipantSEH, ASLR, and DEP are covered in the OSCE course. You don’t need to know anything about these three techniques in order to do OSCP exam (no secret here). In addition, you don’t need Assembly knowledge either to take the PWB course. Everything you need to know for the OSCP exam is in the PWB course material. These advance techniques you mentioned are for the OSCE exam.
-
August 11, 2011 at 2:46 pm #41467
TheXero
ParticipantH1t M0nk3y, be careful of the spoilers, you may want to edit your post accordingly.
-
August 11, 2011 at 5:10 pm #41468
-
-
AuthorPosts
- You must be logged in to reply to this topic.