.

Failed my first attempt at the OSCP exam

<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Tue Apr 23, 2013 5:25 pm

Re: Failed my first attempt at the OSCP exam

Up to 31 rooted servers as of yesterday afternoon. I started a social engineering project yesterday afternoon, so I won't have as much study time, but I will make due.
CISSP, IAM, working on OSCP
<<

azmatt

User avatar

Full Member
Full Member

Posts: 103

Joined: Sun Jul 29, 2012 2:11 pm

Post Tue Apr 23, 2013 8:38 pm

Re: Failed my first attempt at the OSCP exam

Great job man, you're knocking them down by the half dozen.

Any new revelations or skills this past week?
GCFA, GCIH, GCIA, GWAPT, CISSP, CEH, GSEC
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Tue Apr 23, 2013 10:17 pm

Re: Failed my first attempt at the OSCP exam

azmatt wrote:Great job man, you're knocking them down by the half dozen.

Any new revelations or skills this past week?


Thanks, azmatt! My RFI skills have improved a lot since the exam. I am starting to think like a hacker, for a lack of better terms. I was making some big mistakes on my last exam attempt and prior to that. One example was not scanning all 65,535 ports. There were ports and services I wasn't detecting. I figured out something yesterday that was a big help. I ran an exploit that gave me system level access to cmd.exe, but it limited me to on that command prompt. So I tried adding another account to the local administrators group, but I got an error and could not add the account. So I discovered if I launched programs or admin tools from the command prompt, they ran with system level access. So I did some Googling and found a solution. You run this from the command line "control userpasswords2" and it launched the user manager utility. The control part of that syntax refers to the control panel. So if you know the other names for the other control panel apps/utilities, you can launch them from the command line. My Windows local privilege escalation skills have improved over the past two weeks. I learned another cool tick, which is how to turnoff the Windows firewall from the command line, which is "netsh firewall set opmode disable". That comes in handing when you only have shell access to a Windows box. Then you can connect with remote desktop. More lab time was my key to improvement. I am doing the things you hear everyone say, like sticking to one server at a time and enumeration, enumeration. I am confident I will do a lot better on my exam retake.
CISSP, IAM, working on OSCP
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Apr 24, 2013 10:30 am

Re: Failed my first attempt at the OSCP exam

Along those lines, try just launching MMC and then adding the snap-in(s) you need.
The day you stop learning is the day you start becoming obsolete.
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Wed Apr 24, 2013 1:27 pm

Re: Failed my first attempt at the OSCP exam

ajohnson wrote:Along those lines, try just launching MMC and then adding the snap-in(s) you need.


Awesome idea, thanks!

If you have other ideas I would like to hear them. I know I may not be doing things the optimal way and would like to have more options.
CISSP, IAM, working on OSCP
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Sun Apr 28, 2013 4:33 pm

Re: Failed my first attempt at the OSCP exam

My root count is up to 34 servers. I had a social engineering assignment last week and it allow for as much lab time.
CISSP, IAM, working on OSCP
<<

tr3b0rd

Newbie
Newbie

Posts: 1

Joined: Wed May 01, 2013 9:10 pm

Post Wed May 01, 2013 9:14 pm

Re: Failed my first attempt at the OSCP exam

For those that have taken the exam multiple times, is it always the same or do they have different machines and vulnerable services each time?
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Thu May 02, 2013 12:29 am

Re: Failed my first attempt at the OSCP exam

tr3b0rd wrote:For those that have taken the exam multiple times, is it always the same or do they have different machines and vulnerable services each time?


I think there's a pool of targets that's randomly selected. You may see something that's familiar, but you shouldn't expect to have the same exam.
The day you stop learning is the day you start becoming obsolete.
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Sun May 19, 2013 8:56 pm

Re: Failed my first attempt at the OSCP exam

I failed again, but I was so close. I rooted 3 servers giving me 55 points and I had low level access to 2 other servers, but time ran out before I could get root. I will be retaking the exam on June 22 at the latest.
CISSP, IAM, working on OSCP
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Sun May 19, 2013 9:46 pm

Re: Failed my first attempt at the OSCP exam

Every book about hacking I read always tell you patience will always pay off, you try hard and harder, you will get it and it will pay off, why because you really are learning the stuff, keep drilling, you will get it.

Also you inspire us, good.
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Sun May 19, 2013 10:07 pm

Re: Failed my first attempt at the OSCP exam

impelse wrote:Every book about hacking I read always tell you patience will always pay off, you try hard and harder, you will get it and it will pay off, why because you really are learning the stuff, keep drilling, you will get it.

Also you inspire us, good.


Thank you for the encouragement, impelse!

I am even more determined and once I pass, it will mean even more to me. When I think of where my skills and knowledge was at a little over a year ago, I am amazed at what I have learned. Since I started really hitting this course hard back around the holidays, it has paid off even more. At first it was forcing myself to study and now I have to force myself to do other things outside of this.
CISSP, IAM, working on OSCP
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Mon May 20, 2013 12:07 am

Re: Failed my first attempt at the OSCP exam

If you see you are becoming a serius pentester, you keep rooting those boxes in the lab, you attempt to hack 5 servers in 24 hours, with a lot of pressure specially coming from the time frame of the exam and from yourself, normally in a pentest you do not have those shorts time (5 servers in 24 hours, LOL).

So if you can hack in those circumstances in the exam how is the real pentest?, sure you will be able to hack them and outside the box, without automatic expensive tools (I am not saying you will not use them).

At the end you are wining and wining every time to attempt the exam, it is not lost, it will pay off.
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
<<

hanyhasan

User avatar

Newbie
Newbie

Posts: 17

Joined: Fri May 17, 2013 12:09 pm

Post Mon May 20, 2013 3:39 am

Re: Failed my first attempt at the OSCP exam

r0ckm4n wrote:I failed again, but I was so close. I rooted 3 servers giving me 55 points and I had low level access to 2 other servers, but time ran out before I could get root. I will be retaking the exam on June 22 at the latest.



Hard luck , never give up and i was only scared from taking CCIE " from Cisco "  ???. I read the subject from the beginning and let me asking you why there is no support from the trainer or does the material " Videos & PDF " not covering those attacks . The CCIE exam is about troubleshoot the network and more you practice to solve the network issues the faster you can solve the exam and pass but the material does cover the exam objective . Hard luck again & sorry i talked about Cisco here  ;D. Forget about my English every 1  ::)
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Mon May 20, 2013 8:16 am

Re: Failed my first attempt at the OSCP exam

@hanyhasan - The videos and PDF's cover a lot, but because of the 'adaptive' nature of pentesting, there is expectation that not everything in the exam is going to be a 'cut and dry' example of something that was directly covered by the courseware, leaving the student to use their intuition and research skills to find answers, much like a live, real-world pentest would.

@r0ckm4n - keep trying, keep studying, keep working at it.  Pass or fail, as impelse noted, you're learning.  Experience, in this field, comes painfully, sometimes, but it's well worth the effort, and shows your determination and dedication.

Wishing you luck on the next (and hopefully final) attempt!  :)
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Mon May 20, 2013 9:19 am

Re: Failed my first attempt at the OSCP exam

impelse wrote:If you see you are becoming a serius pentester, you keep rooting those boxes in the lab, you attempt to hack 5 servers in 24 hours, with a lot of pressure specially coming from the time frame of the exam and from yourself, normally in a pentest you do not have those shorts time (5 servers in 24 hours, LOL).

So if you can hack in those circumstances in the exam how is the real pentest?, sure you will be able to hack them and outside the box, without automatic expensive tools (I am not saying you will not use them).

At the end you are wining and wining every time to attempt the exam, it is not lost, it will pay off.


Actually I am a pentester and you are correct about getting more time. I needed to improve my hacking skills and that's why I took this course. I had experience with vulnerability assessments and automated tools.
CISSP, IAM, working on OSCP
PreviousNext

Return to OSCP - Offensive Security Certified Professional

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software