.

OSCP certification challenge

<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Wed Jun 16, 2010 7:12 am

OSCP certification challenge

Hi,

I am "done" with the PWB v3 course. I have watched all the videos and done the vast majority of the exercises. I understand everything I have studied.

I have played in the lab and hacked several machines (about 30% of them). Should I penetrate all machines in the lab before taking the OSCP challenge? I am running out of time and I don't want to pay to extend my lab time...

With 8 days left in the lab and a busy schedule, I was thinking of finalizing the exercises and challenge the certification right after. Does it sound right?

I know it all depends on what experience I have, but did you feel the exercises prepared you well for the certification?

Thanks
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

Darktaurus

User avatar

Full Member
Full Member

Posts: 181

Joined: Thu Sep 03, 2009 8:48 am

Post Wed Jun 16, 2010 7:39 am

Re: OSCP certification challenge

Did you get the 2 month or 1 month access to the labs when you signed up? 
OSCE, OSCP, OSWP, CISSP, GPEN

www.agoonie.com
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Wed Jun 16, 2010 7:52 am

Re: OSCP certification challenge

I took 60 days, but I couldn't work everyday...
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Wed Jun 16, 2010 11:44 am

Re: OSCP certification challenge

I'm currently in the course (My exam's scheduled for tomorrow). I would highly suggest penetrating more machines before taking on the exam, but looking at your certifications in your sig you have a lot more experience than I do. I'm more of a do it and learn kind of person, so to me, the more lab machines I break, the more I feel ready for the exam.

I thought the exercises were pretty good but I personally skipped 1 or 2 of them. I personally had to go back and re-up on 15 more lab days (after the initial 60 I purchased) because I didn't feel ready enough & needed more information for the final report. I suppose Friday I'll have an official answer for your question but for now I'd say nail as many machines as you can - use your lab time wisely! The lab is so addicting that I've heard people pay for more lab time even after they take the exam, just for more pain and suffering.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Wed Jun 16, 2010 11:52 am

Re: OSCP certification challenge

People paying for more lab after the exam, very interesting, jajajajajaaj
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
<<

rvs

Jr. Member
Jr. Member

Posts: 94

Joined: Wed Jan 28, 2009 9:40 pm

Post Wed Jun 16, 2010 12:30 pm

Re: OSCP certification challenge

xXxKrisxXx wrote:I'm currently in the course (My exam's scheduled for tomorrow). I would highly suggest penetrating more machines before taking on the exam, but looking at your certifications in your sig you have a lot more experience than I do. I'm more of a do it and learn kind of person, so to me, the more lab machines I break, the more I feel ready for the exam.

I thought the exercises were pretty good but I personally skipped 1 or 2 of them. I personally had to go back and re-up on 15 more lab days (after the initial 60 I purchased) because I didn't feel ready enough & needed more information for the final report. I suppose Friday I'll have an official answer for your question but for now I'd say nail as many machines as you can - use your lab time wisely! The lab is so addicting that I've heard people pay for more lab time even after they take the exam, just for more pain and suffering.



Guys if you are interested in reviewing pm I might help been working on it as well. cheers
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Wed Jun 16, 2010 1:40 pm

Re: OSCP certification challenge

Good luck xXxKrisxXx and keep us posted!!!

I am still thinking... How many machines have you hacked in the lab so far? I will spend the next week getting access to as many servers as I can. I also need to finish some exercises, although I have already completed the hardest ones.

I had only bad luck with the course so far. I registered for PWB v2, 60 days of lab only to learn 8 days after that version 3 was going to be released. I then paid to upgrade to v3. A few days after starting it, I got divorced... So I didn't study for something like 45 days! I bought an extra 30 days and I am at the end of it.  :-\

All that to say I have paid the course more than twice now and I feel like taking a break!!!  :P

Anyway, good luck xXxKrisxXx and keep us posted!!
Last edited by caissyd on Wed Jun 16, 2010 1:42 pm, edited 1 time in total.
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Wed Jun 16, 2010 2:10 pm

Re: OSCP certification challenge

I've hacked into about 23-25 of them but i've unlocked all of the networks in the control panel. Thanks for wishing me goodluck, I'll definitely need it. Sorry to hear about your mishaps - hopefully things will get better man.

Cheers,

Kris
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Fri Jun 18, 2010 11:03 am

Re: OSCP certification challenge

I just bought another 30 days. I really want to hack all machines and finish all "Doing the Extra Mile" exercises.

xXxKrisxXx, how did it go?
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Fri Jun 18, 2010 11:04 am

Re: OSCP certification challenge

Hey it went good, I'm on my last hour and I have enough points that I passed. Still working on 1 more machine. Extremely tired on my end, rough exam.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Fri Jun 18, 2010 11:38 am

Re: OSCP certification challenge

great news guys! i guess an early congratulations is in place?
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Fri Jun 18, 2010 12:14 pm

Re: OSCP certification challenge

I am very happy for you xXxKrisxXx!!!

Go to sleep and give us your feedback once you're rested!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Fri Jun 18, 2010 12:23 pm

Re: OSCP certification challenge

You know... Prior to me taking the exam, I thought I'd be a smart alec. After viewing the content for a week I decided to write an automated perl script to literally do the exam for me. The script consisted of using various tools against the output of nmap and other tools. Pretty much a bloated "if, while, for, and" script.

I had it all planned out. The program would start with the typical nmap scan, parse out the data of opened ports, I'd use another port to fingerprint the machine as precise as I could, then the program would re-parse out a "high percentage" rate of potential exploits against the target. I had it mapped out to a science. If THIS_OS && THIS_PORT && THIS_VERSION >= Milw0rmPoCs_or_Better ; then TEST_THIS_AND_RETURN_OUTPUT Was such a butchered work of art in itself it was priceless. I tested it against a devel network I set up at home mirroring the versions of servers etc on my lab...

Test day... For one, I was like 3 hours behind the time since I mangled EST/PST timing... I figured, no sweat... Pfftt... My pwnge is going to be automated baby! No metasploit no problem... Long story short, about an hour after my perl voodoo was chugging along, I started experiencing unforseen BOFH like errors. It was then I  realized that Mutts and the staff threw in a lot of curveballs. I ended up scrapping my program and doing the remainder of the test manually.

When I did the CPT exam... You don't even wanna know the asm slash c headaches I encountered. On the flip side, I never had a machine gone in 60 seconds much faster than on the CPT exam. On the second machine though... Man you talk about going back to the books on shellcoding, assembly, debugging (gdb though ;) so I got lucky). Nevertheless its Jack Koziol and company (Shellcoders Handbook) whose responsible for the CPT.

Good luck on the exams all who take it. OSCP was one of my favorites. CPT was a PITA... CEPT ... failed by one... I should have studied :( Arrogance got the best of me... Of the two, (CPT, OSCP) I like the volume of machines to compromise on the OSCP. For the learning curve on advanced exploitation though... CPT.
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Fri Jun 18, 2010 12:38 pm

Re: OSCP certification challenge

Thanks fellow monkey (sil) for your advice.

I can't wait for my daughters to go to sleep tonight so I can continue playing in the lab!!!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Fri Jun 18, 2010 5:30 pm

Re: OSCP certification challenge

I do not know, but someday I will be in your possition guys. Keep going. I already set my plan, for me OSCP is after I pass 4 more exams ( I am trying to get a little more knowledge and complete my MCSA)
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
Next

Return to OSCP - Offensive Security Certified Professional

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software