.

OSCP Walkthrough

<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Sun Sep 19, 2010 10:43 am

Re: OSCP Walkthrough

little addition:

I was thinking about what i have accomplished within my "career" as a security professional. Giving the results i got within the labs (got 19 out of 29), I'm quite happy with what i have accomplished and the progress i have made within the last couple of years. Come to think of it, 2 years ago i hadn't even heard of penetration testing, vulnerability scanning. I didn't even knew Backtrack, let alone finding vulnerabilities and compiling exploits for it. Not even within my wildest dreams i could think that at this point i would be struggling with buffer overflows and actually know what i am doing. This has been a huge eye opener for me that i have progressed a lot within these years, and that i am heading in the right direction of the skill level i want to achieve. I think it is impossible to get to a certain level within a specific amount of time, no matter how good you are or how bad you want it. This motivates me even more to become one of the few that are skillful enough to obtain the OSCP certificate. Giving this i am happy and consider myself blessed that i was able to experience this course, even with the horrible exam result.
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Mon Sep 20, 2010 7:09 am

Re: OSCP Walkthrough

Hi j0rDy,

If someone here understand what you are going through, then I think it is me...

The other hosts were just playing with me. I found several vulnerable services, but somehow i couldnt get that shell.

I had the same feeling as you. I spend hours trying to exploit "big and obvious" vulnerabilities without success... At one point, I thought they were playing games with my mind by blocking these "obvious" holes somewhere else. I am sure you know what I am talking about... The exploit should have worked!!!  :P


I've been talking to several folks who didn't pass on first attempt, and it seems this latest version of OSCP is challenging for  'almost' everyone I've chatted with.

It also seem the OSCP v3 exam is tougher than ever...

I, like you j0rDy, pwned many boxes in the lab. But, from my humble point of view, they were "easier" than the one in the exam. First, about ten of them related directly to an exercise from the videos or the PDF. The other ones were harder, but generaly speaking, with 2 or 3 hours of effort, you could succeed getting root/admin.

But I painfully realized that the exam required more experience than what you could get with the course. At least, that's my opinion. But this isn't a bad thing, far from it! The course doesn't teach you at all how to escalate privileges, find your way in all these OS, what tools or script we need to have and how to "put it all together". But again, that's a good thing! We have to take what we have learn and do the extra mile all by ourselves.

But I would I love to have an exam simulation in the lab. For example, if machines 192.168.12.245-192.168.12.249 were representative of the exam. That would have opened my eyes wide open before the exam. But on the other, the exam retake isn't expensive at all ($60), so it isn't that bad I guess.

One last thing j0rDy, it shows everyone here on this forum that we did the exam all alone and that we aren't cheaters!  ;)
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1661

Joined: Mon Jan 29, 2007 2:59 pm

Post Mon Sep 20, 2010 7:54 am

Re: OSCP Walkthrough

Interesting thoughts, H1tM0nk3y...

I'll lend a couple more words...

First, as you guys are aware, the entire objective of OSCP is to throw you into uncharted waters.  The course it designed to teach you to enter unknown environments and situations, and work / adapt your skills and techniques to overcome the challenges presented.  So, to that end, it really wouldn't be right to 'too closely' simulate the exam machines, in the labs.  There were machines in the labs that made you think, and a few that I never, personally, got through.  Case in point, it gave me the drive to push harder, and prove to myself that I was capable of pwning those boxes.

Second - you're absolutely correct.  By failing, even though that disappoints you, you've proven to others that you DID undertake the exam, alone, and that you haven't cheated to pass an exam.  This exam isn't open book / memorization for a reason.  It sorts out the 'paper' certifications from the 'hands-on' ones, and shows you've worked to develop yourself and your skills.

Congrats with what you've accomplished, and continue to work towards the end goals.  You WILL pass the exam, if you continue to focus, study, and learn.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

apollo

Full Member
Full Member

Posts: 146

Joined: Fri Apr 04, 2008 7:44 pm

Post Mon Sep 20, 2010 8:08 am

Re: OSCP Walkthrough

I agree with hayabusa, you should feel good with what you've learned and how far you've come.  The OSCP isn't an easy test, and the fact that you got part of the way there is def an achievement.  You should try to setup some of this stuff in your own lab, and do the bonus questions from the class.  I learned a valuable lesson while doing the bonus questions: It's not as easy when you can't follow along what to do.  I spent a lot of time on the extra boxes to own in the lab, which helps a lot for the exam.  These bonus boxes are especially nice as a few of them require you to figure out what to use for priv escalation etc, which is something you don't want to spend a lot of time on once you've already gotten a shell.  Congrats on how far you've come, don't give up :)  Although "Try Harder" is sort of a bitchy motto, it's pretty applicable to this type of stuff.  There's a whole ton of apps that you can re-create the exploit writing stuff on, and setting up redhat 9 boxes in virtualbox is cake.  This is a great community, and maybe the right place to start working on some sample configurations for ownable boxes so that people can practice this stuff in the privacy of their own PC.  Good luck on your next shot :)
CISSP, CSSLP, MCSE+Security, MCTS, CCSP, GPEN, GWAPT, GCWN, NOP, OSCP, Security+
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Mon Sep 20, 2010 11:18 am

Re: OSCP Walkthrough

hayabusa wrote:There were machines in the labs that made you think, and a few that I never, personally, got through. 


You are right hayabusa, I didn't pwn every machines in the lab, but I succeeded with the ones I tried. I just ran out of time for the other ones. I reach the Executive Network, but just when I was running out of lab time...

I have alreay spent way too much money on lab times (around 150 days althoughter). But I really used about 80 days, the rest was wasted because of personnal reasons (grrrrr). And since I registered just before v.3 was released, I have spent a bit more than $2000 on PWB so far... But that was well spent money!!!

I am now focusing on my own lab, working on my weaknesses for the next OSCP attempt!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1661

Joined: Mon Jan 29, 2007 2:59 pm

Post Mon Sep 20, 2010 6:09 pm

Re: OSCP Walkthrough

Sorry for the expenses getting to high, but glad to see the emphasis and good-spirited attitude live on.  Good luck, and go get 'em!
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

mambru

Jr. Member
Jr. Member

Posts: 98

Joined: Wed Jun 03, 2009 3:11 pm

Post Tue Sep 21, 2010 11:08 am

Re: OSCP Walkthrough

I wanted to share that after sitting for 2nd time for the OSCP challenge I finally beat it. Though I didn't get a perfect score, I feel quite satisfied with the results. It was a unique experience that I enjoyed until the last minute.

M0nk3y, I'm sure you'll make it next time, you've worked very hard on it. Best of lucks!!
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Sep 21, 2010 12:07 pm

Re: OSCP Walkthrough

Thanks mambru!

I wonder what is the success rate for the first time attempt of OSCP v3? Was version 2 "easier"? I guess no one can tell...

In a way, I kind of hope it is harder now. Bring it on!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

Anquilas

User avatar

Full Member
Full Member

Posts: 169

Joined: Fri Mar 19, 2010 7:50 am

Location: Belgium

Post Fri Sep 24, 2010 5:05 am

Re: OSCP Walkthrough

It's a pitty to hear J0rdy, just as it was with H1tM0nkey, but hell, seems like you learned huge amounts and got a lot out of he experience. Nicely done!

Following you guys while taking the OSCP is quite inspiring, thanks for sharing all that info!
Twitter: https://twitter.com/dietervds
Blog: https://synquell.wordpress.com (not much there yet)

The beginning of knowledge is the discovery of something we do not understand.
<<

zeroflaw

User avatar

Full Member
Full Member

Posts: 208

Joined: Fri Feb 12, 2010 10:41 am

Location: Holland, Den Helder

Post Sat Sep 25, 2010 11:15 am

Re: OSCP Walkthrough

Aww that sucks j0rDy! I think this course is a bit too hardcore for the not so experienced people. And actually I'm getting a bit sick of that "Try Harder" stuff. This course would be much more valuable with a few hints here and there.

Some machines were really difficult for me. I've tried harder and much harder but it just wasn't enough. Then luckily I did get a hint for a fellow student, and I was able to hack the machine. Maybe it was a bit of a spoiler but I really learned something from it.

My exam was supposed to be today but due to some personal and work related issues I had to re-schedule it. It's set for the 30th of October, which gives me plenty of time to prepare. I'm pretty sure I'm not going to pass though, but hey I learned a lot, and I'm going to keep learning.
ZF
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Sun Sep 26, 2010 7:02 am

Re: OSCP Walkthrough

I'm getting a bit sick of that "Try Harder" stuff

Man, I am with you on this!!! I am all for if I figure it all by myself, I will remember it for ever. But when you have spent 5 hours on one little thing and you still don't have a clue what the answer is, then someone should be there to give you hints.

The only hint I've got from an instructor is: "the solution is simpler than what you think it is". This helped me a lot actually because he basicaly told me I was looking at the wrong place. To me, this fit in the "Try Harder" mentality and it still helped me. But that's it, I haven't got any more help...

Maybe they should have a spoiler section in their forum with hints for each lab machine of let say, the student network (but not the dev, it and admin networks). I would have personaly love to have "incremental hints", the first hint being very vague and the last almost giving the answer. Something like WebGoat does very well! By giving hints on the student network only, I would have learn a ton of things much faster and I could have "Tried Harder" on the other three networks.

Also, maybe the Offensive Security team should list things that aren't addressed in the course material but are required in order to pass the exam. It is totaly understandable that they can't teach everything in their lab, for example what an IP packet looks like, how to create a user on Windows 7, etc. But having a list of OS that we need to be confortable with, a list of techniques we need to master, etc, would have helped me a lot. This way, before the exam, if you know that you don't have a clue about two or three things listed, you can research them and be more prepared.

If the goal of the OSCP certification is to demonstrate you have learned and understand the majority of the course material, then they should do that. But if they want to certify people that are already expert in this field and may or may not have taken the course, then it is a different story...

I'm pretty sure I'm not going to pass though, but hey I learned a lot, and I'm going to keep learning.

zeroflaw, don't get discouraged by mine and j0rDy's experience. I am a web developer and I almost passed! Did you hack many machines in the lab? If you are not sure, postpone the exam. And worst case scenario, a second attempt on the exam is time consuming, but cheap. And like you said, we have all learn so much so far, so it can't be wasted time.

Good luck zeroflaw!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1661

Joined: Mon Jan 29, 2007 2:59 pm

Post Sun Sep 26, 2010 11:09 am

Re: OSCP Walkthrough

While I understand your logic, guys, I think of it this way...

If they gave you tons of hints, and step-by-step or even incrementally simpler ideas to work from, they'd decrease the difficulty of things.  The idea is to make you think like a hacker, and it's not like they're going to give you ANY "gimme's" on the exam.  I can tell you, for instance, that NONE of the machines I compromised in the lab were the same as the exam ones.  Similarities, maybe... but not the same.  So you're going to be challenged on the exam, too, and there are reasons for that.

This course and exam are NOT for folks who don't want to work for it.  I commend you, because I know you both ARE working for it.  The simple fact is, though, that if they kept hinting, etc, that takes away from the need to find answers for yourselves, which is what you'll need to do on the exam, and what you'll do in a real-life pentest.  I've not been in many real scenarios where I had enough time built into the scope to just start asking others to help me figure it out.  (Sure, for areas I'm not as good in, and so I have a team setup, with folks who are skilled in those areas too.)

Point is, if they had too many of the "gimme's", what would separate their course / exam from any of the other security certifications out there?  Yes, one difference is that their exam is a practical, hands-on exam.  But if they gave you too much help, along the way, then the course might as well be a written exam, as you're then working from more of a 'book knowledge' scenario, rather than a practical thinking one.

Like I said, I understand your thoughts, and at times, I entertained the same.  But in the end, after I achieved the goal, it was much more rewarding to me, realizing I had been the one who had to really work, study, research and push myself, to reach the goal.

Here's another example (true story from my life):

I was born with physical defects in both feet, and struggled through my childhood and teen years with pain, walking, as a result.  In high school, I was fortunate enough to be chosen by the Shriner's Hospitals, who provided me with foot surgeries on both feet, free of charge to my family, who otherwise, couldn't have afforded them.  My senior year, I ran cross-country and track, and wrestled, and felt a feeling of accomplishment from those, under the circumstances that I'd had surgeries as little as 6 months prior, and had NEVER run any distance, before that. 

Upon graduation, I set my sights a little higher.  6 months after graduation from high school, I ran the Chicago Marathon.  While not any sort of professional runner, my time wasn't even 'competetive', but in the end, I DID complete the race, in the time allowed.  Point of the story is, if you're willing to put the time in, and overcome obstacles in your way, you can do things that everyone else wouldn't expect you to do, even if 'everyone' includes yourself.

Overcome challenges, beat the odds, and live life to it's fullest.  Don't give up because things are tougher than you'd like, and give your all to achieve your goals.  Just as I'd done with the marathon, you can do the same with your OSCP.

Good luck, and as always, keep us posted on how things progress with it, as you keep going after it!
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

dante

User avatar

Jr. Member
Jr. Member

Posts: 58

Joined: Wed Jul 21, 2010 10:17 pm

Post Sun Sep 26, 2010 1:55 pm

Re: OSCP Walkthrough

hayabusa wrote:Here's another example (true story from my life):

I was born with physical defects in both feet, and struggled through my childhood and teen years with pain, walking, as a result.  In high school, I was fortunate enough to be chosen by the Shriner's Hospitals, who provided me with foot surgeries on both feet, free of charge to my family, who otherwise, couldn't have afforded them.  My senior year, I ran cross-country and track, and wrestled, and felt a feeling of accomplishment from those, under the circumstances that I'd had surgeries as little as 6 months prior, and had NEVER run any distance, before that. 

Upon graduation, I set my sights a little higher.  6 months after graduation from high school, I ran the Chicago Marathon.  While not any sort of professional runner, my time wasn't even 'competetive', but in the end, I DID complete the race, in the time allowed.  Point of the story is, if you're willing to put the time in, and overcome obstacles in your way, you can do things that everyone else wouldn't expect you to do, even if 'everyone' includes yourself.

Overcome challenges, beat the odds, and live life to it's fullest.  Don't give up because things are tougher than you'd like, and give your all to achieve your goals.  Just as I'd done with the marathon, you can do the same with your OSCP.

Feeling deeply inspired!.. This is definitely gonna end in a shell party..
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Sun Sep 26, 2010 5:48 pm

Re: OSCP Walkthrough

Thanks hayabusa, I know what you say is true. I don't want to give up on things, far from it. I just have other things in my life and there is only so much hours in one day...

Like the story about your feet (congratulations by the way!!!), what does not kill you, makes you stronger!

I have to go, my two daughters are waiting for me!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1661

Joined: Mon Jan 29, 2007 2:59 pm

Post Sun Sep 26, 2010 8:26 pm

Re: OSCP Walkthrough

Yeah, H1tM0nk3y...  Family DEFINITELY always comes first!  I understand hours in a day, all too well, myself, right now.  Take care, and keep after what you want!
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
PreviousNext

Return to OSCP - Offensive Security Certified Professional

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software