My question for the OSCP cert folks is about a strategy. If for example, you find a box that is vulnerable to ms08-067, instead of using metasploit, you'd have to search for the exploit and find a POC. Then, you'd have to understand the code to enough to be able to fix it for your own environment. Would you say this is correct?
If this is so, I'd say you've got to master fingerprinting and have ninja skills in finding exploit POCs.