.

OSCP exam

<<

blackzero

Newbie
Newbie

Posts: 8

Joined: Mon Jan 24, 2011 6:16 am

Post Fri Aug 05, 2011 9:22 pm

OSCP exam

Ok this may not be allowed to ask but I have been thinking and in case I am crossing lines please let me know.

In a normal scenario If I were to pwn a machine remotely, after proper recon and all, I would create a local testbed for my exploits and test it against the local system before I launch it against the remote victim, Now how does this works out in exam scenario?? Are we expected to quickly test it locally or do we keep trying till we get the shell?

Please forgive me for my ignorance, I am yet to register but I just want to be sure what I am getting into.
<<

Data_Raid

User avatar

Full Member
Full Member

Posts: 165

Joined: Fri Nov 09, 2007 5:55 am

Post Sat Aug 06, 2011 3:08 am

Re: OSCP exam

In the exam, you will have a number of machines that you need to exploit, you can get partial points for partial access, meaning a local shell but not root/Administrator access will get you partial points. Full access (root/Administrator) will give you full points. Each exam scenario might be different but what will really help you is lab time and practice. The more time you can spend on different machines with different exploits, the better your chances are for passing the exam.

To answer your question: since you have limited time, you aren't expected to test possible exploits on a local system, that would mean having different flavours of OS running along with vulnerable web applications or vulnerable software installed locally which could be anything such as an FTP service, web browser, media player etc... Detailed reconnaissance will definitely help you, and good Google skills.
I highly recommend the course, the contents are explained clearly, the labs are great and if you spend as much time as you can in the labs and practice exploiting as many machines as possible, you should do fine in the exam.

Good luck!
Last edited by Data_Raid on Sat Aug 06, 2011 3:09 am, edited 1 time in total.
All men by nature desire knowledge.

Aristotle
<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Mon Aug 08, 2011 3:38 am

Re: OSCP exam

Data_Raid covers it all, believe me, the 24 hours you get are not even close to the hours you will need to replicate and properly test/hack the systems in the exam. go for the kill straight ahead, no matter how dirty it is....good luck!
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
<<

blackzero

Newbie
Newbie

Posts: 8

Joined: Mon Jan 24, 2011 6:16 am

Post Wed Aug 10, 2011 6:14 am

Re: OSCP exam

Thank guys. J0rDy, I read your walk-through, it was great read. You mentioned how there are things on exam which are not mentioned in courseware.. I would appreciate if you could provide some pointers about the books etc you had to refer.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Wed Aug 10, 2011 7:26 am

Re: OSCP exam

I thought the exam was a pretty good reflection of what was covered in the course - though you will have to dig a little deeper on your own to make sure you fully understand the topics presented, and how to use them.
<<

TheXero

User avatar

Full Member
Full Member

Posts: 112

Joined: Tue Dec 07, 2010 12:24 pm

Post Wed Aug 10, 2011 7:49 am

Re: OSCP exam

@blackzero, the exam lab is very cleverly set up it does make you try harder.

The exam is hard but not too hard, I would say it's just right.

How is your experience with exploit development blackzero? as you need to create an exploit to complete the exam, but remember Try Harder! :P
<<

blackzero

Newbie
Newbie

Posts: 8

Joined: Mon Jan 24, 2011 6:16 am

Post Wed Aug 10, 2011 11:17 pm

Re: OSCP exam

@TheXero, I have been working with exploit writing from couple of months now, I completed lupin's articles (awesome series) and first few tuts of corelan. I can write basic stack overflow and SEH based exploits with ease. But Adv topics like ASLR/DEP evading etc are still way above my understanding.

I want to cover most of the basic readings etc before I get into OSCP lab.

Thanks!
<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Thu Aug 11, 2011 2:49 am

Re: OSCP exam

that will be more then enough to understand the buffer overflow part in the OSCP course. use the internet as your main resource and if you can't seem to find particular information (for example in depth knowledge of nmap) focus on available books. Good luck and i think you will do just fine!
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Thu Aug 11, 2011 8:51 am

Re: OSCP exam

SEH, ASLR, and DEP are covered in the OSCE course. You don't need to know anything about these three techniques in order to do OSCP exam (no secret here). In addition, you don't need Assembly knowledge either to take the PWB course. Everything you need to know for the OSCP exam is in the PWB course material. These advance techniques you mentioned are for the OSCE exam.
Last edited by caissyd on Thu Aug 11, 2011 12:08 pm, edited 1 time in total.
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

TheXero

User avatar

Full Member
Full Member

Posts: 112

Joined: Tue Dec 07, 2010 12:24 pm

Post Thu Aug 11, 2011 9:46 am

Re: OSCP exam

H1t M0nk3y, be careful of the spoilers, you may want to edit your post accordingly.
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Thu Aug 11, 2011 12:10 pm

Re: OSCP exam

@TheXero: Thanks, my post was indeed borderline. I fixed it. All I wanted to say is not to be scared too much about this PWB course since it doesn't cover advanced exploit development techniques... But thanks for the comment!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)

Return to OSCP - Offensive Security Certified Professional

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software