+ Reply to Thread
Page 1 of 3 1 23 Last
Results 1 to 25 of 65
  1. Senior Member MrAgent's Avatar
    Join Date
    Oct 2010
    Location
    Northern Virginia
    Posts
    1,284

    Certifications
    Sec+, MCP, MCSA 2003, MCTS, MCITP:VA, VCP5, MCSA 2012, MCSE Private Cloud, MCSE Server Infrastructure, C|EHv7, RHCSA, OSCP, GCIH, OSWP
    #1

    Default Another OSCP Journey

    So I started the process today and signed up for the PTWK class. Looks like I will be starting on Sept 14.
    I'll start updating this thread as I go through the motions.
    2016 Goals: GCIH, OSWP - DONE!
    My OSCP review http://www.jasonbernier.com/oscp-review/
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Apr 2012
    Posts
    231

    Certifications
    A+, Security+, CCENT, C|EH, GCFE, GCFA, GREM
    #2
    Good luck! I'm in the course right now too. I find that my pace is a bit stop and start with it. To get through some of the material you have to go really hard at it, and I find myself needing a day or two's break. Make sure you keep going back, ask for help when you need it(it took me awhile to get the guts to do this), and Try Harder! Feel free to PM if you have any issues.
    Reply With Quote Quote  

  4. Security Advocate MSP-IT's Avatar
    Join Date
    Dec 2012
    Location
    Denver, CO
    Posts
    727

    Certifications
    list index out of range
    #3
    Quote Originally Posted by ramrunner800 View Post
    Good luck! I'm in the course right now too. I find that my pace is a bit stop and start with it. To get through some of the material you have to go really hard at it, and I find myself needing a day or two's break. Make sure you keep going back, ask for help when you need it(it took me awhile to get the guts to do this), and Try Harder! Feel free to PM if you have any issues.
    Yeah, I've definitely found this to be true. This is really the first self-training courses that I've never really been able to pick up on a daily basis and do. Going through the assembly/exploit section of it now for a second time. I feel like I need a few hours just to digest a few videos.
    Reply With Quote Quote  

  5. Senior Member MrAgent's Avatar
    Join Date
    Oct 2010
    Location
    Northern Virginia
    Posts
    1,284

    Certifications
    Sec+, MCP, MCSA 2003, MCTS, MCITP:VA, VCP5, MCSA 2012, MCSE Private Cloud, MCSE Server Infrastructure, C|EHv7, RHCSA, OSCP, GCIH, OSWP
    #4
    So I received the welcome email as well as how to connect to the lab etc.

    Am I supposed to install the lab connection tools onto my own local instance of Kali?
    2016 Goals: GCIH, OSWP - DONE!
    My OSCP review http://www.jasonbernier.com/oscp-review/
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Oct 2013
    Location
    Washington DC
    Posts
    498

    Certifications
    OSCP, eMAPT, eWPT, CISSP, GPEN, GWAPT, GCIH, GCIA, GSEC, CEH, CNDA, ECSA, CHFI, Sec+, Net+
    #5
    Quote Originally Posted by MrAgent View Post
    So I received the welcome email as well as how to connect to the lab etc.

    Am I supposed to install the lab connection tools onto my own local instance of Kali?
    Correct. You will use the VPN client from your Kali box. I know when I took it, there was no installation required. It was just a linux binary executable that we used as a VPN client. But that was back in the PWB days and things may have changed. But regardless, you will connect to the VPN from your Kali box (whether that be a VM or full install).
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Oct 2013
    Location
    Washington DC
    Posts
    498

    Certifications
    OSCP, eMAPT, eWPT, CISSP, GPEN, GWAPT, GCIH, GCIA, GSEC, CEH, CNDA, ECSA, CHFI, Sec+, Net+
    #6
    Good luck btw...and don't forget to have fun
    Reply With Quote Quote  

  8. Senior Member MrAgent's Avatar
    Join Date
    Oct 2010
    Location
    Northern Virginia
    Posts
    1,284

    Certifications
    Sec+, MCP, MCSA 2003, MCTS, MCITP:VA, VCP5, MCSA 2012, MCSE Private Cloud, MCSE Server Infrastructure, C|EHv7, RHCSA, OSCP, GCIH, OSWP
    #7
    Quote Originally Posted by NovaHax View Post
    Correct. You will use the VPN client from your Kali box. I know when I took it, there was no installation required. It was just a linux binary executable that we used as a VPN client. But that was back in the PWB days and things may have changed. But regardless, you will connect to the VPN from your Kali box (whether that be a VM or full install).
    Thanks for the info.
    So I fired up my local Kali installation, and went to update it since it had been a while, and it completely crashed after upgrading. Looks like I need to download a new .iso and reinstall. Joy.
    2016 Goals: GCIH, OSWP - DONE!
    My OSCP review http://www.jasonbernier.com/oscp-review/
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Oct 2013
    Location
    Washington DC
    Posts
    498

    Certifications
    OSCP, eMAPT, eWPT, CISSP, GPEN, GWAPT, GCIH, GCIA, GSEC, CEH, CNDA, ECSA, CHFI, Sec+, Net+
    #8
    Quote Originally Posted by MrAgent View Post
    Thanks for the info.
    So I fired up my local Kali installation, and went to update it since it had been a while, and it completely crashed after upgrading. Looks like I need to download a new .iso and reinstall. Joy.
    Could be worse. I had to build a new VM during the first hour of my exam. I took the course back when it was still PWB but Kali Linux had already been released. Since we were already using Kali at my work, I decided to use it for the course and had planned on using it for the test. As soon as I received my exam guide, there were instructions that explicitly stated that "YOU MUST USE BACKTRACK" for the exam.

    So I had to spend valuable testing time downloading the BTK .iso and imaging a new VM.
    Reply With Quote Quote  

  10. Senior Member MrAgent's Avatar
    Join Date
    Oct 2010
    Location
    Northern Virginia
    Posts
    1,284

    Certifications
    Sec+, MCP, MCSA 2003, MCTS, MCITP:VA, VCP5, MCSA 2012, MCSE Private Cloud, MCSE Server Infrastructure, C|EHv7, RHCSA, OSCP, GCIH, OSWP
    #9
    Oh man that sucks. Ive already created a copy of my finalized VM. I am actually going to download their suggested VM and see if it works with VMWare workstation 8. If not, I have mine.

    I was able to get it connected to the VPN, though it doesnt have any instructions on getting openvpn loaded, and I am about to send my payment in today. For anyone in the future who gets to this step, youll more than likely need to load openvpn.
    2016 Goals: GCIH, OSWP - DONE!
    My OSCP review http://www.jasonbernier.com/oscp-review/
    Reply With Quote Quote  

  11. Junior Member rawhide's Avatar
    Join Date
    Mar 2013
    Location
    Michigan
    Posts
    29

    Certifications
    CISSP-ISSAP, CCSP, CCNA, CCSE,
    #10
    Coming from 12 years of Network and Infra Security background I am planning to break into Offesnive sides of security and it seems OSCP is a good option. This is a very new arena for me and thats how I think my competence level stands on scale of 0-10

    Scripting -0
    Linux Admin- 2/3
    Web Security OWASP -3/4 ( Theory)
    Windows Admin-5/6
    Network and Protocols- 8/9

    You think I should directly step into OSCP or take some intermeidate steps for learning Linux and Scripting ?
    Is there a book you recommend to read before starting PWB Lab ?

    Thanks,
    Reply With Quote Quote  

  12. 1337sauce
    Join Date
    Jul 2011
    Location
    Ze South
    Posts
    1,539

    Certifications
    BS, Linux+, Security+, LPIC-1, MCSE Server 2012, MCSE Desktop, MCSA Server 2008, MCTS 70-[415,681], MCTS 74-409, VCA-DCV, Novell CLA/DCTS/CNS, HDI CSR
    #11
    Stanley CC does not offer courses in MN
    Get a PO box in another state?
    Reply With Quote Quote  

  13. Senior Member MrAgent's Avatar
    Join Date
    Oct 2010
    Location
    Northern Virginia
    Posts
    1,284

    Certifications
    Sec+, MCP, MCSA 2003, MCTS, MCITP:VA, VCP5, MCSA 2012, MCSE Private Cloud, MCSE Server Infrastructure, C|EHv7, RHCSA, OSCP, GCIH, OSWP
    #12
    Quote Originally Posted by rawhide View Post
    Coming from 12 years of Network and Infra Security background I am planning to break into Offesnive sides of security and it seems OSCP is a good option. This is a very new arena for me and thats how I think my competence level stands on scale of 0-10

    Scripting -0
    Linux Admin- 2/3
    Web Security OWASP -3/4 ( Theory)
    Windows Admin-5/6
    Network and Protocols- 8/9

    You think I should directly step into OSCP or take some intermeidate steps for learning Linux and Scripting ?
    Is there a book you recommend to read before starting PWB Lab ?

    Thanks,
    I haven't started the course yet, so I can't really comment at this time.

    Quote Originally Posted by lsud00d View Post
    Get a PO box in another state?
    That was random.
    2016 Goals: GCIH, OSWP - DONE!
    My OSCP review http://www.jasonbernier.com/oscp-review/
    Reply With Quote Quote  

  14. Senior Member MrAgent's Avatar
    Join Date
    Oct 2010
    Location
    Northern Virginia
    Posts
    1,284

    Certifications
    Sec+, MCP, MCSA 2003, MCTS, MCITP:VA, VCP5, MCSA 2012, MCSE Private Cloud, MCSE Server Infrastructure, C|EHv7, RHCSA, OSCP, GCIH, OSWP
    #13
    I received my welcome email and other information exactly on the hour. I am starting to set everything up now and get started.
    This should be a fun by challenging course.
    2016 Goals: GCIH, OSWP - DONE!
    My OSCP review http://www.jasonbernier.com/oscp-review/
    Reply With Quote Quote  

  15. Senior Member AlexNguyen's Avatar
    Join Date
    Jun 2011
    Location
    Montreal, Canada
    Posts
    300

    Certifications
    CISSP, CISA, CSSA, C|EH, C|HFI, GCFE, GPEN, GAWN, VCP5, MCTS, MCITP, ITIL v3 Foundation
    #14
    Quote Originally Posted by rawhide View Post
    You think I should directly step into OSCP or take some intermeidate steps for learning Linux and Scripting ?
    Is there a book you recommend to read before starting PWB Lab ?
    I suggest that you take some intermediate steps before trying OSCP.
    Take a look at some "cheap" online trainings at SecurityTube, StrategicSec, eLearnSecurity, etc.

    I'm reading the book "Advanced Penetration Testing for Highly-Secured Environments" and found it interesting. I'm trying to do all the lab exercises in the book. You need to try to map the BackTrack references in the book with Kali.
    Reply With Quote Quote  

  16. Junior Member rawhide's Avatar
    Join Date
    Mar 2013
    Location
    Michigan
    Posts
    29

    Certifications
    CISSP-ISSAP, CCSP, CCNA, CCSE,
    #15
    That makes alot of sense Alex, Thank you

    Quote Originally Posted by AlexNguyen View Post
    I suggest that you take some intermediate steps before trying OSCP.
    Take a look at some "cheap" online trainings at SecurityTube, StrategicSec, eLearnSecurity, etc.

    I'm reading the book "Advanced Penetration Testing for Highly-Secured Environments" and found it interesting. I'm trying to do all the lab exercises in the book. You need to try to map the BackTrack references in the book with Kali.
    Reply With Quote Quote  

  17. Senior Member MrAgent's Avatar
    Join Date
    Oct 2010
    Location
    Northern Virginia
    Posts
    1,284

    Certifications
    Sec+, MCP, MCSA 2003, MCTS, MCITP:VA, VCP5, MCSA 2012, MCSE Private Cloud, MCSE Server Infrastructure, C|EHv7, RHCSA, OSCP, GCIH, OSWP
    #16
    Ive gone through about 25 of the videos so far. Most of it is stuff I felt that people taking this exam should already have a firm grasp on. I will be going through as many of the videos as I can today and tonight. I am hoping to start working in the labs this week.

    Also for those that dont know, I have a private irc server setup.
    irc.osswg.com:6667
    2016 Goals: GCIH, OSWP - DONE!
    My OSCP review http://www.jasonbernier.com/oscp-review/
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Apr 2012
    Posts
    231

    Certifications
    A+, Security+, CCENT, C|EH, GCFE, GCFA, GREM
    #17
    Quote Originally Posted by MrAgent View Post
    Most of it is stuff I felt that people taking this exam should already have a firm grasp on.
    When the OSCP course materials seem easy, remember:

    Reply With Quote Quote  

  19. Senior Member MrAgent's Avatar
    Join Date
    Oct 2010
    Location
    Northern Virginia
    Posts
    1,284

    Certifications
    Sec+, MCP, MCSA 2003, MCTS, MCITP:VA, VCP5, MCSA 2012, MCSE Private Cloud, MCSE Server Infrastructure, C|EHv7, RHCSA, OSCP, GCIH, OSWP
    #18
    Im busy at it right now... doing an nmap scan of all of the available hosts... taking . . . F O R E V E R ! ! ! ! !
    2016 Goals: GCIH, OSWP - DONE!
    My OSCP review http://www.jasonbernier.com/oscp-review/
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Dec 2007
    Location
    Grand Rapids, Michigan
    Posts
    1,868

    Certifications
    Network+ : A+ : Security+ : eJPT : Life+
    #19
    What scan speed did you use to scan the hosts? I'm just curious.
    Booya!!
    ------------------------------------------------------------------------------------------
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
    Reply With Quote Quote  

  21. Senior Member MrAgent's Avatar
    Join Date
    Oct 2010
    Location
    Northern Virginia
    Posts
    1,284

    Certifications
    Sec+, MCP, MCSA 2003, MCTS, MCITP:VA, VCP5, MCSA 2012, MCSE Private Cloud, MCSE Server Infrastructure, C|EHv7, RHCSA, OSCP, GCIH, OSWP
    #20
    I just did the following
    nmap -A -O -iL /root/results.txt

    The results.txt file was from a ping sweep I did of all the responding hosts. I'm wondering if I should have added a -F
    2016 Goals: GCIH, OSWP - DONE!
    My OSCP review http://www.jasonbernier.com/oscp-review/
    Reply With Quote Quote  

  22. 1337sauce
    Join Date
    Jul 2011
    Location
    Ze South
    Posts
    1,539

    Certifications
    BS, Linux+, Security+, LPIC-1, MCSE Server 2012, MCSE Desktop, MCSA Server 2008, MCTS 70-[415,681], MCTS 74-409, VCA-DCV, Novell CLA/DCTS/CNS, HDI CSR
    #21
    Quote Originally Posted by MrAgent View Post
    That was random.
    I just noticed this...somehow it cross-posted what I posted in another thread?! Crazy!
    Reply With Quote Quote  

  23. Senior Member
    Join Date
    Oct 2013
    Location
    Washington DC
    Posts
    498

    Certifications
    OSCP, eMAPT, eWPT, CISSP, GPEN, GWAPT, GCIH, GCIA, GSEC, CEH, CNDA, ECSA, CHFI, Sec+, Net+
    #22
    Quote Originally Posted by MrAgent View Post
    I just did the following
    nmap -A -O -iL /root/results.txt

    The results.txt file was from a ping sweep I did of all the responding hosts. I'm wondering if I should have added a -F

    If anything, I would go the exact opposite direction. Rather than doing a fast scan, I'd throw in '-p 0-65535'. You might want to run a quick scan on a few to get a few services to play with while you are waiting. But you need to be absolutely thorough in those labs.
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Apr 2012
    Posts
    231

    Certifications
    A+, Security+, CCENT, C|EH, GCFE, GCFA, GREM
    #23
    I found that best practice is to scan in blocks. I found different hosts had some interesting effects on scan times, and that when you try to scan large numbers of hosts the scan time will pretty much go to infinity.
    Reply With Quote Quote  

  25. Senior Member MrAgent's Avatar
    Join Date
    Oct 2010
    Location
    Northern Virginia
    Posts
    1,284

    Certifications
    Sec+, MCP, MCSA 2003, MCTS, MCITP:VA, VCP5, MCSA 2012, MCSE Private Cloud, MCSE Server Infrastructure, C|EHv7, RHCSA, OSCP, GCIH, OSWP
    #24
    I ended up doing the following
    nmap -A -O -v -F -il /root/results.txt > nmap_results.txt
    This completed in 463.74 seconds. Not too bad of a scan time for 30 hosts (1 reported down).
    2016 Goals: GCIH, OSWP - DONE!
    My OSCP review http://www.jasonbernier.com/oscp-review/
    Reply With Quote Quote  

  26. Security Advocate MSP-IT's Avatar
    Join Date
    Dec 2012
    Location
    Denver, CO
    Posts
    727

    Certifications
    list index out of range
    #25
    You did this for the entire host range?
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 3 1 23 Last

Social Networking & Bookmarks