+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 39
  1. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    246

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #1

    Default OSCP journey starts 4/29/17, Lets go!

    I was going to sit for the CISA in May but knowing I'll be starting my MS at WGU this fall I decided this may be the only chance I get to take this training (work sponsored) with plenty of free time.

    I've been reading the forums and think I have an idea as to how much time I will need to put in. I signed up for 90 days of lab access. This next month I'll be working on the boxes at vulnhub, reading, reading, and I'll be putting together a binder with commands, tips, and techniques that I learn this next 3.5 weeks.

    Any advice or relevant chat group recommendations are welcomes and appreciated. In a perfect world I'll get this done right before I head to DefCon this summer.
    Reply With Quote Quote  

  2. SS -->
  3. Member
    Join Date
    Mar 2012
    Location
    Houston, TX
    Posts
    98

    Certifications
    CISSP, Net+, Sec+, OSWP
    #2
    Good luck, wish I would have finished this cert. It definitely requires a good amount of time. I signed up for 90 days originally then 30 and another 30. I don't think I had the time to devote to this. I'm still interested in getting it eventually as the subject matter really interests me.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    246

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #3
    Quote Originally Posted by Blade3D View Post
    Good luck, wish I would have finished this cert. It definitely requires a good amount of time. I signed up for 90 days originally then 30 and another 30. I don't think I had the time to devote to this. I'm still interested in getting it eventually as the subject matter really interests me.
    This is something I should have pursued in my late teens and 20's but I was too busy chasing girls and being stupid. I'm fortunate that my fiance works nights and weekends so putting in 30+ hours a week won't be an issue or leave me laden with guilt
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Dec 2015
    Location
    Quebec, Canada
    Posts
    327

    Certifications
    A+, Network+, Linux+, HP APS, VCP 3-4-5-6, VSP,VTSP, SSCP, Veeam VMCE, CISSP (endorsement in progress)
    #4
    You know.. There is a time to chase girls, be stupid and party Also, your certs won't be listed on your tombstone. No one will care that you were MCSA 2016 in 2070
    Reply With Quote Quote  

  6. Member
    Join Date
    Mar 2012
    Location
    Houston, TX
    Posts
    98

    Certifications
    CISSP, Net+, Sec+, OSWP
    #5
    I had just gotten into a relationship about right when I first signed up, which took away from my time so it's good you got that free time to work on it should help a lot. I agree though, I wish I would have pursued this back in college when I had tons of free time.
    Reply With Quote Quote  

  7. Junior Member
    Join Date
    Feb 2017
    Posts
    16
    #6
    @SteveLavoie:Very well said!!!!!!!!
    Reply With Quote Quote  

  8. Member
    Join Date
    Sep 2016
    Location
    London| United Kingdom
    Posts
    65

    Certifications
    CISSP| CEH| CISA| CISM| CGEIT|CRISC|
    #7
    Quote Originally Posted by Blucodex View Post
    I was going to sit for the CISA in May but knowing I'll be starting my MS at WGU this fall I decided this may be the only chance I get to take this training (work sponsored) with plenty of free time.

    I've been reading the forums and think I have an idea as to how much time I will need to put in. I signed up for 90 days of lab access. This next month I'll be working on the boxes at vulnhub, reading, reading, and I'll be putting together a binder with commands, tips, and techniques that I learn this next 3.5 weeks.

    Any advice or relevant chat group recommendations are welcomes and appreciated. In a perfect world I'll get this done right before I head to DefCon this summer.
    Well done you! I am hoping to start sometime this month or early next month if I can sort out the compiling of PwK on VMware Fusion on my MAC OS X!
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Jan 2016
    Location
    King City, CA
    Posts
    380

    Certifications
    A+, Network+, Security+ce, Server+, Project+, MCSA Server 2008, CCENT, CCNA R&S, CEHv8, CHFIv8, CCNA Security
    #8
    Quote Originally Posted by SteveLavoie View Post
    You know.. There is a time to chase girls, be stupid and party Also, your certs won't be listed on your tombstone. No one will care that you were MCSA 2016 in 2070
    This post IMMEDIATELY reminded me about RFC 2468!
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    246

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #9
    Well, tonight is the night. I won't get home until a few hours after my labs start so my plan is to download the PDF and get through the first 5-20 pages. Tomorrow I'll do some heavy reading and we'll see how far I get. I have 90 days of labs so my plan is to enjoy the PDF this week and hit the labs no later than next weekend. But we'll see, very possible I at least jump in for a few hours tomorrow after reading.
    Reply With Quote Quote  

  11. Junior Member
    Join Date
    Apr 2017
    Posts
    7

    Certifications
    CCNA, NSE4, ZCSE, CyberArk PAS
    #10
    Good Luck Blu ! Keep us posted ...
    Quote Originally Posted by Blucodex View Post
    Well, tonight is the night. I won't get home until a few hours after my labs start so my plan is to download the PDF and get through the first 5-20 pages. Tomorrow I'll do some heavy reading and we'll see how far I get. I have 90 days of labs so my plan is to enjoy the PDF this week and hit the labs no later than next weekend. But we'll see, very possible I at least jump in for a few hours tomorrow after reading.
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    246

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #11
    Didn't do a whole lot today. Got setup and read about 40 pages of the PDF. Started enumerating the lab network. Decided to work a little on Alice and Ralph before deciding to focus on Alice since it sounds like it's the easiest and the lowest hanging fruit. I don't want to use Metasploit until I've manually cracked Alice if possible. Did a lot of reading about about vulnerabilities relating to Alice but didn't dive too deep.

    Looking forward to tomorrow when I can sit down with a large block of time to try and crack Alice.
    Reply With Quote Quote  

  13. Member
    Join Date
    Nov 2016
    Location
    Iowa
    Posts
    67

    Certifications
    OSCP, CISSP, Sec+
    #12
    Don't get too hung up on doing a machine manually or with MSF or something. Sometimes the fates will conspire against you, and your assumptions may prove wrong.

    Good luck, and have fun learning!!
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    246

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #13
    I was able to grab the proof.txt file from Alice. Am I correct to assume that once you have access to the System32 directory from CMD you have the system account?

    Learned a lot today through the lab manual and my own research. I feel like there is still so much to do with this box that I want to try out. So I'm going to try and accomplish a few more things before I call it a night. I still don't know if I've gotten shell access since this is all new to me but I did change the local Admin password. Haven't done anything with it yet though.

    Edit: I was able to verify I'm operating as the systemprofile.
    Last edited by Blucodex; 05-02-2017 at 03:49 AM.
    Reply With Quote Quote  

  15. Member
    Join Date
    Mar 2017
    Location
    India
    Posts
    46

    Certifications
    OSCP
    #14
    Quote Originally Posted by Blucodex View Post
    I was able to grab the proof.txt file from Alice. Am I correct to assume that once you have access to the System32 directory from CMD you have the system account?

    Learned a lot today through the lab manual and my own research. I feel like there is still so much to do with this box that I want to try out. So I'm going to try and accomplish a few more things before I call it a night. I still don't know if I've gotten shell access since this is all new to me but I did change the local Admin password. Haven't done anything with it yet though.

    Edit: I was able to verify I'm operating as the systemprofile.
    In case of windows, if the user you are logged in/having a shell is a member of either Administrators or System then it is fine I guess and in case of linux you must be root. Beware that in some cases you may be able to grab the proof.txt file without being a root or system user and that is not taken into consideration.
    Reply With Quote Quote  

  16. Passion For IT
    Join Date
    Mar 2008
    Posts
    594

    Certifications
    MCTS, MCITP, MCP, A+, Server+, Security+, Project+, CCENT, CCNA-Sec, CEH, CHFI
    #15
    Quote Originally Posted by SteveLavoie View Post
    You know.. There is a time to chase girls, be stupid and party Also, your certs won't be listed on your tombstone. No one will care that you were MCSA 2016 in 2070
    I thought it was always time to chase girls, be stupid and party... Unless it's 9pm, then it's bedtime.

    No one will care about my MCSA or any other cert I've earned. I do, though. That's why I do things. For me. My tombstone will read - "Game Over, man!"... that, and "Excellent father and husband, here lies Dustin Harper, MCSA, CCNA, CISSP, CEH, A+, Net+, Some CIW BS, and donut connoisseur."

    Good luck! I hope to conquer it when work pays for it and for a personal goal.
    A few certs here and there and everywhere...
    AAS: Computer Security
    BS: Information Technology - Security (WGU)
    MS: Information Security & Assurance (WGU)
    Reply With Quote Quote  

  17. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    246

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #16
    Quote Originally Posted by saraguru View Post
    In case of windows, if the user you are logged in/having a shell is a member of either Administrators or System then it is fine I guess and in case of linux you must be root. Beware that in some cases you may be able to grab the proof.txt file without being a root or system user and that is not taken into consideration.
    I'm not sure how discreet is enough so I don't want to give too much away. I probably spent 30 minutes searching for answers before I felt confident I was able to verify I had the most privileged shell access.

    And I will agree on your statement about the proof files. Simply grabbing them does not mean you have highest privilege.
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    246

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #17
    It's been a slow journey so far. After popping Alice the first day I did some lab enumeration but did not attempt any more boxes. I went and did the entire PDF. I haven't dedicated enough time to this and have been pretty busy but I did manage to finish the lab material this week and last night I got to work on another low hanging fruit in Barry.

    I should have had this box last night. I made a mistake and didn't do one small thing. The funny part is I thought to myself last night "don't I need to do _____ ?" but I ignored my gut and ended up spending a few hours chasing other avenues.

    Tonight I reverted the machine and started over. Boom, had root and proof.txt very easily.

    On to more boxes!
    Reply With Quote Quote  

  19. Junior Member
    Join Date
    Feb 2017
    Posts
    10
    #18
    Glad to see an update after the first 30 days! We've got roughly 6 weeks til defcon! Now that you're done with the coursework and on to the lab, how would you manage your ~30 days of prep time in between paying and receiving the materials? I'm currently in that time window and am trying to prepare as efficiently as possible... I know this is vague and the answer probably differs person to person. But what were the most invaluable things you found helped you get ready?
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    246

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #19
    Quote Originally Posted by oscp View Post
    Glad to see an update after the first 30 days! We've got roughly 6 weeks til defcon! Now that you're done with the coursework and on to the lab, how would you manage your ~30 days of prep time in between paying and receiving the materials? I'm currently in that time window and am trying to prepare as efficiently as possible... I know this is vague and the answer probably differs person to person. But what were the most invaluable things you found helped you get ready?
    Well, I just really jumped in. For anyone without pen-test experience I would say that knowing the tools, learning how to enumerate, and practicing CTF's is a great way. Once you have the PWK materials I would say make sure to do both the labs and videos. There is a lot of good stuff in there that will help shape the way you do self research on exploits.
    Reply With Quote Quote  

  21. Member
    Join Date
    Nov 2016
    Location
    Iowa
    Posts
    67

    Certifications
    OSCP, CISSP, Sec+
    #20
    There have never been more ways to prepare for this course this year than at any other time. Between hack labs, CTFs, vulnhubs, other reviews and prep blog posts, and online courses...there's an absolute ton of resources today.
    Reply With Quote Quote  

  22. Junior Member
    Join Date
    Feb 2017
    Posts
    10
    #21
    Quote Originally Posted by LonerVamp View Post
    There have never been more ways to prepare for this course this year than at any other time. Between hack labs, CTFs, vulnhubs, other reviews and prep blog posts, and online courses...there's an absolute ton of resources today.
    Agreed. My problem is really sifting through it all and figuring out what is worth using. There is way too much content and a lot of it is ehhhh. This is naturally a time sink so I'm trying to use my time as efficiently as possible. I'd rather use fewer resources that are thorough rather than collecting knowledge in a million fragments off different hacker blogs. Obviously that is an important data source but for learning the basics, there's got to be a few well written books or something, no?

    I wanted his perspective as I'm in a similar boat. I'm well aware of all the vulnhubs and hacklabs but I'm more concerned with materials like books and webpages that focus on teaching workflow, methodology, and underlying concepts of things, etc. I can read man pages of tools and vague blog posts all day long and attempt to practice in all the convenient ways out there. But trying to develop my own methodology from scratch is feeling really slow.

    It's quite possible this is just the stage I'm at and with enough sifting and practice all the pieces will feel a little more together and the process won't feel so confusing and abstract...

    Or maybe I'm just slow, and people in daily life are nice enough to not mention I'm an idiot
    Reply With Quote Quote  

  23. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,357

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #22
    Quote Originally Posted by oscp View Post
    there's got to be a few well written books or something, no?
    Georgia Weidman's book Penetration Testing: A Hands-On Introduction to Hacking is pretty much the de facto book on overall pentesting, especially for newbies.
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, BSBA - University of Florida, MSISA - WGU
    Currently Working On: MS Cybersecurity, Learning Python
    Next Up:​ None
    Reading:​ Python Crash Course
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    246

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #23
    Quote Originally Posted by oscp View Post
    Agreed. My problem is really sifting through it all and figuring out what is worth using. There is way too much content and a lot of it is ehhhh. This is naturally a time sink so I'm trying to use my time as efficiently as possible. I'd rather use fewer resources that are thorough rather than collecting knowledge in a million fragments off different hacker blogs. Obviously that is an important data source but for learning the basics, there's got to be a few well written books or something, no?

    I wanted his perspective as I'm in a similar boat. I'm well aware of all the vulnhubs and hacklabs but I'm more concerned with materials like books and webpages that focus on teaching workflow, methodology, and underlying concepts of things, etc. I can read man pages of tools and vague blog posts all day long and attempt to practice in all the convenient ways out there. But trying to develop my own methodology from scratch is feeling really slow.

    It's quite possible this is just the stage I'm at and with enough sifting and practice all the pieces will feel a little more together and the process won't feel so confusing and abstract...

    Or maybe I'm just slow, and people in daily life are nice enough to not mention I'm an idiot
    You just have to put in the time brother. I feel like no time is wasted because you often learn more from your mistakes and I am finding that I am learning a lot just while searching for exploits even when they end up not being applicable. You may find some answers to later findings.
    Reply With Quote Quote  

  25. Member
    Join Date
    Nov 2016
    Location
    Iowa
    Posts
    67

    Certifications
    OSCP, CISSP, Sec+
    #24
    Quote Originally Posted by oscp View Post
    Agreed. My problem is really sifting through it all and figuring out what is worth using. There is way too much content and a lot of it is ehhhh. This is naturally a time sink so I'm trying to use my time as efficiently as possible. I'd rather use fewer resources that are thorough rather than collecting knowledge in a million fragments off different hacker blogs. Obviously that is an important data source but for learning the basics, there's got to be a few well written books or something, no? I wanted his perspective as I'm in a similar boat. I'm well aware of all the vulnhubs and hacklabs but I'm more concerned with materials like books and webpages that focus on teaching workflow, methodology, and underlying concepts of things, etc. I can read man pages of tools and vague blog posts all day long and attempt to practice in all the convenient ways out there. But trying to develop my own methodology from scratch is feeling really slow. It's quite possible this is just the stage I'm at and with enough sifting and practice all the pieces will feel a little more together and the process won't feel so confusing and abstract... Or maybe I'm just slow, and people in daily life are nice enough to not mention I'm an idiot
    What works for one person will be trash for another (take Georgia's speaking voice on her cybrary Advanced Penetration Testing course, for example). There are books that will work just fine, but keep in mind that it only takes about 2-3 years before they start getting dated and become...problematic...to accurately 1-to-1 follow their examples. Books like Wiedman's Penetration Testing or the Hacker's Playbook 2 are good resources as they touch on high level methodology, but also specific tools and techniques. Nothing amazing, nothing crazy, but enough to make the PWK/OSCP courseware less of a jarring firehose of information. After that, you'll just have to try and distill all of the resources you unearth. If something gets really specific, you probably can skip it in favor of more high-level courses or resources. Try to piece together some of the major spheres people say you should know: general LAN networking and tcp/udp protocol/ports, basic Linux and Windows sys administration, basic Kali Linux operation, a little bit of bash scripting and python fundamentals, and some exposure to security concepts and terms, particularly at a network, system, application, or OS level. Having seen web server administration and hosting of simple php web sites helps as well. Do you need to be expert in any of these? Probably not, but you should know the very basics to operate and move around as you read other resources or the courseware. But make no mistake. Pen testing moves as quickly as IT, if not seemingly quicker since we also need to know how to abuse the brand new stuff in addition to using it. This means that as you move your knowledge up the needle of history closer to present day, your sources of information are going to be blog posts and con talks recorded to YouTube and broken conversations in Twitter or Slack.
    Reply With Quote Quote  

  26. Member Hornswoggler's Avatar
    Join Date
    Jun 2017
    Posts
    56

    Certifications
    A+, MCSE NT 4.0, CCNA, MCSE Win2k, CISSP, GCIH, CCSK, GPEN, OSCP
    #25
    Quote Originally Posted by oscp View Post
    Agreed. My problem is really sifting through it all and figuring out what is worth using. There is way too much content and a lot of it is ehhhh. This is naturally a time sink so I'm trying to use my time as efficiently as possible. I'd rather use fewer resources that are thorough rather than collecting knowledge in a million fragments off different hacker blogs. Obviously that is an important data source but for learning the basics, there's got to be a few well written books or something, no?

    I wanted his perspective as I'm in a similar boat. I'm well aware of all the vulnhubs and hacklabs but I'm more concerned with materials like books and webpages that focus on teaching workflow, methodology, and underlying concepts of things, etc. I can read man pages of tools and vague blog posts all day long and attempt to practice in all the convenient ways out there. But trying to develop my own methodology from scratch is feeling really slow.
    You bring up some excellent points!

    I see some people get so wrapped up in the hacking (the fun stuff!!), they don't put the same focus or discipline into the business and soft skills to run a good pentest program. I spent way more time creating meetings, scope documents, reporting, etc. than I do on a terminal. It certainly takes structure and discipline to manage the supporting tasks.

    It's not for every budget but the SANS SEC560/GPEN sounds like a perfect fit for your needs. Ed Skoudis is excellent at taking these complex topics (both business and technical) and making them very, very easy to follow. You aren't just thrown into the deep end. I too would like to go after the OSCP someday, but I would just as much benefit from a Visio or PowerPoint class, lol. All good stuff and glad to see a post thinking about methodology and workflows!
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks