+ Reply to Thread
Page 1 of 3 1 23 Last
Results 1 to 25 of 57
  1. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #1

    Default OSCP - aka: Running head first into a brick wall - a journey

    TLDR: I will post updates on my progress. Each update will include a section of "quicktips" to help other students. Also, I will include progress updates as well -- This is all so that I can help pass along information.


    --------------------------------
    I will be starting my OSCP journey in mid October.

    I am very excited as this has been a goal of mine for many years now. I have been following the offsec guys for a long time as I have used Kali quite a bit! I remember when Kali was sort of an obscure distro ....

    To add to the pressure: I am also actively enrolled in the Cisco CyberOps course in cohort 4 ..... You know because I love running head first into a brick wall ...

    I plan on posting my progress, resources, and frustration here. I know there are quite a few people that follow these threads to help them prepare. I did a CEH post as well, and I like that I can help people even if in a small way. - although I am enrolled in both the Cisco course and the OSCP, this thread will be focused on OSCP.

    Some background:
    I have quite a few years in "IT" (10+) in many areas. Currently I am the equivalent of a solutions architect. Security is not new to me, however it is not my primary job role. I really started cramming it in when I took my CEH last year, but I am a bit rusty ... Time to shake that rust off.

    I am self taught in most everything I know as I did not go to school. I learn best by jumping in ... I don't scare away easily

    Motivation:
    This is mostly a personal goal as I don't have a strong desire to jump into a strict red team role right away. This to me is one of the crowning achievements in my certification path. Even though I am not going to immediately shift to pentesting, my current position will benefit greatly from the knowledge I'll gain which is why they are sponsoring me. Many of our customers rely on us for security recommendations

    Personal Challenges:
    Even though my employer is sponsoring me, this in no way makes the my day job any easier or time consuming. So I will be cramming this in along with my day job, with the Cisco Cyber course, family time (I have children). 2 up coming vacations, and just general life stuff. I am confident I can do it. And I want to do it to prove it to those on here that it can be done even with a busy schedule.

    Stay tuned for updates. I plan on posting some "prep" material
    Last edited by BuzzSaw; 10-25-2017 at 04:01 PM.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #2
    My start date is 14 OCT! Stay Tuned
    Reply With Quote Quote  

  4. Junior Member Registered Member
    Join Date
    Sep 2017
    Posts
    20
    #3
    Good luck. I'll be following.
    Reply With Quote Quote  

  5. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #4
    I got through all of the registration process yesterday.

    This weekend, I am spending some time doing some light reading, and follow up on a lot of the materials i used when going through my CEH prep.
    Reply With Quote Quote  

  6. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #5
    Pre-Start WEEK
    The clock is ticking until my start date. I have been using this time to do a few things:
    1. Continue working on my Cisco CCNA studies
    2. Brush up on notes and books used for the CEH
    3. Begin building my own system of building a "database" of resources for quick finding
    4. Talking to other students on the IRC #offsec channel
    Last edited by BuzzSaw; 10-23-2017 at 04:09 PM.
    Reply With Quote Quote  

  7. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #6
    WEEK 1

    I got my materials last week. I must say the materials are pretty good. The Videos are well done, and the PDF is easy to ready without a lot of needless words like many other books. The author does a good job at getting to the point of things

    My study was a bit slow this past week as I was doing some traveling which really cut into my productivity. I am still reading through the materials and watching the videos. I plan on getting through the rest of the materials and videos in the next couple days

    Quick tips:
    1. You really should know networking before you get going on this stuff. They do a good job at breaking the ice on other stuff, but if you don't know subnetting, how ports work, TCP, and IP, etc ... it's gonna be tough on you. I have a very firm grasps on these things, but I could see how someone could be overwhelmed just from the first chapter ...
    2. Make sure you are taking good notes. It just helps down the road.
    3. Some scans will take a long time! These are best executed while you are sleeping



    Material:
    I am about half way through the Material

    Lab:
    I have started to assemble a road map of the systems in the lab with some basic sweep, scans, and the like.

    Oh I also got a kick ass new laptop sticker! It added l33t hax0r skillz instantly
    Last edited by BuzzSaw; 10-23-2017 at 04:10 PM.
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Dec 2007
    Location
    Grand Rapids, Michigan
    Posts
    1,872

    Certifications
    Network+ : A+ : Security+ : eJPT : Life+
    #7
    Could you show us the sticker?
    Booya!!
    ------------------------------------------------------------------------------------------
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
    Reply With Quote Quote  

  9. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #8
    Week Two - Start of the week

    I got a lot of studying done last night. Being that I mostly was reading up until this point ... I was able to power through the exercises that I had to skip over due to my schedule last week. I learned quite a few new tips and tricks that I didn't know before, and that's always a good feeling. I'm caught up on reading, watching, and exercise reporting. Now, I am about to drive into Buffer Overflows -- which will be challenging I imagine as I have limited experience with these

    Quick Tips:
    - DO THE EXERCISES ... you will learn so much more - Even the ones that seem like they would be way to easy to be any sort of fun ...
    - Some Lab exercises will not be as black and white as they appear. I had to modify a few things to get a couple exercises to work.
    - From time to time Snapshot your Kali box. I've already had to revert it a couple times due to OpenVAS issues
    - Keep good notes. Alot of studying for me is done late at night. In the morning I review all the notes I took the night before, and it helps me not lose information to sleep deprivation
    - If you are using keepnote, or the something like that, just take a quick backup of those note files from time to time!

    Materials:
    Buffer overflows ... here I come

    Lab:
    I gave myself a strict(ish) rule that I wouldn't "attack" the labs until I got through my material. But I have already found 3 VM's that I could pop easily with exploits I've actually exploited before in other labs.

    Rooted: 0 (not yet started)
    Reply With Quote Quote  

  10. Junior Member dr_fsmo's Avatar
    Join Date
    Oct 2017
    Location
    Michigan
    Posts
    13

    Certifications
    A+, Security +, MCSA/MCSE, MCTS, CNA
    #9
    I plan to start in November or December when work lets up a bit. I am trying to pre-study. How many days did you sign up for?
    Reply With Quote Quote  

  11. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #10
    Quote Originally Posted by dr_fsmo View Post
    I plan to start in November or December when work lets up a bit. I am trying to pre-study. How many days did you sign up for?
    I am enrolled for 60 days mostly because I'm not entirely new to the concepts in the course. That and, that about all I could get for training cost coverage - I'll pay out of pocket if I need additional time

    As for pre-study: It will sound corny, but check out Cybrary. Georgia W has a good pentesting course. Also, The Hacker Playbook 2. If you can watch that and practice some of those skills, then you will be off to a good start. Also, make sure you know networking pretty well. An in-depth primer (sort of an oxymoron) would be a good starter. Something that covers subnets, ports, OSI, three way handshake, etc - You don't need to be an CCIE here ... but a good understanding of basics will help
    Reply With Quote Quote  

  12. Junior Member dr_fsmo's Avatar
    Join Date
    Oct 2017
    Location
    Michigan
    Posts
    13

    Certifications
    A+, Security +, MCSA/MCSE, MCTS, CNA
    #11
    Are you in any of the study groups on discord or slack? I have started Georgia's book and Cybary series as well.
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Dec 2007
    Location
    Grand Rapids, Michigan
    Posts
    1,872

    Certifications
    Network+ : A+ : Security+ : eJPT : Life+
    #12
    Good luck on the buffer overflow stuff! I'm having the hardest time with that on the eCPPT stuff.
    Booya!!
    ------------------------------------------------------------------------------------------
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
    Reply With Quote Quote  

  14. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #13
    Quote Originally Posted by dr_fsmo View Post
    Are you in any of the study groups on discord or slack? I have started Georgia's book and Cybary series as well.
    No I'm not. I wasn't aware that there were study groups. I think both of those require invite.
    Reply With Quote Quote  

  15. Junior Member dr_fsmo's Avatar
    Join Date
    Oct 2017
    Location
    Michigan
    Posts
    13

    Certifications
    A+, Security +, MCSA/MCSE, MCTS, CNA
    #14
    There is a study group in slack and one in discord. I hope to obtain an invite with more time in the forums here.
    Reply With Quote Quote  

  16. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #15
    Quick Update:

    Working on BoF

    Buffer Overflows are (according to other Blogs) a big part of the lab, and ultimately the exam. It seems that passing the exam with a weak understanding of Overflows is possible, it's better to have a firm understanding.

    As such, I have built a Buffer Overflow lab to practice various things. Admittedly it took me a little longer that I would have liked to get it fully setup, but essentially you can setup the same lab with a Windows 7 machine (SP1 works best), Immunity Debugger, and a box such as Kali. -- I was working on this lab very late at night, and couldnt figure out why C++ redist wouldn't install only to find out I wasn't running SP1 (... dumb)

    If you are struggling with Buffer Overflows, you should check out the following https://github.com/justinsteven/dost...eroverflowgood
    Also a good blog entry from vortex: https://www.vortex.id.au/2017/05/pwk...flow-practice/

    Quicktips:
    - Don't be scared of Buffer Overflows. It's execution is very tedious, but the understanding of what is happening can be understood pretty quickly
    - Realize that Buffer Overflows are actually a bit more common that you'd realize. If you can understand these, you will begin to understand a lot of the inner working for exploits.
    - Take time to read other materials on BoF.
    - Take time to build a lab

    Materials:
    I just wrapped up the Overflow sections and have put the material on hold until I have a better grasp as a whole. I am spending the next few days working on my own lab for Overflows.
    Last edited by BuzzSaw; 10-25-2017 at 04:09 PM.
    Reply With Quote Quote  

  17. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #16
    Redacted
    Last edited by BuzzSaw; 11-16-2017 at 07:10 PM.
    Reply With Quote Quote  

  18. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #17
    Week Three (sort ... Week two)
    REDACTED
    Root: None (haven't started)
    Last edited by BuzzSaw; 11-16-2017 at 07:10 PM.
    Reply With Quote Quote  

  19. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #18
    Redacted
    Last edited by BuzzSaw; 11-16-2017 at 06:45 PM.
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Feb 2017
    Posts
    111
    #19
    Good progress and good tips. I should probably do a bit more on gcc as I was getting really really frustrated that almost every exploit had huge errors when trying to compile.

    What machines did you get route on?

    Try out he minishare buffer overflow exploit. It's a really nice one and I found it satisfying to replicate on my own Windows XP lab machine.

    Im at the point now where I feel I've learned everything obvious from the text books. My issue is now execution. Realising what fits where.

    Im still mystified by SMB services and to some extent SNMP. I can enumerate them but not sure if I should be doing more with it.
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  21. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #20
    Redacted
    Last edited by BuzzSaw; 11-16-2017 at 06:45 PM.
    Reply With Quote Quote  

  22. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #21
    Redacted
    Last edited by BuzzSaw; 11-16-2017 at 06:45 PM.
    Reply With Quote Quote  

  23. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #22
    Update:

    Redacted

    rooted: 3
    Last edited by BuzzSaw; 11-16-2017 at 07:10 PM.
    Reply With Quote Quote  

  24. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #23
    Redacted
    Last edited by BuzzSaw; 11-16-2017 at 06:45 PM.
    Reply With Quote Quote  

  25. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #24
    UPDATE:

    Redacted

    ROOTED: 7
    Last edited by BuzzSaw; 11-16-2017 at 06:45 PM.
    Reply With Quote Quote  

  26. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    242

    Certifications
    CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #25
    URedacted

    Rooted: 7
    Last edited by BuzzSaw; 11-16-2017 at 06:45 PM.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 3 1 23 Last

Social Networking & Bookmarks