+ Reply to Thread
Page 5 of 7 First 12345 67 Last
Results 101 to 125 of 156
  1. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    407

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #101
    Quote Originally Posted by CyberCop123 View Post
    Having a complete nightmare!

    My plan was always to submit the Lab report but NOT exercises. I wrongly believed that there were 5 points on offer for each, and so I would get only 5 points for one of the reports and miss the other.

    However, I stupidly didn't check that and I've discovered that it's actually 5 points for BOTH. Meaning if you only submit one then you obviously don't get any extra points.

    To make things worse, I also noticed that in each final screenshot on the lab report where you show you have full root access, you MUST include ipconfig or ifconfig to show the IP of the machine. I haven't done that, all I've got is hostname to show what machine I'm one.

    That means I will have to re-hack the 10 machines - not too hard but just annoying and will take an hour or two. I will also have to now document all the exercises which I'm now starting.

    ...

    Typical me, never doing things the easy or sensible way!
    Haha, at least you noticed it now and not when you were in the middle of your 24 hour time frame to submit your report. I had my lab write up and exercises all ready to go before I started the exam like you're doing and to me it was a huge relief to have all of it done before hand. Also the 5 points total for the lab report and exercises is a recent change, it used to be 5 points each for a total of 10 points possible.

    I also have a similar story to yours, I submitted my exam report and was reading over it for the 1000th time and noticed that the word processing program I used had actually mushed some of my screenshots together. Not a big deal in most areas, but as I was looking it over, I noticed that it had cut the ipconfig out of one of my screenshots. I almost had a heart attack when I saw that LOL Luckily Offsec was kind enough to let me fix it and resubmit my report (This was within the 24 hour timeframe).
    Reply With Quote Quote  

  2. SS
  3. Senior Member
    Join Date
    Feb 2017
    Posts
    214
    #102
    Quote Originally Posted by McxRisley View Post
    Haha, at least you noticed it now and not when you were in the middle of your 24 hour time frame to submit your report. I had my lab write up and exercises all ready to go before I started the exam like you're doing and to me it was a huge relief to have all of it done before hand. Also the 5 points total for the lab report and exercises is a recent change, it used to be 5 points each for a total of 10 points possible.

    I also have a similar story to yours, I submitted my exam report and was reading over it for the 1000th time and noticed that the word processing program I used had actually mushed some of my screenshots together. Not a big deal in most areas, but as I was looking it over, I noticed that it had cut the ipconfig out of one of my screenshots. I almost had a heart attack when I saw that LOL Luckily Offsec was kind enough to let me fix it and resubmit my report (This was within the 24 hour timeframe).
    Very true, glad I noticed now and also glad I read through some of the guidelines at this point and not later on! Yea, I think you're right, I'm positive I read it was 5 points for each, total of 10. That was why I had always just thought I wouldn't do the exercises.

    To be honest I'm still very tempted to just waive the 5 points. I've been working for about 3 hours on the exercises and I'm not even half way. Some of them are very time consuming and quite abstract. Like there's no right answer, it's just "Try these password attacks on the lab machines".

    Wow, you must have gone mad when you realised your mistake! Glad that it all worked out, would have been terrible had they not allowed you to correct it.
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress - Exam on 20th December

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  4. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    407

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #103
    Ya I about lost my mind lol But my advice would be to do the exercises and lab report. You don't want to join the numerous people who have failed by only 5 points.... Just my 2 cents.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Feb 2017
    Posts
    214
    #104
    Quote Originally Posted by McxRisley View Post
    Ya I about lost my mind lol But my advice would be to do the exercises and lab report. You don't want to join the numerous people who have failed by only 5 points.... Just my 2 cents.
    Yea I think you're right. I'd rather know from minute 1 that I'm already 5 points up. I'm also learning 1-2 new things, and remembering things I could probably do in the labs. SO it's all good.

    I've stopped for the day. Managed to do a lot today:

    - Written up all exercises up to Buffer Overflows (I want to write up a guide for myself on these, so will do that whilst doing the exercises) - hopefully will result in an easyish 25 points in the exam

    - Also managed to re-hack 6 of the lab machines to get the ipconfig and ifconfig screenshots.

    ...

    I'm a bit fried now. Spent about 6 hours on this today and not even half way.

    As stated I have 14 days till the exam, so I don't have to go mad with this and can spread it out over the next week or so.
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress - Exam on 20th December

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Feb 2017
    Posts
    214
    #105
    WEEK 15 - UPDATE


    I did another 4 hours today writing up the exercises. In contrast to the last two days I actually really enjoyed it today and it helped me loads. I did about 4-5 hours on buffer overflows which included writing the whole process up into a neat guide.

    I think it's actually quite beneficial having to return now. In week one you don't really fully understand it all. I was copying it all down and trying it out but with no experience it didn't mean that much.

    Hopefully by Monday I can have the entire exercise report finished. I will also add 3-4 new machines to my lab report just in case there's any cross overs or issues.

    If I do all this then I will have about 8-9 days before the exam. I will probably concentrate only on Sufferance as it would be nice to get that rooted. I'd also love to get access to the other networks.
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress - Exam on 20th December

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Feb 2017
    Posts
    214
    #106
    WEEK 15 - UPDATE

    Another 4 hours yesterday and 8 hours today on excercises. Mostly enjoyable but quite a bit frustrating. My exercise report is now 83 pages... my lab report is 97 pages.

    The excercises are mostly excellent, however a few are infuriating. Things like "look in the lab and locate sqlmap vulnerabilities". Totally abstract, dependant on so so many things. It's very annoying and I feel that Offsect honestly need to remove this ridiculous excercise.

    As proof of this, I have breached ALL public network machines other than two and I'm still struggling to complete this excercise. It's one of those where you may find that issue, but I may find another way, it doesn't make me or you wrong, it's just the way it is.

    Very annoying...

    Anyway, abuot another 3-4 chapters left which should be done tomorrow i hope. I'm all on track now for the exam. I should have my lab report complete AND my exercises.

    I'm hoping that before my exam, I will have a document all laid out. As in ready and waiting for the exam and for each exercise. I'm determined now to pass, first time I hope.

    I said before I stupidly didn't do exercises before, but honestly I feel I'm better off now. I'm now screenshotting every 2 minutes as most exercises are easy due to my experience. That means that I am used to screenshoting (good for exam). It's also good for confidence as I'm finding it all very easy due to battling with it all "in real life".
    Last edited by CyberCop123; 12-31-2017 at 08:35 PM.
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress - Exam on 20th December

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Feb 2017
    Posts
    214
    #107
    WEEK 16 - UPDATE

    Exercises very nearly finished, about 3-4 left. Very very tedious going over them so late into the course... anyone reading this, let this be a lesson to you NOT to leave it like I did. It's also clear that most of the later exercises are geared up to guide you to towards finding exploits on the lab machines. Ultimately this can save you time in the long run.

    Exam is in just 8 days and honestly I can not wait to do it, pass or fail I just want to give it a go now. It's unlikely I will do any more lab work up until the exam. I hope to have 1-2 days before exam of just doing nothing and relaxing a bit.
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress - Exam on 20th December

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  9. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,669

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CCSK, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security, MSISA, BSBA
    #108
    Good luck CyberCop!!
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CCSK, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: eJPT, Learning: Linux/CLI, Git, Python, Pentesting
    Next Up:​ eJPT, eCPPTv2, OSCP
    Studying:​ Code Academy (CLI, Git, Python), eLearnSecurity PTSv3
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    365

    Certifications
    CISSP, C|EH, C|HFI, CCNA Cyber Ops, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #109
    You're going to kill it. Definitely learned a few things reading your writeup.
    Reply With Quote Quote  

  11. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    742

    Certifications
    OSCP, CEH, eJPT, CompTIA CSA+, CompTIA Security+, CompTIA Network+
    #110
    I agree on the exercises. I feel that a few of them should be "Documentation of this step not required" as there are a few that seem to be fluff questions. A lot of the exercises are good though. I know the buffer overflow was by far my favorite.

    Also, you probably did read correctly regarding the bonus points. They use to award points for both but recently changed it.
    2018 Certification Goals: OSCE
    Blog: https://hackfox.net
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Feb 2017
    Posts
    214
    #111
    Quote Originally Posted by JoJoCal19 View Post
    Good luck CyberCop!!
    Thank you!


    Quote Originally Posted by Blucodex View Post
    You're going to kill it. Definitely learned a few things reading your writeup.
    That's great to hear, I really enjoyed other people's blogs and felt better knowing they were feeling stressed, frustrated etc.... so I wasn't alone in that. It's also nice to see that some struggled with certain machines. Thanks for the post!


    Quote Originally Posted by Mooseboost View Post
    I agree on the exercises. I feel that a few of them should be "Documentation of this step not required" as there are a few that seem to be fluff questions. A lot of the exercises are good though. I know the buffer overflow was by far my favorite.


    Also, you probably did read correctly regarding the bonus points. They use to award points for both but recently changed it.
    Darn it... need all the points I can get!

    Thanks for the post, I really enjoyed the Overflows too, I learned lots by doing the exercises, and repairing some of the code. Also enjoyed doing some of the Ruby stuff at the end too.
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress - Exam on 20th December

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Feb 2017
    Posts
    214
    #112
    WEEK 16 - UPDATE

    So pleased to say I've finally finished the entire lab report and exercises. They are now within one PDF and the total length is 237 pages - not sure how I will email this as it's quite a big file.

    The exercises - as previously stated - are amazing and if you listen to ANYTHING I say, then let it be this do the exercises. This is for three reasons:

    1) it's worth points, and also it's easier to write them up as you start the course.

    2) Also it's an amazing, fantastic, priceless document that you can refer to in years to come as techniques, tools, syntax, vectors, methods are all documented. Not in scrappy notes, or in half-written text, but in actual write-ups. It's invaluable.

    3) I stupidly realised as the exercises went through that they actually signpost many of the vulnerabilities, and ways to start off in the labs. E.g. they will say, scan for these exploits... and gather up all the Netbios names and there operating systems.

    I've actually got a lot from the exercises doing them this late in the day. It's really cemented some of my knowledge and made me think of new things I hadn't previously.

    My exam is now is in 5 days time. Can not wait as I just want to start it and try my best at passing. It's caused a lot of anxiety for me... I don't mind not passing 1st or 2nd time but my real concern is never getting over the line and getting the OSCP. Whatever the case, will give it my best shot anyway!

    Thanks for reading.
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress - Exam on 20th December

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Feb 2017
    Posts
    214
    #113
    Managed to use pivoting techniques in order to gain access to the Development network.

    Managed to fully root TIMECLOCK. My first machine outside of the Public network (other than SEAN).


    Rooted (37): Alice, Alpha, Barry, Beta, Bethany, Bob, Core, DJ, Dotty, FC4, Gamma, Gh0st, Helpdesk, Hotline, Humble, Kevin, JD, Jeff, Joe, Kraken, Lefturn, Mail, Master, Mike, Niky, Observer, Oracle, Pain, Payday, Pheonix, Ralph, Sean, Sherlock, Slave, Susie, Timeclock, Tophat
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress - Exam on 20th December

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    365

    Certifications
    CISSP, C|EH, C|HFI, CCNA Cyber Ops, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #114
    Quote Originally Posted by CyberCop123 View Post
    Managed to use pivoting techniques in order to gain access to the Development network.

    Managed to fully root TIMECLOCK. My first machine outside of the Public network (other than SEAN).


    Rooted (37): Alice, Alpha, Barry, Beta, Bethany, Bob, Core, DJ, Dotty, FC4, Gamma, Gh0st, Helpdesk, Hotline, Humble, Kevin, JD, Jeff, Joe, Kraken, Lefturn, Mail, Master, Mike, Niky, Observer, Oracle, Pain, Payday, Pheonix, Ralph, Sean, Sherlock, Slave, Susie, Timeclock, Tophat
    Looking forward to reading about your exam experience.
    Reply With Quote Quote  

  16. Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    3
    #115
    Did you upgrade the PWK Kali build Offsec recommends? Or did you keep it static?
    Reply With Quote Quote  

  17. Senior Member --chris--'s Avatar
    Join Date
    Jul 2013
    Location
    Metro Detroit
    Posts
    1,470

    Certifications
    ITIL F, C|EH
    #116
    I get the warm and fuzzys reading your progress, I have a feeling if you carry this work ethic into the exam you will do well.


    Reply With Quote Quote  

  18. Junior Member Registered Member
    Join Date
    Mar 2017
    Location
    US Expat (Germany)
    Posts
    3

    Certifications
    CISSP, C|EH, C|HFI, CCENT, CCNA R&S, CCNA Security, Linux+, Security+, CSA+, CASP, ITIL-F
    #117
    CyberCop -

    Thank you for this fantastic thread detailing your OSCP journey. I've been wanting to do the OSCP for a while now, as pentesting has always fascinated me. Reading over this thread really lit a fire inside me, and I pulled the trigger and signed up for the course and lab access ... yesterday was my start date!

    Good luck on your exam!
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    Feb 2017
    Posts
    214
    #118
    Quote Originally Posted by Blucodex View Post
    Looking forward to reading about your exam experience.

    Thank you! Hopefully it's good updates I will be posting!


    Quote Originally Posted by --chris-- View Post
    I get the warm and fuzzys reading your progress, I have a feeling if you carry this work ethic into the exam you will do well.

    Thanks Chris, I really appreciate that. I'm really ready for the exam now (not saying I will pass), but I just feel like I can't do much more at this stage. I made the mistake last night of reading some blogs on the OSCP and exams which filled me with dread as many sounded pretty gruelling. But staying grounded, it's nothing I didn't know before. Will give it my best shot and I know I can/will pass if I keep giving it a go.




    Quote Originally Posted by saerian View Post
    CyberCop -


    Thank you for this fantastic thread detailing your OSCP journey. I've been wanting to do the OSCP for a while now, as pentesting has always fascinated me. Reading over this thread really lit a fire inside me, and I pulled the trigger and signed up for the course and lab access ... yesterday was my start date!


    Good luck on your exam!



    That's amazing news, well done Saerian! I know there's tons and tons of threads about tips and advice, but to add my bits very briefly:


    1) do the exercises as the beginning - many steer you into finding vulnerabilities and holes in lab machines to exploit


    2) If you do end up getting root access on any machine, STOP and make sure you do some more digging, particularly for user accounts, hashes, passwords, ipconfig/ifconfig. I've missed out on 1-2 roots based on my sloppiness


    3) I'm terrible at note taking. But one thing I've started to do now, is that if and when I get root access, I immediately write down in a VERY clear way what I did. I sometimes even revert the machine and do it again, with the commands I used. Before I started doing this, I had to re-hack a few machines which took ages as I couldn't work out what I had done.


    Good luck with the journey. It's hard, but fun and worth it.
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress - Exam on 20th December

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Feb 2017
    Posts
    214
    #119
    Oh and OffSec just emailed me a reminder about the exam on Thursday... trust me, I haven't forgot about it!!!!
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress - Exam on 20th December

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  21. Member
    Join Date
    Dec 2012
    Posts
    51

    Certifications
    ITIL v3, CISSP, CISM, GDPR, eCPPT, OSCP, TOGAF
    #120
    Quote Originally Posted by CyberCop123 View Post
    Oh and OffSec just emailed me a reminder about the exam on Thursday... trust me, I haven't forgot about it!!!!
    Good luck with the exam CyberCop123! I passed last month and already missing the labs! Have a plan of action and you should be fine, you pwned a lot more machines then I did. I sat my exam after about 21 days of labs an managed to pwn just over a box a day before sitting the exam.
    Reply With Quote Quote  

  22. Senior Member
    Join Date
    Feb 2017
    Posts
    214
    #121
    Quote Originally Posted by t17hha View Post
    Good luck with the exam CyberCop123! I passed last month and already missing the labs! Have a plan of action and you should be fine, you pwned a lot more machines then I did. I sat my exam after about 21 days of labs an managed to pwn just over a box a day before sitting the exam.
    Thank you!


    I'm really excited and nervous to take the exam. Well done on passing, it's a great achievement.


    I'm looking forward to passing as I'm all set to start CISSP prep next. I've started casually reading some of the material. It's very very difficult I've found to know exactly what context each area is in and what's important to know, and what is there to just help explain what it means.


    Thanks again, and hopefully I will update on Friday with some positive news
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress - Exam on 20th December

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  23. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    742

    Certifications
    OSCP, CEH, eJPT, CompTIA CSA+, CompTIA Security+, CompTIA Network+
    #122
    I feel like I need to set a reminder to check this thread on Friday. It is like waiting on a movie you have dying to see come out.

    You have done an excellent job in the labs and I have no doubt that this will carry over into your exam. I fully expect to see a passing post from you.
    2018 Certification Goals: OSCE
    Blog: https://hackfox.net
    Reply With Quote Quote  

  24. Member Hornswoggler's Avatar
    Join Date
    Jun 2017
    Posts
    63

    Certifications
    A+, MCSE NT 4.0, CCNA, MCSE Win2k, CISSP, GCIH, CCSK, GPEN, OSCP
    #123
    Great progress! Looks like you have ramped it up significantly. As you get a routine down and more experience, it starts to snowball.

    You will nail this and you will own it. Hopefully the first try but I know you'll stick with it until that title is YOURS! Good luck on the exam tomorrow!!!

    Good call on doing the exercises and lab report. I quit once I got to the metasploit section (was like, if I can't use metasploit on the exam, I won't bother with this chapter). I took the exam and I was right on the bubble on points alone. During the 24 hours of reporting I scrambled to finish what I could and do the lab report on 10 machines all from my crappy notes. Luckily I took screenshots with the required info! I was so impressed with sufferance that I (somehow, thankfully) did an excellent write-up which I copied/pasted into the lab report with the 9 others. It was a little bit scrappy but was somehow enough points to pass (whew). Wish I had finished the exercises and lab report long before that point, lol. Knock it out tomorrow!!!
    Reply With Quote Quote  

  25. Junior Member
    Join Date
    Aug 2017
    Posts
    20

    Certifications
    Net+, Sec+, CASP, CDNA, CEHv9
    #124
    CyberCop123,

    Just wanted to join the others and say Thank You for an uplifting and user-friendly review.

    Also, if I'm reading it right, the big day is tomorrow, so best of luck!
    Reply With Quote Quote  

  26. Senior Member NEODREAM's Avatar
    Join Date
    Apr 2016
    Posts
    115
    #125
    God speed my friend! This has been a joy to follow..hope to start my own progress thread one of these days ;]
    Reply With Quote Quote  

+ Reply to Thread
Page 5 of 7 First 12345 67 Last

Social Networking & Bookmarks