+ Reply to Thread
Results 1 to 16 of 16
  1. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    676

    Certifications
    CEH, CCNA: R&S, eJPT, JNCIS-SEC, CompTIA CSA+, CompTIA Security+, CompTIA Network+
    #1

    Default Mooseboost boosting the OSCP

    This post has been a long time coming. I have been kicking around the idea of the OSCP for over a year now with promises of myself that I will get to it "soon" but always find a reason to put it off. The time is now here! Registration complete, payment submitted, and start date set for December 16th, 2017! I feel like a kid during Christmas (ironic that my start date isn't too far from Christmas) who knows that is in the big box under the tree. I already know some areas where I am going to need to focus particular with *nix and scripting. My background has had some level of programming but nothing consistent, although I think that being a jack-of-all trades will play into my favor. I've touched just about every aspect of IT over the years with a heavy emphasis on network and security engineering. My primary focus is trying to dive into scripting as much as I can before my start date. I want to be able to at least automate some of my enumeration process in the beginning. I intend to regularly update this post once the labs get started to keep a track of where I am.
    Last edited by Mooseboost; 12-18-2017 at 02:50 AM.
    Reply With Quote Quote  

  2. SS
  3. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,521

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, AWS CCP, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #2
    Good luck Mooseboost! I'll definitely be following your progress!
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, AWS CCP, CEHv8, CHFIv8, ITIL-F, BSBA - UF, MSISA - WGU
    Currently Working On: MS Cybersecurity, AWS Certified Security - Specialty, Learning Linux & Python
    Next Up:​ AWS Certified Solutions Architect - Associate
    Reading:​ A Cloud Guru, Code Academy
    Reply With Quote Quote  

  4. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    676

    Certifications
    CEH, CCNA: R&S, eJPT, JNCIS-SEC, CompTIA CSA+, CompTIA Security+, CompTIA Network+
    #3
    Thanks JoJo!

    A quick update on how things are going so far!

    My scheduled lab time kicked off at 7PM EST Saturday. My lab pack came in at exactly 7PM (1900) on the dot. I figured the VM for the lab was pretty much the same as the one they had me download for the lab connectivity test so I hopped right into the lab while I waited for the course videos to download. I wanted to just poke around a bit before I really dove into the course material. I ended up finding an easily exploited machine that I will have to go back through and exploit again later due to my lack of documentation of what I did. I highly doubt many of the machines in the network will be as easy as Alice was and that isn't a bad thing. Outside of handlers, I want to use as little Metasploit as possible in the labs.

    After the videos finished downloading I looked briefly over them and the accompanying PDF. I am going to go through the course materials first and fill out the exercises section as I go. Which brings me to my next point: Documentation is key. Their report template has a heavy emphasis on screenshots, so I will follow their guidelines as closely as I can. Building out the reports shouldn't be too difficult as I do red team and engineering consultation at work which means that I am use to having to do write-ups.

    For note taking I am using Cherrytree. I found it quite some time ago and fell in love with it. For the lab and exam I am using a template I got from a Reddit user 411. You can find the template on his blog post: https://411hall.github.io/OSCP-Preparation/

    For the lab work I am going to put a little more emphasis on working my blog. I've actually moved to a new template (the link in the sig leads to the old one - for now until I get DNS and stuff fixed up) hosted on GitHub. https://hackf0x.github.io. It is two fold: It will cut down on hosting cost from GoDaddy and I like Jekyll.

    Anyone else who is currently doing the OSCP, finished it, or is preparing for it now feel free to hit me up as I move along! Always happy to have companions to chat with. I will probably be updating here and crossposting to the blog once a week at least.

    Roots so far: Alice.
    Reply With Quote Quote  

  5. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    676

    Certifications
    CEH, CCNA: R&S, eJPT, JNCIS-SEC, CompTIA CSA+, CompTIA Security+, CompTIA Network+
    #4
    Course is going smooth so far with one exception: One of the exercises is broken. The new(er) ncat binary for windows is not compatible with the newest release in Kali. So when you attempt the exercise, it doesn't work.

    I have skipped the exercise for now and will come back to it towards the end of my lab time. If it hasn't been fixed by then I will either email them ask or setup a different environment to show it. Other than that, just chugging along.

    About halfway through the course now so hopefully by the end of the weekend I will be completely wrapped up and ready to start pounding away at the lab machines! I'll definitely be building my report out as I go so that I don't end up trying to cram it together at the end.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    317

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #5
    Quote Originally Posted by Mooseboost View Post
    Course is going smooth so far with one exception: One of the exercises is broken. The new(er) ncat binary for windows is not compatible with the newest release in Kali. So when you attempt the exercise, it doesn't work.

    I have skipped the exercise for now and will come back to it towards the end of my lab time. If it hasn't been fixed by then I will either email them ask or setup a different environment to show it. Other than that, just chugging along.

    About halfway through the course now so hopefully by the end of the weekend I will be completely wrapped up and ready to start pounding away at the lab machines! I'll definitely be building my report out as I go so that I don't end up trying to cram it together at the end.
    If you read the OSCP instructions they recommend you use the custom image they have vetted for the OSCP. It's been tested and works with everything. Using anything else is clearly stated as possibly having issues.
    Reply With Quote Quote  

  7. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,521

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, AWS CCP, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #6
    Quote Originally Posted by Mooseboost View Post
    Thanks JoJo!



    For note taking I am using Cherrytree. I found it quite some time ago and fell in love with it. For the lab and exam I am using a template I got from a Reddit user 411. You can find the template on his blog post: https://411hall.github.io/OSCP-Preparation/

    For the lab work I am going to put a little more emphasis on working my blog. I've actually moved to a new template (the link in the sig leads to the old one - for now until I get DNS and stuff fixed up) hosted on GitHub. https://hackf0x.github.io. It is two fold: It will cut down on hosting cost from GoDaddy and I like Jekyll.
    Thanks for that! Cherrytree looks awesome!
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, AWS CCP, CEHv8, CHFIv8, ITIL-F, BSBA - UF, MSISA - WGU
    Currently Working On: MS Cybersecurity, AWS Certified Security - Specialty, Learning Linux & Python
    Next Up:​ AWS Certified Solutions Architect - Associate
    Reading:​ A Cloud Guru, Code Academy
    Reply With Quote Quote  

  8. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    676

    Certifications
    CEH, CCNA: R&S, eJPT, JNCIS-SEC, CompTIA CSA+, CompTIA Security+, CompTIA Network+
    #7
    Quote Originally Posted by Blucodex View Post
    If you read the OSCP instructions they recommend you use the custom image they have vetted for the OSCP. It's been tested and works with everything. Using anything else is clearly stated as possibly having issues.
    Actually their custom image is the one with the issues. They updated their image to include the new version of ncat which is not compatible with the version ncat that they have loaded on the student Windows machine. So far they don't have a fix for it since the issue is actually with ncat (There isn't much Offense Security can do about that)..

    @JoJo - It really is! Its actually included in Kali now so someone must have really liked it.
    Reply With Quote Quote  

  9. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    676

    Certifications
    CEH, CCNA: R&S, eJPT, JNCIS-SEC, CompTIA CSA+, CompTIA Security+, CompTIA Network+
    #8
    Found a work around for ncat issue. Downloaded the latest version of windows nmap to my kali machine, setup a python HTTP server and used that to host the download for my windows lab machine. Installed the new version of nmap onto the PC and ncat works now.

    Don't think this will be the "official" fix but it was worrying me to death to not have it completed.
    Reply With Quote Quote  

  10. Senior Member BuzzSaw's Avatar
    Join Date
    Jul 2016
    Posts
    253

    Certifications
    OSCP | CEH | SSCP | VCP6 | VCP-NV | VCP-Cloud | VCP6-NV | VCP5-DCV | VCP4 | MCTS | MCP
    #9
    Keep it up man. It's a great experience, and you will learn more than you thought you would!

    If you run up against it, just let me know! I can give none spoiling nudges with the best of them
    Reply With Quote Quote  

  11. Junior Member
    Join Date
    Mar 2016
    Location
    Philadelphia
    Posts
    19

    Certifications
    MCSE, MCSE, A+, Net+, CISSP, CEH, CCNA, ACSE, EMA, GMON, GCIH, CISM
    #10
    Mooseboost, I’m going through OSCP right now as well, lab actually started same time as you, I just pm’d you.
    Reply With Quote Quote  

  12. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    676

    Certifications
    CEH, CCNA: R&S, eJPT, JNCIS-SEC, CompTIA CSA+, CompTIA Security+, CompTIA Network+
    #11
    The last week has been absolutely crazy. Between work being so busy and the holiday I have not gotten a lot of time to spend on the OSCP for the last few days. I have worked most of my way through the exercises and wrapping up with the web section now.

    The buffer overflow section has been by far my favorite section. I learned a lot doing the exercises and feel way more confident modifying exploits now. Even if this section doesn't play a huge role in the lab/exam, it still will be my favorite. I learned a lot of interesting little tricks while doing it. The biggest lesson from that though is that sometimes you need to walk away for a bit. I spent hours on one of the exercises thinking I had royally messed up and was clueless. Gave up and decided to rest for the night. Ended up getting it within minutes the next day after having a fresh look at my code and realizing I had a small error that was rewriting a value instead of adding to it. Fixed it and the exploit worked perfectly.

    Hoping to have the course wrapped up in the next week or two. Once I have that completed and my exercises finished I am going to hit the labs hard.
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    317

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #12
    Quote Originally Posted by Mooseboost View Post
    Found a work around for ncat issue. Downloaded the latest version of windows nmap to my kali machine, setup a python HTTP server and used that to host the download for my windows lab machine. Installed the new version of nmap onto the PC and ncat works now.

    Don't think this will be the "official" fix but it was worrying me to death to not have it completed.
    Thanks for the heads up and workaround. Following suit.
    Reply With Quote Quote  

  14. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    676

    Certifications
    CEH, CCNA: R&S, eJPT, JNCIS-SEC, CompTIA CSA+, CompTIA Security+, CompTIA Network+
    #13
    Still putting in the work, though not as much as I would have liked to. Had a few bad days due to some dehydration issues (do not forget to drink water folks) but getting back into the full swing.

    I skipped some of the exercises post buffer overflow because I felt the content wasn't needed. After discussing on the IRC channel with some of the other folks I can see that was in error so I am circling back to complete those. Probably another good lesson learned there - Do not get ahead of yourself. Even if something seems mundane and not worth your time - its there for a reason.
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Feb 2017
    Posts
    179
    #14
    Quote Originally Posted by Mooseboost View Post
    Still putting in the work, though not as much as I would have liked to. Had a few bad days due to some dehydration issues (do not forget to drink water folks) but getting back into the full swing.

    I skipped some of the exercises post buffer overflow because I felt the content wasn't needed. After discussing on the IRC channel with some of the other folks I can see that was in error so I am circling back to complete those. Probably another good lesson learned there - Do not get ahead of yourself. Even if something seems mundane and not worth your time - its there for a reason.
    Definitely a good idea to go back and do these. I too skipped them but went back over every single exercise again in order to complete the Exercise documentation.

    The Buffer Overflow section was invaluable. Particularly when you consider that the only thing you CAN predict on the exam is that there is a buffer overflow section.

    There's some great learning points there.

    When I went back I created a step-by-step guide for myself, so that hopefully in the exam I can just follow it along and get the result needed.
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  16. Junior Member dr_fsmo's Avatar
    Join Date
    Oct 2017
    Location
    Michigan
    Posts
    14

    Certifications
    A+, Security +, MCSA/MCSE, MCTS, CNA
    #15

    Default Machine Setup

    Are you running your Kali machine as a physical or VM?
    Reply With Quote Quote  

  17. Member
    Join Date
    May 2015
    Posts
    93
    #16
    Good luck Mooseboost, I do enjoy reading these experiences. I suggest that as you pwn each machine in the labs you write a script (bash or python) to automate the attack. This has several benefits including being able to quickly re-pwn a machine if needed, it will be accurate documentation, you will learn bash and python scripting, and lastly - automating attacks leaves zero room for mistakes/human correction. The last one might sound strange but once you start automating you'll likely experience what it means. All the best mate
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks