Results 1 to 25 of 42
  1. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #1

    Higgsx's Journey to OSCP

    Hello all

    I've already registered for PWK(Penetration Testing With Kali Linux) course(60 days) and paid it fully. My lab start at 18 February.
    I've dreamed enrolling to PWK training course for about 2 years and today I had a chance to buy it and enjoy it.

    A little bit about my background:
    I'm national CSIRT team member and I have 2 years experience into web application penetration testing and 1 year experience in malware analysis(just basic,not advanced such as malware debugging,reverse engineering and so on). I have good average user level skill set in linux and windows, also know basic x86 assembly language instructions such as: mov,add,xch,cdq,sub,mul, what are general registers, also basic knowledge about stack and heap, elf binary sections(.bss,.data.text.code and so on). Also have some basic networking knowledge: what is ip,mac,arp,dns,netbios,smb, difference between tcp and udp,basic subnetting and etc.

    I already did some vulnhub machines:
    Kioptrix: Level 1 (#1)
    Kioptrix: Level 1.1 (#2)
    Kioptrix: Level 1.2 (#3)
    Kioptrix: Level 1.3 (#4)
    Kioptrix: 2014
    FristiLeaks: 1.3
    Stapler: 1
    PwnLab: init
    Brainpan: 1
    Mr-Robot: 1
    HackLAB: Vulnix
    and some more I don't remember names.

    Also read Georgia Weidman's book 2 times

    So, I thought that I'm a little bit prepared and decided to give a try.

    My plan on current year is this: OSCP -> OSCE

    I hope I'll pass exam on first attempt, because I don't like failing at something
    I will do my best! to achieve goals that I have!
    Last edited by Higgsx; 02-05-2018 at 05:50 PM.


  2. Senior Member
    Join Date
    Dec 2015
    Location
    Quebec, Canada
    Posts
    461

    Certifications
    A+, Network+, Linux+, HP APS, VCP 3-4-5-6, VSP,VTSP, SSCP, Veeam VMCE, CISSP
    #2
    Good luck! OSCP is on my list too.. but not for now because of time.

  3. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #3
    Thanks

  4. Senior Member
    Join Date
    Feb 2017
    Location
    Washington
    Posts
    118

    Certifications
    OSCP, OSWP, GPEN, CEHv9, eJPT, A+, Security+, Linux+, CySA+, LPIC-1, CCENT, Linux Essentials
    #4
    Sounds like you've got some good preparation done before diving into the course. I HIGHLY recommend that you take the time to go through ALL of the course exercises before diving into the lab environment. It will make a big difference in the long run. It's also a good idea to run through g0tmi1k' Alpha walkthrough to help build your methodology for the other lab machines. Believe me, during the exercises first will save you some headache later. Besides that ahve fun man, the labs are amazing will consume your life for awhile so enjoy the sufferance while your there cause your gonna miss em!
    Currently: eWPT
    Future: RastaLabs and something Blue
    Other: Python and Powershell

  5. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #5
    Originally Posted by airzero
    Sounds like you've got some good preparation done before diving into the course. I HIGHLY recommend that you take the time to go through ALL of the course exercises before diving into the lab environment. It will make a big difference in the long run. It's also a good idea to run through g0tmi1k' Alpha walkthrough to help build your methodology for the other lab machines. Believe me, during the exercises first will save you some headache later. Besides that ahve fun man, the labs are amazing will consume your life for awhile so enjoy the sufferance while your there cause your gonna miss em!
    Thank you for advice
    How long does course exercises takes? I've heard people needed 1 month to complete it, I think that's too much.

    Also I've heard that lab and exercises report will be beneficial on exam date. I wonder which software I should use to write my lab and exam reports?
    I know about keepnote,evernote and so on, but they are just note taking softwares. For report writing I think I should use MS office or libreOffice,shouldn't I?

    Maybe this is silly question but I want to be sure.
    Last edited by Higgsx; 02-06-2018 at 07:35 AM.

  6. Senior Member
    Join Date
    Feb 2017
    Location
    Washington
    Posts
    118

    Certifications
    OSCP, OSWP, GPEN, CEHv9, eJPT, A+, Security+, Linux+, CySA+, LPIC-1, CCENT, Linux Essentials
    #6
    I used the template provided from Offsec in Libreoffice, but you can use openoffice or microsoft office. Which ever you prefer really, as long as you can save it as a PDF document. The note keeping is also up to personal preference. A lof of people use keepnote, but there's also evernote, dradis or onenite. I personally just made a template in a txt document and create one for each machine so I could keep things clean and simple, but that was just my way of doing it.

    The lab exercises depend on how much time you spend and how mcuh experience you have with the tools. I got through all the exercises in about two weeks at a moderate pace. But I did not take notes or make a report for them, just ran through them all. It's really up to how much time you dedicate to spend studying to get through them. It seems a lot of students rush through the exercises to get to the labs and really don't learn all the content, just to come back to it later. Take your time and learn the material as it will help you tremdously in the labs. if you use up all your lab time you can always buy more, extensions start at $150 and really aren't too expensive for the value so don't be afraid of running out of lab time.
    Currently: eWPT
    Future: RastaLabs and something Blue
    Other: Python and Powershell

  7. Senior Member
    Join Date
    Nov 2016
    Location
    Iowa
    Posts
    115

    Certifications
    OSCP, OSWP, CISSP, CCNA Cyber Ops, Sec+
    #7
    I think 60 days is a good duration for you. I think with your background, you may actually find the course and material a bit easy to dive into. And I think you are not in the wrong for hoping to pass the exam on a first try. I'd also expect you to clear the whole lab within that time period (challenge given!) I think most anyone with at least some professional experience with pen testing and web app testing has pretty immediate success.
    -------------------------------------------------------
    Security Engineer/Analyst/Geek, Pen Testing

  8. Senior Member
    Join Date
    Nov 2016
    Location
    Iowa
    Posts
    115

    Certifications
    OSCP, OSWP, CISSP, CCNA Cyber Ops, Sec+
    #8
    Originally Posted by Higgsx
    Thank you for advice
    How long does course exercises takes? I've heard people needed 1 month to complete it, I think that's too much.

    Also I've heard that lab and exercises report will be beneficial on exam date. I wonder which software I should use to write my lab and exam reports?
    I know about keepnote,evernote and so on, but they are just note taking softwares. For report writing I think I should use MS office or libreOffice,shouldn't I?

    Maybe this is silly question but I want to be sure.
    The exercises take a significant time to complete. I think I spent a good 2-3 weeks on it, and that was after I was done in the labs. Many of the latter half of the exercises require you to locate and demonstrate a technique or tool on a target in the labs. (Though, don't let that suggest you should not read the material or do any exercises until clearing the labs; a huge majority of students do not get that far, but still do just fine. You *should* do the material and as many exercises as you can early on.)

    You can use whatever software you want to keep notes. I personally used CherryTree+Dropbox and scrot/Greenshot for screenshots, but EverNote can work just fine (I had a slightly unique home lab that kept me away from it.)

    The lab report itself just needs to be in a format similar to a pen test report for a customer, i.e. enough to prove you did a scan, found an issue, exploited the issue, and steps to recreate it. You'll end up submitting that report as a pdf, so doesn't really matter what doc app you use.

    (Be sure to consult the FAQ and support sites when you get that info via email. All the docs and rules are there.)
    https://support.offensive-security.com/#!pwk-support.md
    -------------------------------------------------------
    Security Engineer/Analyst/Geek, Pen Testing

  9. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #9
    So so so.
    Today I got email to download videos and pdf.

    Day 1
    As you recommended me guys, I started reading and watching pdf and video materials. First few topics was very easy and I was already familiar with it. Page 50/380 completed. Also I did some exercises. Nothing seems hard, learning flow is good. My plan is to complete pdf and video materials in 2 weeks, and I will do it!!!

    Video material and pdf are working together very well. There are some information in pdf that isn't in videos and vice-versa.

  10. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    318

    Certifications
    CISSP, C|EH, C|HFI, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #10
    Originally Posted by Higgsx
    Video material and pdf are working together very well. There are some information in pdf that isn't in videos and vice-versa.
    Very helpful to remember this as you get deeper.

  11. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #11
    Day 4
    Almost covered half of the material.I was stuck on one exercises that was related to netcat stuff. Little obstacle but managed to complete that.
    I'm a little bit in harry I want to cover all video and pdf materials quickly so that I can allocate more time for lab machines.

    learning materials aren't hard. I understand most of them, they aren't new to me.

    P.S if you read Georgia Weidman's "penetration testing hands-on hacking", you can assume that you've completed most of the OSCP materials. Once you read the book, it's so easy to pick up topics explained in OSCp videos and pdf.

  12. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #12
    I need advice.

    It's day 5 and I'm already on Buffer Overflow section and successfully completed BOF exercises.
    I know rest of the material(except password cracking,it's my weak area).

    Which would be good: wait and complete whole studying materials before labs or dive right now into labs and do pdf exercises in parallel?
    I also completed some vulnhub machines so penetration testing is not new for me.

    any advice?

  13. Junior Member
    Join Date
    Oct 2016
    Location
    North Carolina
    Posts
    29

    Certifications
    CISSP, GPEN, CEHv7, Sec+, ITILv3
    #13

    Why not?

    Why not conduct a simple scan to know what devices are up? Maybe even a limited scan of a few ports... Just some ideas, can't hurt anything right? You might find similar vulnerabilities as what' you've experienced in vulnhub.

  14. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #14
    Originally Posted by jjones2016
    Why not conduct a simple scan to know what devices are up? Maybe even a limited scan of a few ports... Just some ideas, can't hurt anything right? You might find similar vulnerabilities as what' you've experienced in vulnhub.
    Thank you for replying.

    Day 6
    I've completed half of the learning materials in PDF and videos.

    I decided to dive little bit into lab machines. I learned more and practiced what I learned.

    I rooted: alice
    Unfortunately with metasploit. Today i will try to exploit without msf.


    Not hard and not very easy.

    Feels great!!!!
    Last edited by Higgsx; 02-23-2018 at 11:05 AM.

  15. Member
    Join Date
    Apr 2017
    Posts
    40

    Certifications
    OSCP
    #15
    Nice man, good going. I also did ALICE but with msf and before my lab finish i will do ALICE again without MSF

  16. Junior Member
    Join Date
    Oct 2016
    Location
    North Carolina
    Posts
    29

    Certifications
    CISSP, GPEN, CEHv7, Sec+, ITILv3
    #16
    Originally Posted by Higgsx
    Thank you for replying.Day 6I've completed half of the learning materials in PDF and videos.I decided to dive little bit into lab machines. I learned more and practiced what I learned.I rooted: aliceUnfortunately with metasploit. Today i will try to exploit without msf.Not hard and not very easy.Feels great!!!!
    Great job!!! If you already know enumeration, then DO IT....because later just have to verify the information you found during the enumeration, but if you find an EASY win then go for it. Why not practice some of the post exploitation techniques you learned from Kioptrix or from the PDF?

  17. Senior Member
    Join Date
    Nov 2016
    Location
    Iowa
    Posts
    115

    Certifications
    OSCP, OSWP, CISSP, CCNA Cyber Ops, Sec+
    #17
    Originally Posted by Higgsx
    I need advice.

    It's day 5 and I'm already on Buffer Overflow section and successfully completed BOF exercises.
    I know rest of the material(except password cracking,it's my weak area).

    Which would be good: wait and complete whole studying materials before labs or dive right now into labs and do pdf exercises in parallel?
    I also completed some vulnhub machines so penetration testing is not new for me.

    any advice?
    You do you. But a few pieces of advice about exercises and the lab. Some exercises will require you to finish them on a lab system that you're supposed to find. This means you don't know when to do them until you find that box, and you might not know what boxes are candidates until you've read all the exercises and materials.

    Once you get in the labs, it's hard to rip yourself away from the feeling of those root shells, but I do strongly suggest a mixed approach. The goal is not # of roots, but how strong you feel in your methodology, process, finding issues, exploiting them, and then repeating for priv escalation. Having a solid checklist/process and enumeration will be what gets you an exam pass. (Of course, it helps to see all the tricks the labs will throw at you, but just keep the above in mind.)
    -------------------------------------------------------
    Security Engineer/Analyst/Geek, Pen Testing

  18. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #18
    Day 10
    Thanks for replying guys!

    Today I rooted Phoenix!!!

    It was little bit hard than alice.

    Lesson learned: if you are stuck on one service/port, move to another.
    Don't hurry up, look and think. quickly pressing on a keyboard doesn't solve a problem. I was in a hurry but I made a mistake, error code that shell was giving me I wasn't reading fully.

    Feels great!!!

    EDIT: Believing in yourself helps greatly. I was stuck on 'phoenix' for hours. I knew this wasn't hard and I thought I wasn't good enough and that I bought PWK labs too early, but once believing in myself I was capable to find low priv shell in just 15 minutes!
    Last edited by Higgsx; 02-27-2018 at 11:59 AM.

  19. Junior Member
    Join Date
    Oct 2016
    Location
    North Carolina
    Posts
    29

    Certifications
    CISSP, GPEN, CEHv7, Sec+, ITILv3
    #19

    Great work!

    Originally Posted by Higgsx
    Day 10Thanks for replying guys! Today I rooted Phoenix!!! It was little bit hard than alice.Lesson learned: if you are stuck on one service/port, move to another.Don't hurry up, look and think. quickly pressing on a keyboard doesn't solve a problem. I was in a hurry but I made a mistake, error code that shell was giving me I wasn't reading fully.Feels great!!!EDIT: Believing in yourself helps greatly. I was stuck on 'phoenix' for hours. I knew this wasn't hard and I thought I wasn't good enough and that I bought PWK labs too early, but once believing in myself I was capable to find low priv shell in just 15 minutes!
    Sounds good to me! You deserve it.

  20. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #20
    Originally Posted by jjones2016
    Sounds good to me! You deserve it.
    Thanks.

    Today I decided to skip lab & exercises report and just send exam report when time comes. Of course I'm doing lab machines and doing exercises but documenting(writing,screenshots etc) them takes time and I prefer spending time learning new things and doing lab machines than document all exercises in pdf. Bonus 5 points is too small I think, and as offsec says course exercises must be all and all correct which also will take more time.

  21. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #21
    Day 11
    Today I rooted payday
    Rooted Machines: alice, phoenix, mike, payday

    Even though I spent 5 hours on 'payday' it was easy

    It was very beneficial to do vulnhub machines and to read Georgia Weidman's book before enrolling. It will save time!

  22. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #22
    Day 13

    Today I rooted PAIN, it wasn't very difficult for me. The most difficult obstacle was privilege escalation. I spent about 10-11 hours on it. After 3-4 hours I became very tired and stopped thinking and started over-complicating things. After resting and with fresh mind, I rooted it about 2 hours. I was very happy about that.

    Till today I used to download exploit code and run it right away, but I learned that it is a mistake. At least you have to read code even though you don't understand it. You at least will see custom path that need to be changed and so on. A little bit customizing was needed.

    So, I've been doing lab machines for about 1 week and rooted all 7 machine: alice, phoenix, mike, payday, barry, ralph, pain
    It actually means that everyday I root 1 machine. For some people this is good but for me this is very bad I require and demand to myself to dedicate much time and do my maximum to achieve maximum results. It's partially bad habit of me, because it causes anxiety and stress. I'm constantly thinking about boxes even when I hang out with my friends and so on.It's funny sometimes I've dreams rooting machines

    I stopped reading PDF after Buffer Overflow section and started lab machines 1 weeks ago. Now I'm going to return to PDF and video course to finish it in 3-4 days.

    I'm doing lab machines even I'm at work. Eventually I dedicate 8 hours / day to PWK/OSCP stuff.

    I desire to study more advanced exploit development like DEP,ASLR bypass, ROP chaining but I think it will not be useful to OSCP exam so maybe that will be when I open OSCE thread on this forum

    P.S Sorry for my bad English,it isn't my native language.
    Last edited by Higgsx; 03-02-2018 at 06:35 PM.

  23. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #23
    Day ... don't remember but I know that I have 41 days left.
    After my last post on this thread, I rooted one box: leftturn.local

    But after that nightmare started.. I realized how much work I need to dedicate. there is bunch of topics to learn, active directory stuff drives me crazy, it's new to me.I'm not lazy to learn new stuff but there is so much..

    Sometimes I think I took this training too early I think I'm not ready for that.. or don't know... I have little problems in life.. maybe that's reason I can't concentrate on PWK labs for last days. I'm stuck.

    Did anyone has this situation? who thought that this course was too advanced?

  24. Senior Member
    Join Date
    Feb 2017
    Location
    Washington
    Posts
    118

    Certifications
    OSCP, OSWP, GPEN, CEHv9, eJPT, A+, Security+, Linux+, CySA+, LPIC-1, CCENT, Linux Essentials
    #24
    I took the training right after I got my Security+, so I only knew the basics and definitley know how you feel. You just gotta keep at it and continiously study to get where you want to be. I failed multiple times before passing so don't be afraid of failure.
    Currently: eWPT
    Future: RastaLabs and something Blue
    Other: Python and Powershell

  25. Member
    Join Date
    Dec 2015
    Location
    Georgia,Tbilisi
    Posts
    60

    Certifications
    GCIH
    #25
    Originally Posted by airzero
    I took the training right after I got my Security+, so I only knew the basics and definitley know how you feel. You just gotta keep at it and continiously study to get where you want to be. I failed multiple times before passing so don't be afraid of failure.
    Thank you for replying.

    I've question:

    Are exploiting master and slave servers different from rest of the machines? I think I need specific knowledge like how kerberos and ldap works, kerberos ticket hacking or something fancy like that.


Social Networking & Bookmarks

best-it-exam-    | for-our-work-    | hottst-on-sale-    | it-sale-    | tast-dumps-us-    | test-king-number-    | pass-do-it-    | just-do-it-    | pass-with-us-    | passresults-everything-    | passtutor-our-dumps-    | realtests-us-exam-    | latest-update-source-for-    | cbtnuggets-sale-exam    | experts-revised-exam    | certguide-sale-exam    | test4actual-sale-exam    | get-well-prepared-    | certkiller-sale-exam    | buy-discount-dumps    | how-to-get-prepared-for-the    | in-an-easy-way    | brain-dumps-sale    | with-pass-exam-guarantee    | accurate-study-material    | at-first-try    | 100%-successful-rate    | get-certification-easily    | material-provider-exam    | real-exam-practice    | with-pass-score-guarantee    | certification-material-provider    | for-certification-professionals    | get-your-certification-successfully    | 100%-Pass-Rate    | in-pdf-file    | practice-exam-for    | it-study-guides    | study-material-sku    | study-guide-pdf    | prep-guide-demo    | certification-material-id    | actual-tests-demo    | brain-demos-test    | best-pdf-download    | our-certification-material    | best-practice-test    | leading-provider-on    | this-course-is-about    | the-most-reliable    | high-pass-rate-of    | money-back-guarantee    | high-pass-rate-demo    | recenty-updated-key    | only-for-students-free-download    | courseware-plus-kit-for    | accurate-answers-of    | the-most-reliable-id    | provide-training-for    | welcome-to-buy    | material-for-success-pass    | provide-free-support    | best-book-for-pass    | accuracy-of-the-answers    | pass-guarantee-id    |
http://rent4you.pt/    | http://rent4you.pt/    |