Anyone here done OSCP?
#11
(02-09-2018, 06:22 AM)stealth Wrote: I don't want to discourage you, but the OSCP costs $800 for PWK and you have to complete it for permission to test.

It's not for beginners and I have a long way before I can take it. But I will take it and it is in my goals for the future.

I contacted offensive security a while back and here are their stated prerequisites:

[Image: IMG_0160.png]
Reply
#12
I have obtained OSCP certification. I think the official prerequisites Offensive Security recommended in that reply are a bit anemic.

You need to know a wide variety of material beyond basic TCP/IP and being able to navigate UNIX systems (NOT JUST LINUX). You need to know how both UNIX and Windows systems work to an intermediate level. You need to be able to accurately enumerate services and software running on hosts both remotely and locally. You need to be able to troubleshoot networking issues beyond basic ping and "is this port open" checks. You need to be able to identify all of the common web application vulnerabilities (OSWAP top 10), and exploit them manually. You will need to be able to determine which exploit to use against a vulnerable host and modify them if need be. Most importantly, you need to be able to write a solid penetration test report complete with screen shots and detailed walkthroughs of what you've done and be able to manage your time effectively under stress (the exam). This documentation is what a company actually pays for for a penetration test, not your elite computer hacking skills.

In my opinion, this certification isn't a joke or something you can just casually do over summer break. If you don't have the knowledge to pass Linux+, Security+, and Network+, with minimal study, I do not recommend this course (yet). I'm not saying that those certifications are good or should be a prerequisite, but if you take some of the online practice tests or do the chapter reviews in study books for them and fail miserably, you might want to consider brushing up on this stuff beforehand.

As for the scripting/programming they recommend, I didn't develop any custom tooling for this course, but a lot of other people did. I was able to get by with ugly one-liners or simply using the right tool for most things. I even wrote the exam buffer overflow exploit as a bash 1-liner.

Hope this helps and isn't discouraging. I'll be glad to answer any other questions regarding this certification.
Reply
#13
(02-09-2018, 04:05 PM)k1tsune Wrote: I have obtained OSCP certification. I think the official prerequisites Offensive Security recommended in that reply are a bit anemic.

You need to know a wide variety of material beyond basic TCP/IP and being able to navigate UNIX systems (NOT JUST LINUX). You need to know how both UNIX and Windows systems work to an intermediate level. You need to be able to accurately enumerate services and software running on hosts both remotely and locally. You need to be able to troubleshoot networking issues beyond basic ping and "is this port open" checks. You need to be able to identify all of the common web application vulnerabilities (OSWAP top 10), and exploit them manually. You will need to be able to determine which exploit to use against a vulnerable host and modify them if need be. Most importantly, you need to be able to write a solid penetration test report complete with screen shots and detailed walkthroughs of what you've done and be able to manage your time effectively under stress (the exam). This documentation is what a company actually pays for for a penetration test, not your elite computer hacking skills.

In my opinion, this certification isn't a joke or something you can just casually do over summer break. If you don't have the knowledge to pass Linux+, Security+, and Network+, with minimal study, I do not recommend this course (yet). I'm not saying that those certifications are good or should be a prerequisite, but if you take some of the online practice tests or do the chapter reviews in study books for them and fail miserably, you might want to consider brushing up on this stuff beforehand.

As for the scripting/programming they recommend, I didn't develop any custom tooling for this course, but a lot of other people did. I was able to get by with ugly one-liners or simply using the right tool for most things. I even wrote the exam buffer overflow exploit as a bash 1-liner.

Hope this helps and isn't discouraging. I'll be glad to answer any other questions regarding this certification.

So is CCENT good enough on the networking portion? Then is Linux Essentials good for Linux? We have Security+ available at my school for free as a self-teach course and I know where to find Security+ online, etc.

What do you recommend to prepare?

(02-09-2018, 04:05 PM)k1tsune Wrote: I have obtained OSCP certification. I think the official prerequisites Offensive Security recommended in that reply are a bit anemic.

Yeah, but Offensive Security is the company that puts out the certification course so that sounds hard to believe. I also have talked with other people who have the OSCP cert in Internet forums before and they seem to agree with that email, although I haven't shown that email to most of those people.

I will take your advice into consideration though.

My first question to you is what do you think I should do to gain the prerequisites to do the course?
Reply
#14
Quote:What do you recommend to prepare?

I highly recommend doing some hackthebox.eu or vulnhub challenges. If you can complete a few dozen of these on your own without looking up solutions or "cheating", I'd take that as a good indicator of you being ready for the course. 

As for my opinion of their recommendations being a bit anemic, I completely stand behind my original statement. Basic Linux knowledge isn't going to cut the mustard. You might be able to soldier through the course eventually, but if you literally just know basics I feel it would be a painful process. Several of the machines in the labs had deliberately broken, yet subtle misconfigurations. Plenty of the machines also had red herrings. The same was true for the exam. I just don't see how someone could have "basic Linux skills" and be able to spot some of this stuff, but I may be misjudging what other people consider basic.

The same is true for Windows. I struggled badly on the Windows machines. I had to read a lot of manuals to figure out how things worked because I didn't use Windows at my day job or at home for a very long time. They don't even mention Windows in that email, but about half the lab and exam machines were Windows-based. I guess they just assume that everyone is great at using Windows.

For the networking part, there is more than one network on the lab. You originally get put onto "the public network", but have to figure out how to pivot from that network into others. When you need to chain your attack through multiple networks with different constraints on them, you really do need an in-depth knowledge of TCP/IP to understand why your attack may or may not be work. Sometimes, you have to get creative on how you accomplish these things. Other times, you have to contend with other students on the lab network reverting the machine you're working on, killing your shells, and just being assholes in general. To be fair, they do recommend an "in-depth knowledge of TCP/IP" as a prerequisite.

As for if the certifications being "enough", I don't know. If you can get through the ones mentioned without significant effort, that's probably another indicator of your readiness for the course. I don't want to discourage anyone from this and think OSCP is a great goal and a fun process, but I also don't want to see people getting frustrated needlessly and quitting, wasting several hundred dollars in the process. I see people in the #offsec channel on a regular basis expressing their frustrations with the course.
Reply
#15
(02-09-2018, 09:30 PM)k1tsune Wrote:
Quote:What do you recommend to prepare?

I highly recommend doing some hackthebox.eu or vulnhub challenges. If you can complete a few dozen of these on your own without looking up solutions or "cheating", I'd take that as a good indicator of you being ready for the course. 

As for my opinion of their recommendations being a bit anemic, I completely stand behind my original statement. Basic Linux knowledge isn't going to cut the mustard. You might be able to soldier through the course eventually, but if you literally just know basics I feel it would be a painful process. Several of the machines in the labs had deliberately broken, yet subtle misconfigurations. Plenty of the machines also had red herrings. The same was true for the exam. I just don't see how someone could have "basic Linux skills" and be able to spot some of this stuff, but I may be misjudging what other people consider basic.

The same is true for Windows. I struggled badly on the Windows machines. I had to read a lot of manuals to figure out how things worked because I didn't use Windows at my day job or at home for a very long time. They don't even mention Windows in that email, but about half the lab and exam machines were Windows-based. I guess they just assume that everyone is great at using Windows.

For the networking part, there is more than one network on the lab. You originally get put onto "the public network", but have to figure out how to pivot from that network into others. When you need to chain your attack through multiple networks with different constraints on them, you really do need an in-depth knowledge of TCP/IP to understand why your attack may or may not be work. Sometimes, you have to get creative on how you accomplish these things. Other times, you have to contend with other students on the lab network reverting the machine you're working on, killing your shells, and just being assholes in general. To be fair, they do recommend an "in-depth knowledge of TCP/IP" as a prerequisite.

As for if the certifications being "enough", I don't know. If you can get through the ones mentioned without significant effort, that's probably another indicator of your readiness for the course. I don't want to discourage anyone from this and think OSCP is a great goal and a fun process, but I also don't want to see people getting frustrated needlessly and quitting, wasting several hundred dollars in the process. I see people in the #offsec channel on a regular basis expressing their frustrations with the course.

So you would recommend networking, linux, and windows and then doing Hack the Box? Don't I need website building experience for Hack the Box?

I hacked my way into Hack The Box before but it was a long time ago and I completely forgot how to do it. I also couldn't even solve Blue (supposedly the easiest HTB machine).

What would the prerequisites to doing Hack the Box be? I think I should start there. Thanks.
Reply
#16
(02-09-2018, 11:04 PM)fogbright Wrote:
(02-09-2018, 09:30 PM)k1tsune Wrote:
Quote:What do you recommend to prepare?

I highly recommend doing some hackthebox.eu or vulnhub challenges. If you can complete a few dozen of these on your own without looking up solutions or "cheating", I'd take that as a good indicator of you being ready for the course. 

As for my opinion of their recommendations being a bit anemic, I completely stand behind my original statement. Basic Linux knowledge isn't going to cut the mustard. You might be able to soldier through the course eventually, but if you literally just know basics I feel it would be a painful process. Several of the machines in the labs had deliberately broken, yet subtle misconfigurations. Plenty of the machines also had red herrings. The same was true for the exam. I just don't see how someone could have "basic Linux skills" and be able to spot some of this stuff, but I may be misjudging what other people consider basic.

The same is true for Windows. I struggled badly on the Windows machines. I had to read a lot of manuals to figure out how things worked because I didn't use Windows at my day job or at home for a very long time. They don't even mention Windows in that email, but about half the lab and exam machines were Windows-based. I guess they just assume that everyone is great at using Windows.

For the networking part, there is more than one network on the lab. You originally get put onto "the public network", but have to figure out how to pivot from that network into others. When you need to chain your attack through multiple networks with different constraints on them, you really do need an in-depth knowledge of TCP/IP to understand why your attack may or may not be work. Sometimes, you have to get creative on how you accomplish these things. Other times, you have to contend with other students on the lab network reverting the machine you're working on, killing your shells, and just being assholes in general. To be fair, they do recommend an "in-depth knowledge of TCP/IP" as a prerequisite.

As for if the certifications being "enough", I don't know. If you can get through the ones mentioned without significant effort, that's probably another indicator of your readiness for the course. I don't want to discourage anyone from this and think OSCP is a great goal and a fun process, but I also don't want to see people getting frustrated needlessly and quitting, wasting several hundred dollars in the process. I see people in the #offsec channel on a regular basis expressing their frustrations with the course.

So you would recommend networking, linux, and windows and then doing Hack the Box? Don't I need website building experience for Hack the Box?

I hacked my way into Hack The Box before but it was a long time ago and I completely forgot how to do it. I also couldn't even solve Blue (supposedly the easiest HTB machine).

What would the prerequisites to doing Hack the Box be? I think I should start there. Thanks.

The prereqs are getting into the site to begin with. If you can't do this, that's a strong indicator that you may not be ready to do OSCP yet. Probably 75% of the machines in the lab had web-based bugs on them as either the entry point of the machine, or as a stepping stone to get into the machine.
Reply
#17
(02-09-2018, 11:42 PM)k1tsune Wrote:
(02-09-2018, 11:04 PM)fogbright Wrote:
(02-09-2018, 09:30 PM)k1tsune Wrote:
Quote:What do you recommend to prepare?

I highly recommend doing some hackthebox.eu or vulnhub challenges. If you can complete a few dozen of these on your own without looking up solutions or "cheating", I'd take that as a good indicator of you being ready for the course. 

As for my opinion of their recommendations being a bit anemic, I completely stand behind my original statement. Basic Linux knowledge isn't going to cut the mustard. You might be able to soldier through the course eventually, but if you literally just know basics I feel it would be a painful process. Several of the machines in the labs had deliberately broken, yet subtle misconfigurations. Plenty of the machines also had red herrings. The same was true for the exam. I just don't see how someone could have "basic Linux skills" and be able to spot some of this stuff, but I may be misjudging what other people consider basic.

The same is true for Windows. I struggled badly on the Windows machines. I had to read a lot of manuals to figure out how things worked because I didn't use Windows at my day job or at home for a very long time. They don't even mention Windows in that email, but about half the lab and exam machines were Windows-based. I guess they just assume that everyone is great at using Windows.

For the networking part, there is more than one network on the lab. You originally get put onto "the public network", but have to figure out how to pivot from that network into others. When you need to chain your attack through multiple networks with different constraints on them, you really do need an in-depth knowledge of TCP/IP to understand why your attack may or may not be work. Sometimes, you have to get creative on how you accomplish these things. Other times, you have to contend with other students on the lab network reverting the machine you're working on, killing your shells, and just being assholes in general. To be fair, they do recommend an "in-depth knowledge of TCP/IP" as a prerequisite.

As for if the certifications being "enough", I don't know. If you can get through the ones mentioned without significant effort, that's probably another indicator of your readiness for the course. I don't want to discourage anyone from this and think OSCP is a great goal and a fun process, but I also don't want to see people getting frustrated needlessly and quitting, wasting several hundred dollars in the process. I see people in the #offsec channel on a regular basis expressing their frustrations with the course.

So you would recommend networking, linux, and windows and then doing Hack the Box? Don't I need website building experience for Hack the Box?

I hacked my way into Hack The Box before but it was a long time ago and I completely forgot how to do it. I also couldn't even solve Blue (supposedly the easiest HTB machine).

What would the prerequisites to doing Hack the Box be? I think I should start there. Thanks.

The prereqs are getting into the site to begin with. If you can't do this, that's a strong indicator that you may not be ready to do OSCP yet. Probably 75% of the machines in the lab had web-based bugs on them as either the entry point of the machine, or as a stepping stone to get into the machine.

Right, so what is a good roadmap to becoming an OSCP in your view?
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  OSCP Preparation (Links) Insider 0 4,171 04-26-2018, 06:19 AM
Last Post: Insider
  does anyone here agree with this article? QMark 2 4,569 02-15-2018, 01:02 AM
Last Post: QMark
  Anyone doing traffic monetization? what's your main revenue coming from? TommyR00t 2 5,515 03-08-2017, 04:09 PM
Last Post: Insider
  Can Anyone Help Me With Database Parsing? Database Man 7 7,546 02-06-2017, 02:21 AM
Last Post: abcand123