Hi all, I want to talk about my OSCP Journey in this post. I’d like to give some tricks and recommendations about this exam and preparation process. You can found everything about what is this certification, thus I will talk about the lab and especially the exam. Before starting the process, you will get lab access for exam preparation. This lab contains 75 machines for practice, actually ı didn’t solve all of them, and when my lab time, there were 60 machines. I got root access around 40-45 machines, after 15 days from my lab finish time, my exam started. In my first attempt, I got 4 initial shells but ı didn’t get the privilege shells. In my buffer overflow question, happened some problems with my internet connection, and ı didn’t sleep :/ At the end of the day, ı canceled my first exam.
In my first exam ı took some notes:
- Sleep enough
- Enumeration is key
- Feel free, this is only a ctf
- Study more for privilege escalation
When my 2. exam, ı studied for my school’s final exams. I forgot to reschedule my exam. Thus, I couldn’t do anything. I was rusty because of my school and school exams. I canceled this exam, too. We know our motto is “TRY HARDER!!”.
Between 2.exam time and 3 exam time, firstly, ı try “Tryhackme” and take a look at OSCP preparation path or offensive path ı don’t remember the name of this path. I finished it, ı solved another 4-5 machines. Then, ı solved some HTB machines ( you can find OSCP like machines if you want on the internet ). In this time period, ı took lots of notes like write up links, some tricks about privilege escalation, some commands, etc. ( I use OneNote )
Finally, time is up. My exam started, firstly ı solve buffer overflow in 35 minutes. I took a break, got a cup of coffee :). After 10 hours, ı got 3 root/system access and 2 initial shells. I slept for around 2 hours. I got root access to another machine too. I found the last machine’s privilege escalation exploit code but this exploit code not efficient for me in this exam case. I found this exploit’s vulnerability and ı was able to execute commands with system privileges. At the end of day, my exam finished.
2. day ı wrote my exam report, this was around 45 pages, ı send it. And my waiting time started. After 5-6 days, the email I expected came.
Some general tips and links:
- Feel free.
- There is a way to solve these machines, just find it.
- Think creatively but simple.
- Sleep enough before the exam.
- You must understand exploit codes, thus you should learn simple programming skills.
- You must know penetration testing phases like enumeration, vulnerability scanning, etc.
- You should create your own basic cheat sheets, you can save lots of time.
- You can take a look at GitHub pages for oscp exam and preparation process.
- Think about this is a CTF, THIS IS NOT A REAL PENETRATION TEST!!! We know these machines vulnerable. If these machines don’t vulnerable, how we get this certificate ? 🙂
Useful Links ( I think ) :
- https://guif.re/
- https://gtfobins.github.io/
- https://github.com/berkotako/Offensive-Security-OSCP-Cheatsheets
- https://github.com/berkotako/OSCP-Prep
- https://github.com/berkotako/EyeWitness
- https://github.com/berkotako/nmap-vulners
- http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
- http://pentestmonkey.net/tools/web-shells/php-reverse-shell
- https://github.com/jivoi/pentest/blob/master/shell/insomnia_shell.aspx
I am grateful to my team, my family and my friends for their support.
Berk KIRAS | PwC – Cyber Security Specialist