Road to OSCP – Part 3

Welcome back, glad you stuck around. This is the final part of my Road to OSCP series. I will try to write a lot more and be more active. Try to give back what I’ve learnt so far, and learn more 🙂

root@acc3ssp0int:~# service oscp_labs stop

If you’ve reached this point, your lab time is up, you’ve finished working on lab machines, prepped your notes, documented your exercises and hopefully, scheduled your exam. A few exam tips that may help you out.

root@acc3ssp0int:~# cat /home/tips.txt

  • Target the maximum points machines first.
  • Take a few minutes break between every machine and every time you feel overwhelmed.
  • It’s OK to be nervous, but do not break down and get into your own head.
  • Keep switching between machines to prevent rabbit holes.
  • Design your own Penetration testing methodology, it will not only help you perform the exam in a systematic manner but also keep you from missing key items. PTES helped me to draft my own methodology.
  • Check everything for vulnerabilities
  • Some exploits might look stupid and obvious, DO NOT ignore them, try it anyway.
  • Screenshot everything, it may not be useful, but you would not want to miss anything while preparing your report.
  • Keep it Simple.
  • Start over if you feel you’re looped in.
  • and Lastly

root@acc3ssp0int:~# cat /home/more_tips.txt

These are things that I learnt in the days before my exam.

  • Solve Hack The Box (HTB) machines (Active and Retired).
  • Designed my own 1 page all cheat sheet which covered everything from enumeration to privilege escalation and post exploitation.
  • Watched IppSec’s HTB walkthroughs, I learnt quite a few tricks from his approach and tools he used. (smbmap is better than smbclient, I learnt this the hard way).
  • Practice a lot of manual enumeration especially for privilege escalation.
  • Work on your Windows CMD / PowerShell skills. It’s very important.
  • Backup / SnapShot your VM and deploy it on a secondary PC, JUST IN CASE.
  • Enumeration skills, Google and Nmap will be your BEST FRIEND
  • Follow read and ingrain the exam guide.

root@acc3ssp0int:~# service oscp_exam start

This is a day you’ll be all on you own, everything you’ve learnt, practiced and worked for, it all boils down to these 23 hours and 45 minutes. Get in time for your exam (at least half an hour early). Get the pre-requisites in place and get cracking!

I wish all my readers luck for their exam as well as to those who are planning to get into this journey.

root@acc3ssp0int:~# cat /home/OSCPguide/*

This brings us to the end of part 3, and the Road to OSCP series. It was definitely fun writing about my experience and my journey from newbie to OSCP and I sincerely hope these blog posts help you in yours.

You can read part 1 here.

You can read part 2 here.

root@acc3ssp0int:~# exit

More content coming soon 😀

3 responses to “Road to OSCP – Part 3”

  1. I didnt know that smbmap was better than the client one. Thank you for letting me figure it out without giving much effort.

    Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: