OSCP: My Experience - Part 5
This post is part five in a series, as seen below:
- Part 1: PWK Syllabus
- Part 2: Tool Enumeration
- Part 3: Penetration Testing Topics
- Part 4: Course, Lab, and Exam Overview
- Part 5: OSCP Takeaway
This last post goes over my personal takeaways after completing the OSCP. As mentioned in previous posts, everyone will have different experiences with different takeaways.
First off, don’t get discouraged. Be patient, rooted boxes will come. I remember reading the forums about people in similar positions as myself, unable to root any boxes within the few couple weeks, feeling that they’re missing something or not smart enough to learn the material. A lot of the responses were just “keep at it, it will click eventually”. I thought to myself that this isn’t something that’s just going to “click”, but surprisingly it actually does. Obviously it’s not a magical click and you can suddenly hack all the things, but after days of research, days of failed exploits, eventually you will come across the right exploitation path and more importantly, learn from your prior mistakes to help you with the next exploitation path for the next target machine. Every exploit going forward teaches something new and the amount of hours you put into attempting to get an initial shell, to finally working your way up to root. It’s lessons you won’t forget.
Understand the amount of enumeration and outside research required. Enumeration is the name of the game. Most of the time if you can’t get a box, it’s due to lack of enumeration of some kind. If you can’t see a way in, it’s safe to assume you missed some vital information that requires more enumeration. If you do know of a potentially way in, a lot of outside research may be required. This is why the lab is where the real learning happens. It’s mainly due to the number of random technologies you encounter in the lab that require outside research in order to learn how the software works. But it’s this part of the course that forces you to learn like a pen tester. Penetration testing is basically research on top of research of technologies you’ve never seen before and becoming a pseudo-master of that technology in a short time period. And even then, your exploitation attempts might fail. But if you keep pushing, enumerating, researching, and learning new things, the shells will come. The OSCP is really just about teaching students how to teach themselves. And that’s why it has a reputation for being difficult, cause some people simply do not know how to teach themselves or give up before things start to click, but it is a skill you can definitely learn if you continue to push yourself. In the beginning, (if you’re like me) you’ll fail and fail at any exploitations, but they’re all learning experiences. If you stick at it, it will eventually click.
Which going into my next point, is that failing is ok, especially within the OSCP. I personally know some people that have given up after failing the exam once. There are people throughout the student forums stating that they are giving up and are getting too frustrated with failing or they’re unable to root more than a few machines in the lab so they’re calling it quits. Pushing through that failure to then succeed, gives you confidence like none other, on top of the knowledge and experience gained from finally succeeding.
I stated this in the last post but it’s worth saying again: create a pen test methodology and follow that methodology. The exam is very much a time challenge. The machines in the exam are not too difficult to exploit, but they are difficult to exploit in a 24hr timeframe. If you get your methodology created and write scripts for things you know you’ll do for every machine, that will give you an edge over the timeframe.
And onto my last takeaway, N00bs can pass. I had zero pen testing experience and had open Kali maybe once before taking the course. If you’re patience, don’t let failing get to you (easier said than done), and just continue pushing you can and will pass the exam and learn a ton of awesome stuff along the way.
I hope these posts were useful and/or helpful to someone. For those beginning their own OSCP journey, have fun, good luck, and happy hacking!
Let me know what you think of this article on twitter @_TheGetch_!