on
Before, During & After my OSCP
I passed my OSCP in June 2018, so this post is a little late. But honestly, I figured everyone else writes one almost immediately, fuelled by the joy/sadness of receiving the email from OffSec. I did think about writing one straight away but I didn’t really know how it would differ to anyone else… “I passed. Exam was hard. Labs was fun. Well worth it. Woooooh.”
So a few months down the line, I figured I could post some points about my personal experience with OffSec’s PWK course (and ultimately, the very popular OSCP certification). I don’t really want to sit here and recommend resources and pre-requisites for everyone to be able to one shot the exam. These kind of blogs can be found with a simple Google, infact – some people even dump an entire A-Z on Github, so I’m sure if you’re good enough at Google then you’ll find it. However, that’d ruin the whole experience (in my opinion).
The following sections of this post contain 3 main topics “Before”, “During” and “After” my time with OffSec, what I learnt and any recommendations I have regarding the entire course and exam. Again, to reiterate – this won’t be a “Do this box on Vulnhub and you’ll pass”, it’s more of a holistic view of everything around gaining your OSCP certification. As well as these 3 main sections, I will break down my course purchase and conclude with any final thoughts.
A quick breakdown
Lab time purchased: 90 days
Started: March 2018
Exam: End of May 2018
Exam Attempts: 1
Additional:
- Completed the lab report as soon as I could (possibility for extra marks)
- Spent ~2 hours a day chipping away due to work and University
Before my lab time
- Started from scratch** on Hack the Box (HTB), and just about reached the ‘Pro Hacker’ rank.
- I’d been to 1 face to face CTF which I was terrible at.
- I had dabbled with very basic Buffer Overflows (no ROP, Ret2LibC, Canaries, DEP, ASLR etc).
- Had very limited knowledge of web exploitation (xss, no sqli).
- Awful at enumeration (pre and post), I successfully missed obvious things a lot.
- I thought long sessions of hacking and energy drinks were a good idea.
- I knew C, a bit of Python, no bash, and my Kali (linux overall) skills were limited (I knew various other languages which were of no use here…)
** When I say scratch… I mean scratch. I was googling how to ‘scan ports’ and ‘how to hack WordPress.’ I didn’t even know what a reverse shell was, I just knew I wanted to get one. Trust me, I was clueless.
During my lab time
- Enumeration became the key to my lab success.
- The PWK course material carried me through the lab.
- I used the rubber duck approach with non-technical beings. I talked to my lizard, tarantula and girlfriend about various systems and my approach, receiving 0 feedback. This made me explain it further and further until the answer was literally on the tip of my tongue. (Great technique for debugging code too!) *Metasploit wasn’t the only option (99.9% of the time).
- C, Python, Bash and (minor) x86 asm is your friend.
- The “try harder” attitude didn’t really help me, unless it’s used in a sense of “you’re at the right door, just keep trying”. When it’s some kid who can’t even sign up on HtB spamming it on discord, it’s just not worth reading it.
- Custom cheat sheets for my own tools/scripts, enumeration methods and overflow techniques really helped relieve stress when it came to using them against a target.
After I received my “pass”
- A nice sleep during the exam was literally all I needed.
- Enumeration WAS (and still is) the key to my “success”.
- Energy drinks just increased palpitations, eat and drink healthier stuff throughout. Don’t enhance your stress!
- I wasted time banging my head against something I thought was going to work. I even told myself it wasn’t going to work. I continued to hit it. Don’t do that.
Final thoughts
- DON’T be put off by the Buffer Overflow content. It’s the best bit!
- The course materials will take you from 0 to OSCP, it just takes time and effort.
- The exam is difficult, and it should be ‘feared’ but don’t let it hinder your progression. If you fail, so what? Just re-book it, study up and hit it again.
Overall, enjoy it. It’s 24 hours of hacking (if you don’t sleep). OffSec care about their students, if you have any questions just ping them. I made heavy use of their live chat because I’m smart enough to literally break everything, all the time. You’ll miss it when it’s over, I know I do. So make the most of it!
Good luck if you are planning to take the course and exam yourself. It’s definitely worth the time and effort 🙂