Offensive Security OSCP Logo

Disclaimer:

I failed my first OSCP exam attempt. This is more just a post detailing my experiences and take-away from this OSCP exam attempt.

Introduction:

I started my OSCP journey about 3 months ago back in November 2018. I had been volunteering for my companies Red Team without much prior knowledge of a proper pentration test. My degree is a Bachelors of Science in Computer Security & Forensics. My major or program back in university was brand new so they did not have everything hashed out curriculum wise. So I took some classes here and there and one of them was to play around with Backtrack. We didn’t really cover any tools and my professor just said “here’s Backtrack, try running the Armitage Hail Mary” command.

Starting the OSCP Journey

I had tried the OSCP labs once before back in 2015 and was rather lazy about following through and I ultimately let my lab time expire and never scheduled an exam. As previously mentioned I started my lab time in November 2018 and ignored the exercises at first as I could always go back and do them again as I had done them back in 2015. They changed a bit since 2015 as it was Penetration Testing with Backtrack and Offensive Security had just made the swap to Kali Linux.

( https://i.imgur.com/244HhZ1.png ) — Example of Note Structure

Working in the Labs

I had set a goal out for myself to try and obtain at least 5 servers a week, so about 1 server every weekday. There were times where I’d work on weekends as well but I ultimately did not want to spend all of my time on the computer as I work on computers for a living.

  • The forums have some good tips if you get stuck. Try to avoid using the forums as your go-to as you won’t have it for the exam.
  • Some students also have no idea what they are talking about on the forums, so take it with a grain of salt.
  • I personally would look for the threads that contained “Last_IP_Octet — Hotot’s Take” as this student provided useful tips without giving away the answer if I ever got stuck and needed a last resort.
  • Utilize the support chat over at https://support.offensive-security.com/chat.php
  • If you suck up to the admins they might just give you a hint in the right direction.
  • ALWAYS revert a machine before you work on it.
  • Wait about 5 minutes after a revert. Some services do not start immediately on system reboot.
  • Each machine has a “proof.txt” file located in the administrators desktop or root directory.
  • Document each step you take text + screenshot or screenshot at the very least.
  • Join the PWK/OSCP Prep Discord: https://discord.gg/strQxxe — you can find me on there as FalconSpy (FalconSpy#0512)

Game Day

The exam was scheduled for Saturday, February 16, 2019 at 2pm local time.

  • 25 point behemoth riddled with rabbit holes
  • 2 x 20 point machines
  • 10 point machine

Lab & Exam Writeup

Although I threw in the towel for the exam and did not create an exam writeup, I still crafted my lab write up 2 weeks before my exam was scheduled. From the moment my lab time expired up to the exam I made sure I had all the required information in my lab write up including the exercises.

Take-Away

  1. Manage time wisely
  2. Take more frequent breaks if you get stuck. I personally tried to take a break every 2 to 3 hours.
  3. Move onto another machine once you become stuck and took a break to clear your head.
  4. Do not become consumed by a single machine. (For example spend 11 hours on one host like I did even with breaks).
  5. If something you expect to work isn’t working, it’s by design. The admins might’ve changed something to make the exam machine harder for the student or it’s to mimic a real world situation.