Obtaining the OSCP certification is a challenge like no other. The journey was full of Intensive research, building new skills and trying harder! The PWK is a very technical and hands-on course that will get students acquainted with the world of offensive security. After my journey with the exam and course from Offensive Security, I decided to go ahead and write an OSCP Review.
I have been in the IT industry for about 6 years now. A lot of my experience didn’t come from my everyday job but through self-education and a desire to learn. I have spent numerous hours at home, in front of my laptop, learning new tools and offensive techniques. I have spent hours testing out these tools and techniques through various mediums including HackTheBox, Pentestit, Vulnhub and local CTFs.
The lab was a great environment to learn in. You have the potential to access three different subnets after successfully finding the jump box to those other subnets. After successfully rooting boxes in the public subnet, you will start to gather intel and other interesting documents that will lead you to possible dependencies in other networks within the company. After you find those dependencies, you will be able to pivot into other networks and piece together even more intel. Make sure to document thoroughly the exploits used and any modifications done to successfully exploit those systems. As well as how you were able to gain privilege escalation and loot the files.
I booked my first exam for a Friday morning at 6:00 AM and did not have any plan, the email came right at 6:00 AM. I connect to the network, looked at the exam guide that is provided and start working. Within the first two hours, I was able to finish the buffer overflow and one other machine putting me at 35 points. I took an hour break around 12:00 PM with no further luck finding my next way in.
At around 3:00 PM I had successfully got a limited shell on my third box bringing me up to 45 points. I spent the next 6 hours enumerating vigorously and going down rabbit hole after rabbit hole. I took another one-hour break and came back with a clear head. This time taking a step back and thinking maybe I was trying too hard. I started over, trying to keep it simple and checking the basics. There was the answer to my headache! At around midnight, I was able to get a limited shell on my 4th box putting me at 55 points. I took the next 5 hours enumerating repeatedly and caught myself overcomplicating things again. At 5:30 AM, I was able to get privilege escalation on my 3rd box putting me at 65 points.
My VPN died at about 5:45 AM. I took a step back and thought well damn, that was intense! My first attempt was full of emotions and feelings. After submitting the reports and waiting a few days I received the following:
We regret to inform you that, based upon review of your course and exam documentation, you did not meet the requirements to pass the Penetration Testing with Kali Linux exam.
I booked my second exam for a Tuesday morning at 6:00 AM and had a solid plan. I connected to the network, looked over the exam guide that is provided, and started building an attack plan. I started running my scans in the background while I worked on the buffer overflow machine. Within the first two hours, I was able to finish the buffer overflow and one other machine again! I took an hour break and went back at it.
By 12:00 PM, I had rooted a third box. I spent the next few hours trying to get a hold on my 4th box, without any luck. I took another break and came back to try and conquer these last boxes. A few more hours and I was able to get a limited shell on my 4th box bringing me up to 67.5 points! For the next several hours, I struggled to get a limited shell on my 5th box until I remembered to keep it simple!
Boom! limited shell on my 5th box! I knew by this point I should be around 77.5 points! Enough to pass by the points awarded based on the exam guide. I took a few more hours and tried to escalate my privileges on the last two boxes but was unsuccessful. By this time, I was exhausted and decided I was satisfied with the points I had accumulated. I spent the next few hours fixing up my report and submitting. A few days later I received the following:
We are happy to inform you that you have successfully completed the Penetration Testing with Kali Linux certification exam and have obtained your Offensive Security Certified Professional (OSCP) certification.