This page is the jouney with some tips, the real guide is here
My own OSCP guide with some presents, my owncrafted guide and my Cherrytree template, enjoy and feel free to contribute :)
- OSCP-Human-Guide
It was an incredible help to me, I have it on the throne of pentesting basis, litte outdated: https://nostarch.com/pentesting, there is some info to get all the exercises with updated resources here: https://github.com/PollyP/Notes-on-Penetration-Testing-A-Hands-On-Guide-to-Hacking/blob/master/README.md
Repeat this mantra: Sleep, rest, calm down you will get it
- Open CherryTree template to get screenshots and paste outputs.
- Run simple nmap and then the slower.
- Check first results (webs, ssh, ftp) from the first fast nmap scan.
- Review slower nmap scan.
- Always go for the easiest port (SMB, FTP, HTTP...).
- Depend on each port do the appropiate enumeration techniches.
- Time to find exploits and try them.
- In case webpage is your target, look the source code, ever, will find software versions, for example.
- When you get the exploit and you have tweaked it for your target and purpose you should be inside as low user.
- Simple enumeration such as OS version, users, permissions, files in home, compilers, available tools.
- In case of Windows, with
systeminfo
is enough for me https://github.com/GDSSecurity/Windows-Exploit-Suggester
- In case of Windows, with
- Find out how to upload files.
- Upload your privilege escalation script.
- In case of Linux I always used LinEnum and linux-exploit-suggester
- Check services running and check the strange ones in gtfobins and exploit-db
- Run your exploit and get root, collect proofs, passwords, review root paths and home paths for interesting files for other machines.
I did 4 exam mockups in 2 weeks, yes, 24 hours for 5 machines.
- LazySysadmin VulnHub
- Metasploitable3_ubuntu GitHub
- MrRobot VulnHub
- Pinky's Palace v1 VulnHub
- Own crafted Windows XP machine with SLMail, Minishare, DoStackOverflowGood, VulnServer and WarFTPD.
- Session recorded with OBStudio, two screens without sound at 10 fps in mkv format, about 25GB.
Failed, 6 hours in the first BOF, all went bad due my extreme nervous :(
After this last month this was my result: IT Network unlocked, 32 machines rooted in Public Network, that's all. No exam mockups.
- Session recorded with OBStudio, two screens without sound at 10 fps in mkv format, about 25GB.
- After 8 hours 4 machines rooted. After 20 hours 5 machines rooted, with 5 slept.
- This is the template used for my exam report.
- Report done in 4 hours.