Great video! I've watched all of your "OSCP" series and I must say that you motivated me to take the PWK course, which I'm focused on since January. Can't wait for more videos
Great video, you really deserve more views/subscribers. Quick question: Do we get to know which box is the buffer overflow during the exam or do we have to figure that out on our own?
How would you say is the best way to narrow down what exploit to use after finding a bunch of exploits. Sometimes most of my time gets wasted because I try ALL of them until one of them hits. I don’t have a problem with that, but for the oscp I need to be working efficiently
Unfortunately I don't really have a great answer for that. If there are multiple exploit scripts available for the same CVE, I would usually try them until one works. Many times they will require some slight modification. Wish I had a better answer for you.
- Check for Vulnerable application / service version. - Check CVE - Use most recent / updated exploit. Sometimes 2nd version or 3rd version is mentioned (in searchsploit exploitDB) Use intersection of all the above points. Finally - Keep some exploit in ready to use state like (php-reverse-shell / eternal blue MS17-010)
Hey man great video I Have one question, regarding AD scenario in the report..... For example if you have 4 machines lets say that the one machine was compromised and the with enumeration you were able to find doman admins and then you can rdp to other and the DC, how would you report it in the exam... Because the vulnerability might be one the first machine broke but I wonder how to report the other ones if they are compromised with just a login... and also if you use autorecon for info gathering just copy and pasted the output or re ran the commands?
I’m planing on starting my OSCP journey by the end of the year after finishing my Masters Degree. Do you recommend getting the 90 days package ? I wanna make sure I can go to the course carefully, without worrying about killing all my lab time.
Yes I would recommend getting the 90 day then. Also, I would highly recommend rooting 20-30 HTB machines before starting. That will give you a really good foundation to work off of.
If you're curious about the topics in scope, I'd recommend looking at the course syllabus. It's public and lists everything taught, so it should give you a good idea of what to expect.
@@c0nd4 Thanks, i'm hoping to get my OSCP by the end of the year. January was the first time i've ever done any pentesting but i've been doing it pretty much non-stop since then. I'm currently doing Virtual Hacking Labs and have rooted 20 machines in just over 10 days. I'm then planning to move onto Proving Grounds and then get the PWK. How long had you been pentesting before you took the exam? Did you have much other experience like on VHL or HTB etc?
I would caution against recommending scanning all ports at once. Build a list of most common ports. Scan the most common ones first. If nothing comes back, scan all of them. This way, first time exam takers won't waste time. I don't have an OSCP cert, so take it with a grain of salt.
Missing an obscure open port is a common reason for people failing this exam, so yes I do still recommend scanning them all. Adding verbose flags to nmap will make it output open ports as they're found so it doesn't end up taking much extra time to hit common low ports.
right on good video Conda
Great video! I've watched all of your "OSCP" series and I must say that you motivated me to take the PWK course, which I'm focused on since January. Can't wait for more videos
That's awesome news! Good luck with it. I'd recommend doing a lot of HTB machines before starting PWK.
Great video, you really deserve more views/subscribers. Quick question: Do we get to know which box is the buffer overflow during the exam or do we have to figure that out on our own?
Thank you! They make sure you know which box that is.
Really helpful thank you!
No problem 😁
How would you say is the best way to narrow down what exploit to use after finding a bunch of exploits. Sometimes most of my time gets wasted because I try ALL of them until one of them hits. I don’t have a problem with that, but for the oscp I need to be working efficiently
Unfortunately I don't really have a great answer for that. If there are multiple exploit scripts available for the same CVE, I would usually try them until one works. Many times they will require some slight modification.
Wish I had a better answer for you.
- Check for Vulnerable application / service version.
- Check CVE
- Use most recent / updated exploit.
Sometimes 2nd version or 3rd version is mentioned (in searchsploit exploitDB)
Use intersection of all the above points.
Finally - Keep some exploit in ready to use state like (php-reverse-shell / eternal blue MS17-010)
@@c0nd4 haha that’s alright no worries. I really love the channel by the way! Great work
@@iakashx ahhh niceee thanks a lot akashhhh :))
Thank you! 😁
Thank you bro 🙏
How long did you mean by break?
Insightful
Great advice 🙂
Thanks!
@@c0nd4 I really need help from someone to prepare for oscp exam
Feel free to join my Discord and ask questions there!
@@c0nd4 Thanks alot🤗
Hey man great video I Have one question, regarding AD scenario in the report..... For example if you have 4 machines lets say that the one machine was compromised and the with enumeration you were able to find doman admins and then you can rdp to other and the DC, how would you report it in the exam... Because the vulnerability might be one the first machine broke but I wonder how to report the other ones if they are compromised with just a login... and also if you use autorecon for info gathering just copy and pasted the output or re ran the commands?
I’m planing on starting my OSCP journey by the end of the year after finishing my Masters Degree. Do you recommend getting the 90 days package ? I wanna make sure I can go to the course carefully, without worrying about killing all my lab time.
Yes I would recommend getting the 90 day then. Also, I would highly recommend rooting 20-30 HTB machines before starting. That will give you a really good foundation to work off of.
@@c0nd4 I'll do that for sure! HTB and some VulnHub machines as well :)
Thank you for responding! :D
They now have a 365 day lab. Recommend that.
what kind of machines we need to practise? i mean do i need to practise forensics,reverse engineering...?
If you're curious about the topics in scope, I'd recommend looking at the course syllabus. It's public and lists everything taught, so it should give you a good idea of what to expect.
OSCP Exam on 9th May 2021 , Wish me luck .
That's awesome!! Good luck with it
Same! Good luck my man!
@@Itsyaboi2538 You too Bro . Let's Congratulate each other after that
Hey buddy! How did your OSCP exam go? I hope it worked out well.
@@SpragginsDesigns Failed bro . But Enjoyed the whole OSCP journey and I am on HTB now will retake it in future
During the exam, you're aloud search things on the internet & watch like youtube PoC videos yea?
Yep! Google is your friend
@@c0nd4 Thanks, i'm hoping to get my OSCP by the end of the year. January was the first time i've ever done any pentesting but i've been doing it pretty much non-stop since then. I'm currently doing Virtual Hacking Labs and have rooted 20 machines in just over 10 days. I'm then planning to move onto Proving Grounds and then get the PWK. How long had you been pentesting before you took the exam? Did you have much other experience like on VHL or HTB etc?
Good luck! I had been doing HTB for about 2 years before starting PWK
I would caution against recommending scanning all ports at once. Build a list of most common ports. Scan the most common ones first. If nothing comes back, scan all of them. This way, first time exam takers won't waste time. I don't have an OSCP cert, so take it with a grain of salt.
Missing an obscure open port is a common reason for people failing this exam, so yes I do still recommend scanning them all. Adding verbose flags to nmap will make it output open ports as they're found so it doesn't end up taking much extra time to hit common low ports.
no hair :(