OSCP Journey Part 6

Day 29
PDF: 90%
Videos: 95%
Boxes: 3
Networks:1

Just a short update as I haven’t posted anything for a while.

Have been feeling quite down of late and starting to think is this something that is just out of my technical reach. I’m not making any progress and seem to be stuck. I have taken about a week off as I just can’t get my head round the Buffer Overflow section. The PDF and the Video covers this far to quickly for my liking.

That’s not the only thing that’s frustrating me. The lab network is full of older machines which I know can be easily exploited using Metasploit I have been trying to exploit the vulnerability the manual way but I’m having no joy. Just on that, the PDF does cover Metasploit – why? I’m not sure as it can’t be used in the exam.

I am slowly going through the exercises, some of which I’ve already done. I know that most people would have finished them within the first 3 weeks – I haven’t been as productive and am still working through it. It just seems to be taking me longer than most.

rowbot

Share

7 Responses

  1. You should read the exam guide. You can use metasploit. The restrictions are quite specific. You can’T use it to launch the exploit but using payloads etc is total needed.

      • for anyone reading this later on, i found out the answer from irc channel:

        “you can use multi/handler on any/every exam system but with simple payloads like reverse or bind meterpreter usage counts as the ‘one-time’ metasploit usage”

    • Very slowly, life has gotten in the way a bit. I’m hoping today i can kick off the weekend with a good study session. I’ve printed off g0tmi1k’s walkthrough and have been reading that to get into the mindset. Have you done this course or are doing it?

      • I am currently working on getting Security+ cert and have a plan of OSCP in 2019. There are a couple I am following going through OSCP and following both the highs and lows before I look to take the plunge. Where in the world are you located? I am in the UK, so surprised with quick response.

        • I’m based in UK also. How did you find my blog? That’s a good cert surprisingly hard so don’t slack at it , iirc the % u need to pass is 80+. Get on Hackthebox and work through them as well as vulnhub.

Leave a Reply

Your email address will not be published. Required fields are marked *

Post comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.