My OSCP journey

Al1z4deh:~# echo "Welcome"
5 min readMar 12, 2023

--

In this article, I will share in detail what I had done and which resources I used while preparing for the OSCP certification exam. I will also disclose which points to pay attention to during the process.

Who am I

I am Elman Alizada, and I work as an information security engineer in Azerbaijan. During my time in this field, I already have gained two certificates:

But the OSCP certificate was the one I aimed for from the beginning of my journey.

How I started

I officially got my OSCP certificate package in December. In this package, I had the right to try it twice and a voucher to enter the OSWP certificate. Before, I used to work on platforms like TryHackMe and Proving Grounds (practical). But after taking the OSCP course in December, things changed. There are other approaches. So I started preparing. First, I joined the Discord group. This is very useful. Because if you can’t solve the boxes in PWK, you can ask there or see the answer if someone else has asked before. Also, I would advise you to make your own cheat sheet. I used obsidian for this. You can also keep other people’s cheat sheets as a favor for yourself.

These are the ones I use:

Exam preparation:

Before the OSCP tutorial, I was taking notes by working the boxes from Proving Ground. You can see my posts here.

Oscp preparation | Proving Grounds Practice

39 stories

As you know, the highest score in the OSCP exam is given to the AD set. So first, I finished the AD training and worked on the other machines. But after a while, it piqued my interest. I also used TryHackMe.

I had all kinds of notes on AD. In addition, training Windows machines are provided for personal use, where you can test all attack tools that you can think of. From now on, it will be useful to follow web attacks. Because the exam focuses on everything in the training package. Windows privileges should also be in your records; note that two machines will be Windows. I didn’t come across BOF in the exam so I won’t say anything about it. However, according to my research, none of the candidates had a BOF this year. As for Linux, you will find the exploit and exploit it. Note that this is OSCP. The main thing is to find the vulnerability and go on the offensive. Try not to use Metasploit as much as possible while preparing. Although you are allowed to use it once in the exam, save it for the hardest part. I always thought I had no such right. I did not use Metasploit during the exam either.

Examination process

I scheduled the exam for March 6 at 7 a.m. Proctor asked me to show my government ID and run the PowerShell script they gave me on the computer. I sent the results back. Also, after inspecting my room, I was sent an email with a URL to download a VPN and access the exam portal. I finished the first AD set when I started the exam. It took me 3 hours. Within 3 hours, I had already looked through all the boxes. I was under so much stress that it seemed difficult to me. But after I finished AD, at least I felt a little more relaxed. I got permission from the proctor to get up and walk every hour. I suggest you open your mind. After finishing the AD set, I resolved the Windows machine. It was comfortable for me. The privilege was initially available throughout the course. Now I’m relieved. A bonus of 10 points is awarded after completing the course. After securing my job, I casually looked at the other two machines. After finishing other operating systems, I switched to Linux. Note: There are a lot of rabbit holes. For this reason, sometimes a small file that we overlook can affect our entire progress. After that, I was tired, so knowing that I had already passed the exam, I finished and went to sleep. The next day, at 11 a.m. on the 7th, I wrote and sent the report.

Report

Be careful in the reporting process; take screenshots of everything. I took a snapshot of everything and saved the exploit links. But I made a big mistake. The hostname was the same on both Windows machines. That’s why I got the two mixed up and forgot to get the system flag of a machine. I thought it would be bad for my exam.

Try to avoid making this mistake. If in doubt, take screenshots two or even three times.

The result

After sending the report at 11 a.m. on the 7th of March, I was dying of excitement. When I saw the results of those who took the exam on the 8th of March on LinkedIn, I was filled with fear of failure. I even wrote to offensive security about it. I got an email one hour after I wrote it on the 11th of March.

And finally, the waiting with a lot of worries was over. I received my certificate and started writing this article. I hope my article is clear as I have tried to write all details in my post. If you have any question that really interests you, please write. I had many unanswered questions while doing the research before the exam. I believe you found this article useful. I’ll see you on my next certification journey.

And now we are OSCP :)

--

--

Al1z4deh:~# echo "Welcome"
Al1z4deh:~# echo "Welcome"

Responses (5)