What you need to know to prepare for OSCP exam? Or what I need to know. Labs, Reporting and Exam requirements. #OSCP #pentesting @offsectraining

Hi!

I am preparing for the OSCP exam, and there is alot of information out there. I needed to know what I am suppose to know before I take the exam. If you are about to do this exam please read the links, I know there is a lot text, but it is important.

My journey so far
https://blog.invid.eu/2022/01/06/my-ocsp-and-pnpt-journey-from-the-beginning-during-and-i-hope-the-end-tcmsecurity-thecybermentor-offsectraining-pnpt-oscp-joplinapp-reconmap-bhinfosecurity-strandjs-hacking-pentesting/

Labs, Reporting

Link that you need to go thru:

https://help.offensive-security.com/hc/en-us/articles/360046787731-PEN-200-Reporting-Requirements

Here you will also find templates for reporting. Both for the labs and the exam.

For 10 extra points on the exam you need to write a report from the execise and the labs. Not all exeercise are needed in the report. You will see on the exercise if you need it in the lab report.

In the report from the labs you need report 1 Active Directory (4 machines) plus 6 other machines. In total 10 machines. These need to be fully comprimized and need to be unique. And it is NOT ok for 1 machine with 2 different solutions.

Exam

Host

Update 2022-04-28

I tried below, and I got a ticket real fast and was able to try my host machine!

I am running Ubuntu 22.04

You may reach out to our proctoring team by submitting a ticket to request for a test session.

Requierments for the host pc that you are running:
https://help.offensive-security.com/hc/en-us/articles/360040160792-What-are-the-technical-requirements-to-participate-in-a-proctored-exam-

Proctoring Tool Student Manual
https://help.offensive-security.com/hc/en-us/articles/360050299352

Reporting

The files need to be as below format. Please read the OSCP Exam guide.

OSCP-OS-XXXXX-Exam-Report.pdf
OSCP-OS-XXXXX-Lab-Report.pdf

Compess these files into 1 file:

OSCP-OS-XXXXX-Exam-Report.7z

You have uploaded your .7z file to https://upload.offsec.com 

Tools for the exam

Please read:

https://help.offensive-security.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide

Below tools is ok to use for now (2022-04)

  • BloodHound
  • SharpHound
  • PowerShell Empire
  • Covenant 
  • Powerview
  • Rubeus
  • evil-winrm
  • Responder (Poisoning and Spoofing is not allowed in the labs or on the exam)
  • Crackmapexec
  • Mimikatz
  • Nmap (and its scripting engine)
  • Nikto
  • Burp Free
  • DirBuster

Metasploit/Meterpreter

You may use Metasploit/Meterpreter on 1 target and 1 target only.

You may use the following against all of the target machines:

  • multi handler (aka exploit/multi/handler)
  • msfvenom
  • pattern_create.rb
  • pattern_offset.rb

Points on the exam

Read below link to understand what points are needed for the exam!

https://www.offensive-security.com/offsec/oscp-exam-structure/

I hope this help someone out there.

Keep hacking!

//Roger

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.