Since I recently passed my OSCP and have read a lot of OSCP blogs in the process, I thought I will share some information and tips as well. Due to the shear amount of existing blog posts that all cover the exam perfectly, I do not want to add another one, telling you how to manage your time or structure the exam. Instead I will supply you with some ressources I have used myself, that might be of help for you as well. At this point I wanna say thanks to all the people contributing resources to the community in their spare time :-)
This will just be a general collection of resources and links but if you have any questions, feel free to contact me on Twitter - I wish you good look for your exam!
PWK Example Report - Have a look at this one early on, so you know what is expected to be in your exam and lab report.
Same goes for the OSCP Certification Exam Guide. There are restrictions in the exam regarding tools you are allowed to use. You are only allowed to use MSF on one of the boxes in the exam. So try to read this and avoid the tools which are not allowed in the exam during your lab and practice time.
By now all exams are proctored. Check here what this means for you and check if you meet the requirements for the proctoring session. Also use Chrome in the proctoring as Firefox is really unstable.
My goto for basically every kind of payload by now is Payloads All The Things. It is an incredible big and well maintained collection for methodologies, techniques and payloads. Especially helpful is the Reverse Shell Cheat Sheet. Make sure to understand and read the Spawn TTY Shell chapter as it will help you a lot with not losing your shells by an accidental CTRL + C.
These guides are not perfect but they help you to further solidify some information which you get in the PWK material.
In my eyes this is the hard part of OSCP. So practice it a lot and watch videos that help you understand potential privesc vectors if you have nothing to practice on. Try to avoid Eternalblue and DirtyCow in the lab. It will not help you to learn anything and there are other privesc vectors that will help you train the general methodology more.
Basic Linux Privilege Escalation by g0tmi1k - This one is the best
Linux Exploit Suggester - Nice script that suggests fitting kernel exploits
LinEnum - Collects privesc vectors for you and general information about the system
GTFOBins - Good list of binaries that can be abused for privilege escalation
Windows Privilege Escalation Fundamentals by fuzzySecurity - One of the best guides for Windows
PowerUp - This handy powershell script checks a lot of Windows privesc vectors for you. Might not work in the Lab but for newer machines it is superb
Sherlock - This is a powershell script that suggests privilege escalation vulnerabilities
Ippsec’s HTB walkthroughs - These are really useful. Watch them whenever you have some spare time, but do not forget to practice the things teached yourself :)
Compiling for Windows on Linux:
apt-get install mingw-w64 i686-w64-mingw32-gcc exploit.c -o privesc.exe -lws2_32
- Windows / Linux Local Privilege Escalation Workshop - This one is apparently quite good, have not used it myself though
Practice and do the BOF in the exam. It will give you a save 25 points.
vulnsever.exe - That is an intentional vulnerable cmdline application. Very good for practicing the simple things first
Buffer-Overflow-Exploit-Development-Practice - This is a collection of vulnerable applications that might help you practicing the BOF further
If you want to save a lot of time during the exam, think about using some script that handles automatic enumeration for you. It will be faster and save you from forgetting that one crucial scan.
- AutoRecon - I liked this most. Tweak it to fit your personal needs.
I did not use Kali Linux but preferred to use my normal system, where I a most comfortable working on. To have access to Kali’s Repositories I used a modified Kali image with Docker. Find my Dockerfile here.
While Offensive Security supply you with a Word template, I would recommend you to use this one for Markdown. It saves you from a lot of work, regarding image resizing and fitting and makes inserting code easier.