this is the reason why i dont rush and buy the exam first. its great to learn from the guys like you in the first place. first it doesn't look intimidating at all, second your points on rabbit hole will probably save me some decent hours :) again very much appreciated.
Yes its for the code you use, and yeah if its not a program (i.e. manual exploitation) there's no code so you can put N/A. For code you get from github you can just include the link and maybe a code snippet if you had to modify something.
Thank you very much for making this video, bro. I'm currently doing retired HTB boxes to train for the OSCP exam. So far I've completed almost 50. How many PWK lab machines have you completed before taking the OSCP exam?
Depending on the exam you get, yes there could be a couple, I don't know exact numbers. And Offsec doesn't always put them in there intentionally but sometimes its just easy to get tunnel visioned on a port or service if its out of date, looks like it has an exploit available, etc.
I have a question, I've made a lot of command alias and custom scripts to automate recon tasks, do I have to provide all my command alias and scripts code in the report? Would appreciate to get a reply
I mean the report require that someone else using it should be able to „root the box” doing all steps included. If you skip some parts that is not filling up the requirements and goal of the reporting part
If this is supposed to be "easy" and a actual OSCP machine would be "hard" then I'm giga F*d, this did not look easy at all and the rabbit holes would ruin me
this is the reason why i dont rush and buy the exam first. its great to learn from the guys like you in the first place. first it doesn't look intimidating at all, second your points on rabbit hole will probably save me some decent hours :) again very much appreciated.
loved the video man. learning alot on rabbit holes
🔥 nice, i just did this box. Loved the commentary, i take my oscp this Friday
Good luck!
Did you pass?
Fantastic walkthrough, thank you.
26:13 what is the proof-of-concept section of the report for? Is it the PoC for exploit code? So in this case, that would be N/A?
Yes its for the code you use, and yeah if its not a program (i.e. manual exploitation) there's no code so you can put N/A. For code you get from github you can just include the link and maybe a code snippet if you had to modify something.
The minute you put vim in I screamed. Great video though.
Please make video on report writing
Thank you very much for making this video, bro. I'm currently doing retired HTB boxes to train for the OSCP exam. So far I've completed almost 50. How many PWK lab machines have you completed before taking the OSCP exam?
Isn't enum4linux prohibited on oscp?
Does the OSCP exam has this many rabbit holes as well? The challenge machines OSCP A B and C weren't that full of rabbit holes.
Depending on the exam you get, yes there could be a couple, I don't know exact numbers. And Offsec doesn't always put them in there intentionally but sometimes its just easy to get tunnel visioned on a port or service if its out of date, looks like it has an exploit available, etc.
Hi Friend, can share your note any command list?
Thanks
I have a question, I've made a lot of command alias and custom scripts to automate recon tasks, do I have to provide all my command alias and scripts code in the report? Would appreciate to get a reply
I mean the report require that someone else using it should be able to „root the box” doing all steps included. If you skip some parts that is not filling up the requirements and goal of the reporting part
sorry this is kinda late but yeah i'd add your alias file in the report. Personally I just didnt use aliases during the exam just to be safe
Is this machine retired on PG? I can't find it. Subbed!
Yeup its still in the providing grounds play VM list, you could also get it here
www.vulnhub.com/entry/seppuku-1,484/
Thanks for the sub!
Budddy... It's proving grounds! Good video, tho @redfire-359
Could you please share your notes? I liked how they were organized. It's okay to remove any OSCP copyright stuff
i am making notes of this, never given this exam but i wanna be ready of i do, which is ironic itself
If this is supposed to be "easy" and a actual OSCP machine would be "hard" then I'm giga F*d, this did not look easy at all and the rabbit holes would ruin me
Go for the low hanging fruit first..