Thank you very much for making this video, bro. I'm currently doing retired HTB boxes to train for the OSCP exam. So far I've completed almost 50. How many PWK lab machines have you completed before taking the OSCP exam?
Yes its for the code you use, and yeah if its not a program (i.e. manual exploitation) there's no code so you can put N/A. For code you get from github you can just include the link and maybe a code snippet if you had to modify something.
Depending on the exam you get, yes there could be a couple, I don't know exact numbers. And Offsec doesn't always put them in there intentionally but sometimes its just easy to get tunnel visioned on a port or service if its out of date, looks like it has an exploit available, etc.
I have a question, I've made a lot of command alias and custom scripts to automate recon tasks, do I have to provide all my command alias and scripts code in the report? Would appreciate to get a reply
I mean the report require that someone else using it should be able to „root the box” doing all steps included. If you skip some parts that is not filling up the requirements and goal of the reporting part
If this is supposed to be "easy" and a actual OSCP machine would be "hard" then I'm giga F*d, this did not look easy at all and the rabbit holes would ruin me
loved the video man. learning alot on rabbit holes
🔥 nice, i just did this box. Loved the commentary, i take my oscp this Friday
Good luck!
Did you pass?
Fantastic walkthrough, thank you.
The minute you put vim in I screamed. Great video though.
Please make video on report writing
Thank you very much for making this video, bro. I'm currently doing retired HTB boxes to train for the OSCP exam. So far I've completed almost 50. How many PWK lab machines have you completed before taking the OSCP exam?
Hi Friend, can share your note any command list?
Thanks
26:13 what is the proof-of-concept section of the report for? Is it the PoC for exploit code? So in this case, that would be N/A?
Yes its for the code you use, and yeah if its not a program (i.e. manual exploitation) there's no code so you can put N/A. For code you get from github you can just include the link and maybe a code snippet if you had to modify something.
Does the OSCP exam has this many rabbit holes as well? The challenge machines OSCP A B and C weren't that full of rabbit holes.
Depending on the exam you get, yes there could be a couple, I don't know exact numbers. And Offsec doesn't always put them in there intentionally but sometimes its just easy to get tunnel visioned on a port or service if its out of date, looks like it has an exploit available, etc.
Is this machine retired on PG? I can't find it. Subbed!
Yeup its still in the providing grounds play VM list, you could also get it here
www.vulnhub.com/entry/seppuku-1,484/
Thanks for the sub!
Budddy... It's proving grounds! Good video, tho @redfire-359
Isn't enum4linux prohibited on oscp?
i am making notes of this, never given this exam but i wanna be ready of i do, which is ironic itself
I have a question, I've made a lot of command alias and custom scripts to automate recon tasks, do I have to provide all my command alias and scripts code in the report? Would appreciate to get a reply
I mean the report require that someone else using it should be able to „root the box” doing all steps included. If you skip some parts that is not filling up the requirements and goal of the reporting part
sorry this is kinda late but yeah i'd add your alias file in the report. Personally I just didnt use aliases during the exam just to be safe
Could you please share your notes? I liked how they were organized. It's okay to remove any OSCP copyright stuff
If this is supposed to be "easy" and a actual OSCP machine would be "hard" then I'm giga F*d, this did not look easy at all and the rabbit holes would ruin me
Go for the low hanging fruit first..