My OSCP Journey

At first, I didn’t know about OSCP or even Offensive Security I always liked computers so I started learning “hacking” for fun and cause its cool right?

I spent the first year on learning the basics of how everything works in Linux and Windows then one of my friend told me that I can test my skills by Taking PWK Course at that time I was 15 and half years old I thought why not and since I was under 18 I had to get permission from Offsec Team so I mailed them but sadly they replied I need to be minimum 16 years old and Since then I start preparing for OSCP.

Preparation

Back then I started with the small list of OSCP like VM’s by abatchy

OSCP-like Vulnhub VMsabatchy17

and I also made small write-ups of vulnhub machine which can be found at my github

Vulnhub-Writeups

Then I moved to Hackthebox I earned a “pro hacker” rank on HTB from script-kiddie which took a lot lot of time, and was a very hard journey for me

After that, I also took 1 month VIP membership to solve retired machines from TJ_Null’s HTB OSCP like VM’s List which can be found here

Lastly, I move to this Vulnhub OSCP like VM’s list

It took a good amount of time to do all these things then I finally registered the PWK course with the permission of the Offsec Team because I am still 16 years old.

Check the resources section of this blog post for more learning resources.

Lab Journey

I registered on 13-Aug-2020 and my 1-month lab started on 23-Aug-2020 in meantime I did some more vulnhub boxes.

Then Finally my lab starts,

At that time I downloaded the study material and took some time to go through the pdf and videos after that I started doing the lab

In the first 14 days I rooted 37 boxes including (Sufferance, Humble, Ghost, and Pain) and I was feeling confident about it so I planned to schedule my exam I was very nervous I though, is it too fast? should I solve more lab machines? what if I am scheduling my exam in a hurry?

All these questions in mind that’s why I took 2 days off just to think what to do then

Finally, I scheduled my OSCP Exam on 11 Sept at 9:30 AM.

Now in meantime, I switched to vulnhub and exploited some new boxes

Exam Day

I planned my sleep 2 days before my exam so I could wake up on the correct time,

on the exam day, I woke up at 7:00 AM and took a shower after that had breakfast and set up my room for the examination then at 9:15 AM I connected my machine to offsec ScreenConnect and Webcam and completed all the steps I lost my first 40 minutes in connecting to Exam VPN so I had to restart everything to connect it again, once I was connected I started from the 25 Points buffer overflow machine which took one and half hour for me to get admin access.

It was 11:30 AM and I started My second Machine which is 10 point machine which took almost 15 minutes to complete and there was no privilege escalation in that

At 11:45 AM I started the 20 point machine After Wasting 2 hours I took a little break and then I moved to Another 20 Points machine which I almost rooted in 2 hours with 20 min Lunch Break (easy user and privesc)

So far I got 3 machines and 55 Points and I only need the last 20 point machine to pass the exam

Finally, At 4:00 PM I again started the last 20 Point Machine and got user shell in one and half hour and privilege escalation part was easy, took me 30 mins to get root

So I got 4 Machines and 75 points in 8–9 hours

I took a 2-hour break after that although, i had a lot of time left, so I started enumerating the last 25 point machine at 8:00 PM, “I found, what i had to do to get the shell”, “but only one thing left in my bucket to do that, i had to do it manually, i tried to do that for 4 hours then i took a 30 minutes dinner break after that break at around 12:30 AM, again i tried that thing for another 2 hours but still I was unsuccessful in that, so at 2:30 AM, I decided to make a report, I have a habit whenever I do any machine I always make write-up in cherrytree so that’s why I didn’t have any problem in making report i made a rough report nearly till 6:00 AM and then with the permission of proctor i closed my exam VPN and slept, next day i woke up at 11:00 AM and completed my report and submitted to offsec, day after that day I got a mail from offsec that I passed my OSCP exam.