OSCP Exam Review

offsec
watch out for that mysterious hacker standing in the doorway!

I took the OSCP (Offensive Security Certified Professional) some time ago, but recently enough. If you’re reading this, you probably know of the exam, but for those that don’t, here is a short explanation.

Basically, it’s a cybersecurity exam where you’re given access to a computer network containing five machines (computers). In the first 24 hours of the exam, your goal is to break into (or root, as we say) as many of these machines as possible. The second 24 hours is reserved for writing a report detailing the results of your penetration test. It’s supposed to mimic, in some fashion, a “real life” penetration test.

The test has a reputation of being really hard. It’s commonplace for people to not sleep much in the 48 hours they’re allotted to hack and write. And, after all, it isn’t an exam where you can just read a book, or memorize multiple choice questions – you actually have to know how to hack. Offensive Security, the company that runs the program, actually watches you the whole time via webcam.

With that said, I feel that the difficulty of the exam is overstated. That isn’t because I’m some sort of IT professional that has been doing this for 10 years professionally. I don’t work in IT, software engineering, or anything even tangentially related to computers. Nor do I have a degree in IT or Computer Science. I think people have issues with the exam for one main reason.

I think many people come into it it way unprepared. And this may seem obvious, since if they were prepared, they would have passed, but please stick with me. They signed up for the OSCP, rooted a dozen boxes in the lab that you’re given access to, did a bit of the exercises in the manual, and called it a day, thinking they knew what they were doing because they’ve been working in IT for a decade. Well, let me tell you, they can always throw some software or web app at you that you’ve never even seen before, which is what happens to me weekly on HTB. However, the methods of attack will all be the same. In fact, I’d say the exam boxes were EASIER than easy boxes on HTB – especially the newer easy boxes.

In my opinion, you need root >90% of the lab machines, and then be active on HTB for a few months to be fully prepared for this exam. You need to make box enumeration and privilege escalation second nature. You need to have notes, too. They can be very helpful. You need to be able to rip out a custom buffer overflow exploit in python in less than an hour. You need to LEARN HOW TO GOOGLE. If you do this you’ll be golden.

I went in expecting Cyber World War 3, and was laughing and confused after about 5 hours when I had enough points to pass.

And then, once you pass, you can start in on something harder – the Advanced Web Attacks and Exploitation course to get the Offensive Security Web Expert certification also created by Offensive Security. That one is a 48 hours online exam followed by 24 hours to write a report, and supposedly much harder.

Good luck!