Posted in Thoughts

OSCP // PWK – So far


30 days to go out of the 90 days of PWK lab time I purchased with Offensive Security.

Mixed emotions really, because due to (helping) to plan my wedding, having a really busy time in my work and other life things I’ve felt that I’ve hardly had great use out of my 60 days so far.

In the time I’ve been in the labs, I feel a sense of accelerated learning has been required. Your brain resists the input until one day it cracks and allows it all in. Normally after you smash your first box without using Metasploit. I had some serious issues with self doubt though.

I’ll never be able to do this. It looks really hard

I was utterly lost in the first 20 days. I’m big enough to admit my own failings and in hindsight I should have worked harder to get into the labs earlier, however, hindsight is what it is and I can’t really be too angry about it.

Personal battles

The task of hacking machines in a lab of varying difficulty might seem easy to some people, and hard to others. You won’t know how hard it is until you try. Here’s the kicker though, your success is based around a high level of confidence in your ability to enumerate a target. If you are lacking skills in this department, you will spend a long time starting at an nmap output not knowing where to go next. Hence why I wasted 20 days in the beginning.

PWK teaches you more about yourself than any other life experience.In the face of growing opposition what are you going to do? turn and run, or keep pushing through the barrier?

Try Harder

The OffSec moto that can either spur you on to greatness, or have you crumbling into a pile of your own disappointment (depending on how you feel that day). You will experience both emotions at some point, trust me.

There is, however, an air of disappointment to have gained shell or rooted a box based off a tip from someone. It’s almost tainted glory. Something you can’t really celebrate. True glory and elation comes from totally owning a box from nothing to root all by yourself. It’s one of the best feelings in PWK. For me the reward is equal to the effort put in. Only problem is, that, you can’t tell anyone how you did it, only that you did. The only proof that you have the determination, skill and mental ability is when you have that OSCP certification. Until then, it’s just hearsay.

What is the best way to approach PWK?

I’d say that the most important part of any engagement is to get your enumeration skills down to a fine art. Exhaust  every possibility, however, don’t waste time on tools not fit for the task at hand. I’ve seen people asking why enum4linux doesn’t work when it’s clear ports 139 & 445 are closed. Learn what the switches in the tools do. They can save time. Time is your enemy in PWK. You might think that 90 days is a long time, but it’s not. A lot of people advise new people about what to expect from PWK and it’s all pretty generic but I’d work on enumeration because the information you gather determines your next move.

  • Learn about Windows and Linux, and mostly where things live.
  • Learn how to get the most out of nmap and NSE scripts
  • When you think you’ve enumerated a box, you’ll have missed something.

More time

I’ll be adding more time to my labs for sure, as it’s taken me a while to get a fire going, but now the flame has started it’s easy enough to keep it alight.

My learning process can be annoying. I can’t just run an exploit, get root and be happy. I have to know why so I read the blurbs of exploits, and any associated information. Who knows, it may stick, and you never know when you’ll need to use it again.

A great course

I must admit. PWK is one of the best and worst courses I’ve ever done. It’s great because it’s freeroam to do as you wish to computers. You can learn a lot from failure, and you do fail a lot. That’s ok. This brings me to why it’s the worst. You’re on your own. There’s no two ways about it. There is some help, but it goes back to that tainted glory thing. They never talk about the human qualities needed for PWK

  • Natural curiosity
  • Stubbornness
  • Being able to think outside the box
  • Being inventive
  • Pre-visualisation
  • Willpower

All of which shine through in the labs as your mental dexterity is tested to the max.

I don’t have anything else to add without giving too much away, however, I would just say that enjoy your time in the labs. Don’t chase the exam or the cert. Do it in your own time. You’ll learn more that way.

Also Documentation is a must. Whatever method you chose it up to you, however, just make sure you document everything you’ve tried because you may have to leave boxes if you’re spending too much time on them. Mental exhaustion can kick in fast, so it’s best to move off to another box, and come back. Sometimes this is days or weeks, so your notes need to be on point.

Have Fun



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s