OSCP Update Week 3

So, My 3rd week of OSCP is done (and this update is slightly late!)

I did actually reach my goal of completing all the learning modules and completed my first lab machine.

I’m really proud of achievement so far, its been a great learning experience!

Notes, Notes & Notes!

Well, this week I;ve learning my CTF note taking isn’t good enough for this so I needed to improve!

I decided to use cherry tree template for this which you can find linked below, this made it far much easier to keep organised!

I used this as part of my existing cherrytree document and would urge anyone doing OSCP to check it out.

Box-Skeleton Template

I love this template!

Because it has sections for screenshot and a lot of information already in there, it does keep you organised!

Its also got a lot prompts of things to double check you may forget which is handy!

Enumerate….Everything!

From my reading, and i may have misunderstood to this point, you cant use automated enumeration in the exam.

This makes me sad because Linpeas is one of my favorite scripts!

That being said, i did make my own which wouldn’t be classed as a script

echo "// ID" > privenum.md && id >> privenum.md && echo "// Password Files" >> privenum.md && cat /etc/passwd >> privenum.md && echo "// Host Name" >> privenum.md &&  hostname  >> privenum.md && echo "// Linux Issue" >> privenum.md && cat /etc/issue >> privenum.md && echo "// Linux Release" >> privenum.md  && cat /etc/-release >> privenum.md && echo "// IP INFO" >> privenum.md && ip a >> privenum.md && echo "// IP Routes" >> privenum.md && /sbin/route >> privenum.md && echo "// Active Connections" >> privenum.md  && ss -anp >> privenum.md && echo "// Standard Cron Jobs" >> privenum.md  && ls -lah /etc/cron >> privenum.md && echo "// User Created Cron Tasks" >> privenum.md && cat /etc/crontab >> privenum.md && echo "// Writable Locations" >> privenum.md && find / writable -type d 2>/dev/null >> privenum.md && echo "// Unmounted Drives" >> privenum.md && mount >> privenum.md && echo "// Unmounted Drives 2" >> privenum.md && cat /etc/fstab >> privenum.md && echo "// Installed Apps" >> privenum.md && /bin/lsblk >> privenum.md && echo "// Installed Drivrs" >> privenum.md && lsmod >> privenum.md && echo "// Installed Modules" >> privenum.md && /bin/modinfo >> privenum.md

This will complete the below checks and put them into a .md file with their headings!

It works surprisingly well so you can look for specific headings rather than looking through terminal output.

// Users
id && cat /etc/passwd
// System Info
hostname && cat /etc/issue && cat /etc/*-release
// Network Info
ip a && /sbin/route && ss -anp
// Firewalls
grep -Hs iptables /etc/*
// Scheduled Tasks (Cron)
ls -lah /etc/cron* && cat /etc/crontab
// Installed Apps & Version
dpkg -l
// Readable & Writable Files
find / writable -type d 2>/dev/null
// Unmounted Drives
mount && cat /etc/fstab && /bin/lsblk
// Device Drivers
lsmod && /bin/modinfo

My Plan for next week?

So whats my plan for the next week?

Labs, Labs and more labs!

I’m hoping in the next week I can have 10 lab machines compromised and that will be enough to then complete my lab report.

Once that bits done I’m going to practice in labs until I’m in my last week, then schedule my exam!

I hope you enjoyed this update and next weeks will be on time! Any feedback or suggestions, get in touch!!

Marc