One week till exam.

tl;dr – Just a short one this week. Prep is going as normal. Just repetition, repetition. No blog post next week till after the exam. See you all on the other side!

One week to go… one week till the exam. I have everything pretty ready I am running through machines in the lab and multiple buffer overflows every day. My cheat sheets are as up to date as they can be. My bookmarks are all organized with the millions of other cheat sheets and checklists I have found over the years. I can clear a box and a buffer overflow in around 2 hours. But that is with boxes I have done before. Without notes or hints, some I remember more than others. For most it has been nearly as good as doing new boxes, as its amazing how much you forget.

Also on a note from last weeks blog. Autorecon… what a tool! perfect. Gets the job done with all of the intel I need. I have done some minor tweaking to how it names files and set up a folder structure for it. So port 80 or web style scans now go to web folder etc. Helps me navigate about a bit easier. But that’s just my personal preference. Could not recommend it enough. If you are in the lab at the moment go get it and get used to using it and managing its output as it really saves some time! Came out on top of all the other auto recon tools I used.

https://github.com/Tib3rius/AutoRecon

This week, I also managed to tick off a few more HTB machines. Bastion, heist and haystack done.

Don’t really know what else to do at this point. The exam is just one of those things. I have no idea if I am ready or not until I park my ass in front of that screen next Monday.

Plans for this week however are to carry on as normal. Smash through a buffer overflow or 2 a day along with a few boxes. Keep reading and making notes of anything useful I come across. Keep watching ippsec and making notes. Other than that at this stage I don’t know what I won’t know for next week… so I will just have to suck it up and give it a bash.

My plans for next weekend are to do nothing. I plan to spend sometime outside away from the computer and just relax. Spend some time with people and just generally avoid any thought of the exam. I figure I will be stuck in front of my PC for pretty much two days so It’ll be good to hit that feeling fresh. Plus its not an exam you can exactly cram for last minute. At this stage I either know it or don’t or I will be learning very quickly on Monday.

Image result for oscp meme

There will be no blog post next Sunday. I will update probably Tuesday with a general overall feel for how the exam went once the report has been submitted etc. Worst case scenario I fail. But I fail with a good understanding of what I need to work on and what the exam wants from me. At the moment I would love to have a clue on either of those things.

Best case scenario I scrape through!

That is one of the best things about this I think and why I definitely recommend booking the exam with lab time to spare, no matter the result its a win. I hope I will know more once I have done the exam and after either result. I will know what kind of systems I will be up against. How I will cope with the time and all the other answers to questions I just don’t know at the moment. Plus I expect I will learn a bunch as always when attacking any machine.

Pre Flight Checks:

  • VM image sorted – All tools uploaded and configured.
  • Cheat list and bookmarks sorted.
  • Methodology checklist written and printed (plastered all over my office wall)
  • Buffer overflow practices completed in under an hour.
  • Folders organized and prepared for the exam
  • Screen recorder tested and working (4GB per 2 hours ish)
  • Webcam Tested and working
  • All files, notes and tools backed up.
  • Large Bottle of wine on standby.

So, have a good week and stop by next week to see how I got on, and I expect to find out how much extra work I need to do!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s