NA

Hello Friend! During the past 3 months I have partaken in the grueling 3 months of OSCP study. I currently have my test in 2 weeks so I will not speak on how I passed but on what knowledge I have seen and or learned in the OSCP and what I think would have helped me prepare better for this lab/exam.

First we will start with hackthebox.eu. This is where you can learn a lot of knowledge and practice in pen testing within a lab environment. There are times in the OSCP labs I was familiar with a exploit or have seen some type of Wordpress shell on a Hackthebox machine which was very similar to a OSCP machine. Gaining practice here is vital before OSCP and forking out the thousands of dollars from your own pocket. That is if your employer is not paying for it, mine didn't.

I shouldn't have to mention it but just in case, everyone on HTB knows to watch IPPSEC videos, if you are in HTB community and don't know of him, something must be wrong with you.

https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA

Besides HTB being the obvious go to for OSCP "prepping", I myself did not do any Vulnhub machines. The only experience I have was in HTB. This being said, I recommend going through the boxes below that people have posted for good practice. The reason here being when you're looking up a exploit on a service or whatnot, there are boxes on the OSCP that use the same principles or exploits as some of these Vulnhub boxes. So when you enumerate a box in the OSCP, and the services look very familiar, you more than likely saw the same setup on a HTB or Vulnhub box.

Vulnhub machines to practice
Kioptrix Level 1
Kioptrix Level 1.1
Kioptrix Level 1.2
Kioptrix2014
pWnOS v2.0
SickOs 1
SickOS 1.2
Stapler
Tr0ll
Tr0ll2
Vulnix
VulnOSv2
FristiLeaks 1.3
LordOfTheRoot 1.0.1
mrRobot
pwnlab_init

The next thing we will touch on is taking better notes. I have read MANY OSCP review before the lab, and a lot of students use cherrytree or keepnote. I myself am not a organized person and wish I stumbled upon a cherry tree enumeration template when I started. I found this template 2 days before my lab ended. I'm sure my notes would have been well more organized per machines If I started using this template from the get go!

You can find with template here

https://411hall.github.io/OSCP-Preparation/

Speaking of another good OSCP resouce by @411Hall, there are multiple scripts for enumerating a OS after post exploitation. JAWS is now one of my go to scripts for enumerating a Windows box. My goal in finding a script was to find the equivalent to LinEnum.sh for Windows and JAWS was made for this exact purpose. You can find the link below for JAWS script.

https://411hall.github.io/OSCP-Preparation/

Some notable priv scripts for the OSCP are below. You can github search to find them.

powerup.ps1
WindowsEnum.ps1
privesc.bat
windows-privesc-check2.exe
Sherlock.ps1
jaws-enum.ps1
windows-exploit-suggester.py
windowsEnum.bat
LinEnum.sh
linuxprivchecker.py

Speaking of enumeration scripts, I have wrote my own I used in the OSCP for machine enumeration.I will upload a copy of my bash script I used to github/lab when I edit it some for errors.

Last but not least, the dreaded Buffer Over Flow! The OSCP guide does a good job of teaching this concept. It is also no surprise that everyone knows the OSCP uses SLMail as the software used to teach the buffer overflow method. I personally didn't know this going into the lab, hence I have listed some software that will assist you in practing BOF for the labs. This was taken from Vortex blog below.

FreeFloatFTP Server 1.0
Minishare 1.4.1
SLMail
Savant 3.1
WarFTPD 1.6.5

https://www.vortex.id.au/2017/05/pwkoscp-stack-buffer-overflow-practice/

Useful BOF links for practice

https://github.com/AndreiAvadanei/Exploits
http://justpentest.blogspot.com/2015/07/minishare1.4.1-bufferoverflow.html
https://www.youtube.com/watch?v=h9FXTdwDmbk
https://github.com/lucyoa/kernel-exploits

https://www.hugohirsh.com/?p=509

More useful links and adding more with time

https://github.com/evait-security/ClickNRoot To sum up this quick prep guide, take good notes with the provided template, practice buffer over flow software, get experience on HTB and all Vulnhub machines. If I did all the steps in this guide before the OSCP, I almost certainly say you can own most of the machines in the OSCP lab with little effort, as the knowledge you gained beforehand will help tremendously.

Good Luck and of source Try Harder!