OSCP: Anything else i should know?

[5t19]

Hey, I'm signed up for the 30 day OSCP course to start in about a month and have a few questions, I understand everyone is supposed to keep quiet about the exam so if this is breaking the rules please let me know.

So in the exam I've heard you have 5 machines on the network you have to get root on, are they all in the same IP range for example 192.168.0.1 -> 192.168.0.255 or is it more complicated than that? I'm guessing at the start they won't tell you what the IP addresses are as well? Also are there more machines on the network you aren't supposed to target to make things trickier?

I managed to get all the way through the Kioptrix 1.1 machine (walkthrough in the link is the way I did it) past the command injection part without a problem but then the rest I managed to do with a bit of difficulty. For the sake of my sanity I was wondering how difficult are the machines in the lab compared to this, disregarding the four or so scary ones I've heard about?

The one issue I'm having with the Kioptrix labs and metasploitable, which is making me feel a hell of a lot like a script kiddie is always searching searchsploit and google to find vulnerabilities and not being able to write them myself, I hear people saying a lot about in the OSCP you need to modify scripts but so far all I have had to do is download/find scripts, compile them or make them executable. Are there any other ways I'm supposed to modify scripts for the labs/exam and will I need to write my own scripts for exploitation or just for enumeration?

In a review of the course I read online someone mentioned the first two stages of a pentest should almost always be enumeration/ports etc, then finding services running etc, so far I assume these two are the same thing and I'm worried i'm missing something out, surely something like nmap -A or -sV would enumerate and find services right?

As I'm taking the 30 day i'm quite paranoid to get all of the basics covered as I possibly can before the time starts, I'm comfortable with the following:

nmap, command line, bash, python, perl, c, assembly, metasploit, decent understanding of a lot of the network protocols, wireshark, nc, dns zone transfers, SQL injections, basic javascript in XSS

Is there anything else I should look into before to give myself the best chance to do it in 30 days?

Thanks for spending the time to read, I hope this doesn't come under yet another OSCP thread 

 

[digip]

Not that you're cheating, but just keep in mind this FAQ before talking about the course(s) with others: https://www.offensive-security.com/faq/#pwk-policy

1st rule of fight club, don't talk about fight club. The topology of the network, machines, vulns, etc, you should get a packet and info on what you should not be talking about. No spoilers please. What I can say, the test is 24 hours, and you will know when you get there, how many machines, and what the task is. The labs, are not the test, so if you think you've breezed through the labs in 30 days, then schedule your test and give it a go. Most people extend their labs because there is a lot there to learn more than just getting a shell on a machine. You will have specific tasks, and while some might be easy for you, don't count your chickens till their hatched. Vulnhub and CTF's like Kioptrix are good practice, but most of the CTF's, have specific clues that lead you in a direction and path to a goal of the flags. More or less, a lot of CTF's hold your hand through them if you pay attention to the clues.

The PDF should be something you read through before jumping in too. Read that like it's the bible and you're studying your daily verses. It will spark a lot of help for you when going over the video material and before jumping into the live network labs.

If you have more questions or stuff you want to touch on, do it on the Offsec student forums or in IRC to chat with student admins, but tools you wrote or methods used to get root, etc, strictly keep to yourself, during and after the course. You'll know more once you're setup and running on the VPN network, and will see why too. Also, good luck with the course! I'm sure you'll have fun(and frustration) while in the labs.