dicas de preparação - seja livre
TRANSCRIPT
![Page 1: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/1.jpg)
Dicas de preparação
![Page 2: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/2.jpg)
Agenda
- Introdução
- getent passwd | cut -d: -f1 > about_us.txt
- O que é a OSCP?
- PwK & OSCP
- Exam
- Proctoring
- Report
- Greetings
- Dicas gerais
- Onde posso treinar para prova?
- Prep trainings to OSCP
- Conclusão
![Page 3: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/3.jpg)
$ getent passwd | cut -d: -f1
- Vinícius Vieira
- Matheus Tucunduva
- Renato Hormazabal
![Page 4: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/4.jpg)
Vinícius Vieira
- Security Researcher & Pentester
- Professor & Academic Coordinator at FIAP
- DEF CON 5551 Staff Member (@dc5551)
- Top 10 HTB BR (@v1n1v131r4)
- Guerra Cibernética (EB)
- Pós Ethical Hacking
- Msc. Tecnologias Emergentes
- OSCP - CEH - LPIC - Security+ - CCNA - FIH - AIH
- Pentest Magazine Writer (Poland)
- CVE published (MITRE)
![Page 5: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/5.jpg)
Renato Hormazabal
- Security Researcher & Pentester
- Information Security Specialist - Agibank
- Top 25 HackTheBox Hall of Fame
- Top 1 HackTheBox BR aka hex0x42424242
- Community Volunteer DEF CON Red Team Village
- Founder DEF CON Group Porto Alegre aka DC5551
- Bug Hunter for Hobbie
- OSCP, CEH, CCISO, LPIC, ICS (Scada Security)
- 13+ years in Cyber Security
![Page 6: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/6.jpg)
Matheus Tucunduva
- Red Team Analyst at Stone Pagamentos
- Exploit Developer Enthusiast
- Graduated at Cyber Security, FIAP
- Certified OSCP, DCPT, OSCE (In Progress)
- Researching a few kernel topics for exploitation
- Author of last update of msf-egghunter (Available on my
github)
![Page 7: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/7.jpg)
![Page 8: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/8.jpg)
![Page 9: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/9.jpg)
Como obter?
- www.offensive-security.com/pwk-oscp/
- PwK LABs (30,60,90 days) + Exam
- $999 - $1199 - $1349
- LAB Extension
- Exam Retake
![Page 10: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/10.jpg)
![Page 11: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/11.jpg)
PwK 2020
- +800 pág. PDF
- +20 vídeos
- +60 exercícios
- +50 machines
- Machines renewed
![Page 12: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/12.jpg)
![Page 13: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/13.jpg)
Exam Schedule
- Take your time
- Reschedule if necessary
- 3 dias antes do exame não pode alterar mais
- Virtual Machine ?!
- OffSec VM vs. Other VM
- Infra
- Preparação do ambiente
![Page 14: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/14.jpg)
Proctoring
- 30 min antes pode entrar
- Abra na máquina física !
- Identificação
- Ambiente
- Screen Recorder
- Breaks
- Don’t be Panic o_O
![Page 15: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/15.jpg)
OSCP Exam
1 - 25 pts - Buffer Overflow
1 - 25 pts - user 10 root 15
2 - 20 pts - user 10 root 10
1 - 10 pts - root only
Lab extra points = 5 pts (10 box + all correct
exercises)
![Page 16: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/16.jpg)
OSCP Report
- Print de cada passo
- Use o template correto:
(www.offensive-security.com/pwk-online/PWK-Example-Repor
t-v1.pdf)
- Descrever para o avaliador “copiar e colar” para
reproduzir seus passo !!!
![Page 17: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/17.jpg)
OSCP ReportModelo fornecido pela Offensive Security - não é de uma prova
![Page 18: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/18.jpg)
E a resposta?!
Me OffSec evaluator
![Page 19: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/19.jpg)
...e então chega o grande dia!
![Page 20: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/20.jpg)
🤩
![Page 21: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/21.jpg)
Dicas Importantes
- Preparação - a base é tudo!
- PwK LAB - Try harder and try smarter ;)
- Se prepare para a prova “Mens sana in corpore sano”
- Tome notas de tudo (CherryTree, Baskets, One Note…)
- Cuidado com o Report, ele reprova !
- Detalhes do envio para OffSec
- Política de privacidade - don’t share anything
![Page 22: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/22.jpg)
Onde me preparo para o PwK/OSCP?
![Page 23: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/23.jpg)
Onde me preparo para o PwK/OSCP?
- HackTheBox
- VulnHub
- TryHackme
- Telegram Groups (t.me/offensivesecuritypro)
- https://bit.ly/3dx3CDv (HTB & VulHub OSCP-Like machines)
- https://bit.ly/3ePwubw (VMs OSCP-Like FIAP Cyber Cup)
![Page 24: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/24.jpg)
Material de preparação
- http://v1n1v131r4.com
- https://mx61tt.com/
- https://github.com/swisskyrepo/PayloadsAllTheThings
- http://pentestmonkey.net/cheat-sheet/shells/reverse-shel
l-cheat-sheet
- https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-e
scalation/
- https://www.fuzzysecurity.com/tutorials/16.html
- https://exploit-db.com & https://github.com
![Page 25: Dicas de preparação - Seja Livre](https://reader030.vdocuments.site/reader030/viewer/2022012618/619f63ac1a0340623c5667c4/html5/thumbnails/25.jpg)