OSCP preparation-Easy

I would like to share whatever I have learned during the OSCP course so that others also will get the benefit. Because I have gained the knowledge through many interesting blogs and I too would like to pass on the experience to others. The difference in this blog is that I have focused more on service level enumeration and privilege escalation.Cybersecurity folks especially penetration testers would know what is the OSCP challenge. You can check out below link to have an idea about this course.

Penetration Testing Training with Kali Linux

Here, as part of this blog, I would like to share enumeration checklist for multiple TCP/UDP services, how to enumerate a particular service and reference, Linux privilege escalation, windows privilege escalation and finally the list of HTB machines helpful for practicing.

Note: I apologize since I am unable to put the data on table format rather I have pasted as images.

1.Enumeration Checklist for multiple TCP/UDP services:

http/https service enumeration checklist

ssh service enumeration

Ftp service enumeration

SMB Service enumeration

DNS service enumeration

LDAP service enumeration

NFS service enumeration

RPC service enumeration

SMTP service enumeration

POP3 service enumeration

MSSQL and MYSQL enumerations

SNMP service enumeration

Finger service enumeration

Oracle service enumeration

You can refer the above enumeration checklist for TCP/UDP services. I have not included all the services. However, I have covered most predominant services experienced during the OSCP lab.

Now, in this part, I am going to share the names of the services and respective hack the box/vulnhub machine’s name. If you check the corresponding hack the box/vulnhub machine, they would have clearly given how to enumerate the service and gain shell out of it.

For example: open SSH 5.9 p1 debian(service)- troll2 vulnub machine. You need to check the walkthrough for troll2 machine in google so that you can get an idea of that.(HTB-Hack the box)

2.How to enumerate a particular service and reference:

Services and vulnerable machine details

3.Linux privilege escalation:

Hope, I have covered most of the services. Next, we will move on to Linux and windows privilege escalations.

Reference:

Hacking Articles - Raj Chandel's Blog

Linux privilege escalation

4.Windows Privilege escalation:

Windows privilege escalation references

I hope that I have covered most part of enumeration and exploitation part in this article. I request all of you to refer this for OSCP challenge and do let me know if any comments.

List of HTB machines for practice:

List of HTB machines

If you like the content, please follow me on medium and LinkedIn

LinkedIn: https://www.linkedin.com/in/pravin-r-p-oscp-28497712b/