Home

Awesome

This is a clone of frizb/OSCP-Survival-Guide

This can also be viewed on x89k.tk

OSCP-Survival-Guide

NOTE: This document refers to the target ip as the export variable $ip.

To set this value on the command line use the following syntax:

export ip=192.168.1.100

Table of Contents

Kali Linux

Information Gathering & Vulnerability Scanning

Subnet Reference Table

<table> <thead> <tr> <th>/</th> <th>Addresses</th> <th>Hosts</th> <th>Netmask</th> <th>Amount of a Class C</th> </tr> </thead> <tbody> <tr> <td>/30</td> <td>4</td> <td>2</td> <td>255.255.255.252</td> <td>1/64</td> </tr> <tr> <td>/29</td> <td>8</td> <td>6</td> <td>255.255.255.248</td> <td>1/32</td> </tr> <tr> <td>/28</td> <td>16</td> <td>14</td> <td>255.255.255.240</td> <td>1/16</td> </tr> <tr> <td>/27</td> <td>32</td> <td>30</td> <td>255.255.255.224</td> <td>1/8</td> </tr> <tr> <td>/26</td> <td>64</td> <td>62</td> <td>255.255.255.192</td> <td>1/4</td> </tr> <tr> <td>/25</td> <td>128</td> <td>126</td> <td>255.255.255.128</td> <td>1/2</td> </tr> <tr> <td>/24</td> <td>256</td> <td>254</td> <td>255.255.255.0</td> <td>1</td> </tr> <tr> <td>/23</td> <td>512</td> <td>510</td> <td>255.255.254.0</td> <td>2</td> </tr> <tr> <td>/22</td> <td>1024</td> <td>1022</td> <td>255.255.252.0</td> <td>4</td> </tr> <tr> <td>/21</td> <td>2048</td> <td>2046</td> <td>255.255.248.0</td> <td>8</td> </tr> <tr> <td>/20</td> <td>4096</td> <td>4094</td> <td>255.255.240.0</td> <td>16</td> </tr> <tr> <td>/19</td> <td>8192</td> <td>8190</td> <td>255.255.224.0</td> <td>32</td> </tr> <tr> <td>/18</td> <td>16384</td> <td>16382</td> <td>255.255.192.0</td> <td>64</td> </tr> <tr> <td>/17</td> <td>32768</td> <td>32766</td> <td>255.255.128.0</td> <td>128</td> </tr> <tr> <td>/16</td> <td>65536</td> <td>65534</td> <td>255.255.0.0</td> <td>256</td> </tr> </tbody> </table>

apt-get install steghide

steghide extract -sf picture.jpg

steghide info picture.jpg

apt-get install stegosuite

Buffer Overflows and Exploits

Shells

File Transfers

Privilege Escalation

Password reuse is your friend. The OSCP labs are true to life, in the way that the users will reuse passwords across different services and even different boxes. Maintain a list of cracked passwords and test them on new machines you encounter.

Handy Kernel Exploits

Client, Web and Password Attacks

Networking, Pivoting and Tunneling

The Metasploit Framework

Bypassing Antivirus Software