OSCP

The goal of those notes are not to share the content of the certification or the exam, here will be just general note of knowledge to have about pentest and it happenned to me that i formalize all of that for my OSCP.

Access

sudo openvpn universal.ovpn

Keep the prompt open

Enumeration example

element1
element2

Nested details (test)

This is inside the first level.

Inner details

inner item 1
inner item 2

Enumeration workflow (richer example)

Quick map (TCP) and service fingerprinting:

sudo nmap -sC -sV -oA scans/tcp 10.10.10.10

SMB (445)

Basic checks:

smbclient -L //10.10.10.10 -N
rpcclient -U '' 10.10.10.10 -N

If credentials found

netexec smb 10.10.10.10 -u user -p 'Passw0rd!' --shares

Web (80/443)

Look for hidden content: ffuf -w /usr/share/wordlists/dirb/common.txt -u http://10.10.10.10/FUZZ
Check tech stack: whatweb http://10.10.10.10

If upload feature exists

Test content-type restrictions
Try extension bypasses (.php, .phtml, .php5)