I’m back from my family and I’ve changed my approach up a bit. I’ve taken a break from the OSCP labs and moved back to hack the box, which so far I’m having much better results with.
There’s a bit that’s lost by going back to Hack the Box, but more that I gain, hence the change. Primarily what I lose is having to deal with connections between the boxes, but what I gain is a lot more information and help when I need it. The OSCP network has lots of rules about confidentiality and NDA-type stuff for people taking the test, so the only place to get help is on their forums which I haven’t found to be the most helpful.
The Hack the Box system is much more open. I paid for the VIP tag, which means I can spin up the old machines and go through them in ascending difficulty. That’s something else I couldn’t do on the OSCP machines- on HTB, I’m less likely to spend hours and hours beating a dead horse, and overall I can move through things with less frustration.
The OSCP allows usage of the Metasploit framework on only one of the five machines, so I haven’t been practicing with it. I’m using it on every machine so far in HTB. While I understand why the OSCP doesn’t want people relying on the automated tools, it’s still an industry standard- so I’ve been practicing up on it and learning a lot. It’s given me more confidence in being able to walk up to an arbitrary machine and get something working on it, which is ultimately moreso the goal of this process than being able to attack specifically the OSCP network.