OSCP Cheatsheet

1.Enumeration Checklist for multiple TCP/UDP services:

http/https service enumeration checklist

ssh service enumeration

Ftp service enumeration

SMB Service enumeration

DNS service enumeration

LDAP service enumeration

NFS service enumeration

RPC service enumeration

SMTP service enumeration

POP3 service enumeration

MSSQL and MYSQL enumerations

SNMP service enumeration

Finger service enumeration

Oracle service enumeration

You can refer the above enumeration checklist for TCP/UDP services. I have not included all the services. However, I have covered most predominant services experienced during the OSCP lab.

Now, in this part, I am going to share the names of the services and respective hack the box/vulnhub machine’s name. If you check the corresponding hack the box/vulnhub machine, they would have clearly given how to enumerate the service and gain shell out of it.

For example: open SSH 5.9 p1 debian(service)- troll2 vulnub machine. You need to check the walkthrough for troll2 machine in google so that you can get an idea of that.(HTB-Hack the box)

2.How to enumerate a particular service and reference:

Services and vulnerable machine details

3.Linux privilege escalation:

Hope, I have covered most of the services. Next, we will move on to Linux and windows privilege escalations.

Reference:

Linux privilege escalation

4.Windows Privilege escalation:

Windows privilege escalation references

I hope that I have covered most part of enumeration and exploitation part in this article. I request all of you to refer this for OSCP challenge and do let me know if any comments.

List of HTB machines for practice:

List of HTB machines