2022 OSCP EXAM CHANGES - Goodbye Buffer Overflow, Hello Active Directory

What do YOU think about the OSCP exam changes? Drop your thoughts in the comments!
NOTE: I described the Active Directory path as being "absolutely necessary to pass", since the 60 points from the regular machine pool doesn't make the passing grade of 70 points. HOWEVER, if you did fully compromise all the machines in the 60 point pool AND did fully complete the Lab Exercises to submit (and hope) for the extra 10 Bonus Points, you could still gain the 60+10=70 points passing score.

_JohnHammond

On a first glance changes make sense to me. I like the 10 bonus points for the Lab Report (as it is a lot of work). Also like the focus on AD.

andreas.tokarczyk

I guess you could say AD is basically the new buffer overflow as far as its guaranteed on the exam but I like this re-structuring a lot because it kind of adds more strategy in how to obtain points to pass. For example: Get good at AD - AD(40) + 3 low priv (30) = 70, so maybe if you're not really good at privilege escalation its not game over or if you're Ok'ish at both AD(40) + root on one box (20) + 1 low priv (10) = 70 again

lxsniper

Really should have given >= 90 days notification to be fair to those with lab time already underway. Usually cert exam deprecation windows are way longer than 42 days.

Robertlavigne

I think they should have gone with a multi-stage point change (25 points for AD now, 30 points 1-2 months later and 40 points 1-2 months after that) so the people who are right up against the time limit aren't screwed over by it and those who are a bit farther off have time to get back in to the material.

stAshaMan

Hey john, can you make AD pentest lab series for oscp preperation?

guga

Why do I get the feeling they are feeling threatened by Heath's certification...

Frznpirit

Nice. I started preparing with CRTP course to know more about AD. now knowing this changes, I hope CRTP course will be really handy when I take oscp, especially for AD attacks

xshv

Thanks for clearly explaining it. I am currently engaged in passive prep of OSCP. Will be taking it in 4th quarter of 2022. Active Directory 40 points are scary now lol. Buffer Overflows were fixed but now they are not so a bit stressful situation.

mayank-irtm

First time noticed your watch. Such a Legend <3!

hawk__

I think the changes made to the OSCP exam are perfectly reasonable. It sounds like Offensive Security needed to introduce the changes in a slower and more fluid manner, however.

paprika

I just finished the test an hour ago and failed it. I liked the format and more real-to-life aspect of it, but after completing 100% of the labs, coursework, and write-up, I was sorely disappointed in how the course did not prepare me for the exam. I spent too much time on PowerShell and Mimikatz, which really didn't help in the scenario I had. I have a bit of broadening self-study to do before scheduling my retake. I appreciate your perspective on the test and what you give to the community, John. Thanks.

keithholland

I think we can all agree adding AD to the exam is a great idea and much needed. But to give everyone about a month notice (when you cant even schedule an exam before the cut off date) is ridiculous. It completely changes your study plan and would be very frustrating. I don't understand why this cant be a 6 month update and just let everyone know its coming down the pipeline instead of just dropping the bomb on us.

Jake-kmwp

I like that they changed the Buffer Overflow focus to AD, especially since the BOF was generic and not the more advanced overflows, and because AD is prevalent in most Pentests nowadays. BUT!!!!, I do feel they should give current students an extension on their lab time, that way they can shift their focus to AD and have the labs to do it. Some ppl are approaching the end of their lab time, and may not have put that extra effort into the right area with these changes.i still have 2 months luckily, but others may not. I'm using an alt account, but this is Michael Dunn, just to be totally transparent. Thank you John, for this breakdown.

JohnDoe-ecco

I passed the OSCP in December 2020. I also really don't like the 40 or bust point structure and also don't like that the BO is a maybe. The BO was the only part of the exam that was a guarantee and made sure you really learned it well. The buffer was great for time management too: you could start all your nmaps and gobusters and while those ran, pound out the buffer overflow. I had the new training materials and the AD in the new PWK but didn't spend much time on them (why would I back then?) and the material in the pdf isn't that extensive for AD. It will be interesting to see how hard these 40 points end up being for people to crack.

johnwenning

When I started OSCP I wasn"t aware of exam structure and I thought it was going to be like this PWK 2.0 I did all the exercises and took 2 months of work full time! Really a lot

joaquinglez

You have to be really good with AD (it might require you to do Windows Privesec before you can pivot to DC) - its ALL OR NOTHING - 40points. If one misses the AD by just the final step that one can't pass even if they have rooted the remaining exam completely (provided they don't have LAB 10 pts).

- Exam is windows centric
- its all about AD now. If you can take 40pts (AD) + 10pt (LAB - which includes AD portion too) + 20pt (from remaining exam-part) - you pass. (you may not even have to do Linux Privesc)

TanzilRehman

Great! as someone in IT for 15 years and I did a lot of sys admin and now trying to become a Cyber Sec professional. This is good news :)

Lenardius

Too short notice. This should be changes for new students not existing, or at least give.. 3-6 months for changes to take effect. AD is important but, I'm not giving them more money to get back into their lab environment for a retake and try and finish the lab report. I'm surprised they didn't throw in certificate expirations just to fuck everyone w/o a cert.

John can you do a video about recommended AD training OUTSIDE of offsec lab environment?

bigkaspi

Offsec definitely needs to include material related to Impacket usage for lateral movement and privilege escalation now that they have included Active Directory machines on the OSCP.

jeffstanley