Hi,

I am "done" with the PWB v3 course. I have watched all the videos and done the vast majority of the exercises. I understand everything I have studied.

I have played in the lab and hacked several machines (about 30% of them). Should I penetrate all machines in the lab before taking the OSCP challenge? I am running out of time and I don't want to pay to extend my lab time...

With 8 days left in the lab and a busy schedule, I was thinking of finalizing the exercises and challenge the certification right after. Does it sound right?

I know it all depends on what experience I have, but did you feel the exercises prepared you well for the certification?

Thanks

I took 60 days, but I couldn't work everyday...

People paying for more lab after the exam, very interesting, jajajajajaaj

Good luck xXxKrisxXx and keep us posted!!!

I am still thinking... How many machines have you hacked in the lab so far? I will spend the next week getting access to as many servers as I can. I also need to finish some exercises, although I have already completed the hardest ones.

I had only bad luck with the course so far. I registered for PWB v2, 60 days of lab only to learn 8 days after that version 3 was going to be released. I then paid to upgrade to v3. A few days after starting it, I got divorced... So I didn't study for something like 45 days! I bought an extra 30 days and I am at the end of it.  

All that to say I have paid the course more than twice now and I feel like taking a break!!!  

Anyway, good luck xXxKrisxXx and keep us posted!!

I just bought another 30 days. I really want to hack all machines and finish all "Doing the Extra Mile" exercises.

xXxKrisxXx, how did it go?

great news guys! i guess an early congratulations is in place?

You know... Prior to me taking the exam, I thought I'd be a smart alec. After viewing the content for a week I decided to write an automated perl script to literally do the exam for me. The script consisted of using various tools against the output of nmap and other tools. Pretty much a bloated "if, while, for, and" script.

I had it all planned out. The program would start with the typical nmap scan, parse out the data of opened ports, I'd use another port to fingerprint the machine as precise as I could, then the program would re-parse out a "high percentage" rate of potential exploits against the target. I had it mapped out to a science. If THIS_OS && THIS_PORT && THIS_VERSION >= Milw0rmPoCs_or_Better ; then TEST_THIS_AND_RETURN_OUTPUT Was such a butchered work of art in itself it was priceless. I tested it against a devel network I set up at home mirroring the versions of servers etc on my lab...

Test day... For one, I was like 3 hours behind the time since I mangled EST/PST timing... I figured, no sweat... Pfftt... My pwnge is going to be automated baby! No metasploit no problem... Long story short, about an hour after my perl voodoo was chugging along, I started experiencing unforseen BOFH like errors. It was then I  realized that Mutts and the staff threw in a lot of curveballs. I ended up scrapping my program and doing the remainder of the test manually.

When I did the CPT exam... You don't even wanna know the asm slash c headaches I encountered. On the flip side, I never had a machine gone in 60 seconds much faster than on the CPT exam. On the second machine though... Man you talk about going back to the books on shellcoding, assembly, debugging (gdb though so I got lucky). Nevertheless its Jack Koziol and company (Shellcoders Handbook) whose responsible for the CPT.

Good luck on the exams all who take it. OSCP was one of my favorites. CPT was a PITA... CEPT ... failed by one... I should have studied Arrogance got the best of me... Of the two, (CPT, OSCP) I like the volume of machines to compromise on the OSCP. For the learning curve on advanced exploitation though... CPT.

I do not know, but someday I will be in your possition guys. Keep going. I already set my plan, for me OSCP is after I pass 4 more exams ( I am trying to get a little more knowledge and complete my MCSA)