Failed my first attempt at the OSCP exam

[impelse]

Sorry about that, probably you will need to staudy everything and try different ways to attack the machines in the lab

[r0ckm4n]

Sorry to hear it, r0ckm4n.  I know it gets old when folks tell me this, but I'll pass it along anyway...

Don't get discouraged.  As I'm sure you did last time, take it, learn from it, and keep growing.  If it does NOTHING else, it'll teach you that, no matter how much you know, there's always things to be learned. 

It's both a blessing and a curse, in the IT security realm.  For those who LOVE change, there's ALWAYS change / updates / new ideas, methods and technologies.  For those who don't...  well...    

Either way, I'm confident you'll continue to grow, and you will succeed, when you're ready.

Thanks for the encouragement, hayabusa.

If it were easy it wouldn't be that big of a deal. It just makes me want it that much more and I will appreciate it even more when I do pass the exam.

[r0ckm4n]

Sorry about that, probably you will need to staudy everything and try different ways to attack the machines in the lab

Thanks for your support and advice, impelse.

[hayabusa]

If it were easy it wouldn't be that big of a deal. It just makes me want it that much more and I will appreciate it even more when I do pass the exam.

That's the spirit!  Stick with it, and you'll get it.  Great attitude!

[azmatt]

Very well said by each of you.

Keep up the great attitude and effort. It's a matter of when not if.

[r0ckm4n]

If it were easy it wouldn't be that big of a deal. It just makes me want it that much more and I will appreciate it even more when I do pass the exam.

That's the spirit!  Stick with it, and you'll get it.  Great attitude!

Thanks!

[r0ckm4n]

Keep up the great attitude and effort. It's a matter of when not if.

Thanks!

[r0ckm4n]

I have been on the bench since the end of December and I have a pentest next week and it will last three weeks. My over abundance of study time will be reduced, but I look forward to using what I have learned in the upcoming pentest. PWB has been very educational and I have improved a lot since I started my job as a pentester last April.

[superkojiman]

I have been on the bench since the end of December and I have a pentest next week and it will last three weeks. My over abundance of study time will be reduced, but I look forward to using what I have learned in the upcoming pentest. PWB has been very educational and I have improved a lot since I started my job as a pentester last April.

Hey as long as you keep learning, it's not a total loss I assume you'll be tackling the exam again?

[r0ckm4n]

Hey as long as you keep learning, it's not a total loss I assume you'll be tackling the exam again?

Yes, I will be taking the exam again. I won't give up until I have that certification. I extended my lab time by two weeks, which also gives me another exam attempt. I only studied an additional two weeks after failing the first time before I retested. I figure I will take it again in a month if I feel like I am ready.

[H1t M0nk3y]

r0ckm4n, you sound like me when I failed my second attempt!

I then waited a full month and tried again (3rd time), only to stop after 8 hours, totally discouraged...

So I decided to put OSCP on a shelve for a while. I did GPEN, CISSP and GWAPT and above all, studied quite a lot. I always had this exam in the back of my mind, always thinking about it.

2 full years after that, I felt ready and passed it with confidence. I really was a different person and it really, really felt good when I finally passed the 70 points mark!!!

So if you are failing now, it's because you had the guts to take on a great challenge. I am sure you have learn quite a lot just going through these attempts. This certification is much harder than most other ones and like you mentioned, that's why it is so good.

Don't dispair! Take a break and come back when you feel you're ready.

If I did it, you can do it too! 

[m0wgli]

It's great that you still have the determination to continue.  You already pretty much said it yourself, "Nothing Worth Having Comes Easy".

I started the PWB course recently, so can appreciate the difficulty. I would be interested to know, where you felt you went wrong on this attempt.

Did you do all the extra mile excercises? And, how many of the machines in the lab did you manage to compromise before attempting the exam?

[r0ckm4n]

r0ckm4n, you sound like me when I failed my second attempt!

I then waited a full month and tried again (3rd time), only to stop after 8 hours, totally discouraged...

So I decided to put OSCP on a shelve for a while. I did GPEN, CISSP and GWAPT and above all, studied quite a lot. I always had this exam in the back of my mind, always thinking about it.

2 full years after that, I felt ready and passed it with confidence. I really was a different person and it really, really felt good when I finally passed the 70 points mark!!!

So if you are failing now, it's because you had the guts to take on a great challenge. I am sure you have learn quite a lot just going through these attempts. This certification is much harder than most other ones and like you mentioned, that's why it is so good.

Don't dispair! Take a break and come back when you feel you're ready.

If I did it, you can do it too! 

Thanks for the support, H1t M0nk3y! You're a good inspiration for those of us that have failed the exam.

[r0ckm4n]

It's great that you still have the determination to continue.  You already pretty much said it yourself, "Nothing Worth Having Comes Easy".

I started the PWB course recently, so can appreciate the difficulty. I would be interested to know, where you felt you went wrong on this attempt.

Did you do all the extra mile excercises? And, how many of the machines in the lab did you manage to compromise before attempting the exam?

Thanks for the encouragement!

I didn't do all the extra mile exercises, although I spent most of my time on the areas I was having problems with. For me that was buffer overflows. I didn't spend my time wisely from the start. I started PWB last April. I wasn't studying enough for a long period of time and didn't study at all when I was doing pentests. If I would have done a better job studying from the start, I would be better off. January and February have been great months for me study wise.

I didn't compromise all of the lab machines and only did about half. I would recommend hacking them all. I think that is the best gauge of whether you are ready for the challenge. Yesterday to I 15 of the 16 servers I had previously hacked in the lab for practice. I was hoping this would help me remember some things and think about how I compromised them. At first I spent a lot of time using Metasploit and that would bad from a PWB point of view, but good for my job as a pentester. I am better with Metasploit, which is a tool I use on pentests.

As far as this attempt goes and to state the obvious, I wasn't ready. I knew that I would start getting pentests, so my work load would pick up and I wouldn't have as much time to study. I wanted to pass the exam before work started picking up. I start a pentest next week and I will make sure to study in my free time. I need to get better with buffer overflows and modifying exploits. Due to lack of experience, coding is a weakness for me and this is an area I am emphasizing.

I would recommend doing all of the extra miles and hacking every machine in the lab. Like others have said, when you can hack everything in the lab you are ready for the challenge. Go over the study material more than once and focus on your weaknesses.

One of my problems is being impatient and wanting to get things done quickly, but I need to focus more on learning. I am trying to improve my study quality and not focus as much on study quantity.

 

[H1t M0nk3y]

I would recommend doing all of the extra miles and hacking every machine in the lab.

This is obviously a good advice, but hacking all the machines in the lab could be quite time consuming. For me, in my early attempts, I had hack something like 12-18 servers. I still managed to get 60 points in the exam, but still, this didn't make me pass. The thing I later realize is that these servers were not picked up randomly. I was taking the approach "today, I will go after an FTP server" or "today, I am going after a web application". So I wasn't approaching a given host and try to break it, I was looking more at services...

In addition, all the exercises in the videos can be reproduce in the lab. So it's like if we are starting at 10 servers...

But on my last attempt, I felt I was ready because I targeted xxx.yyy.xxx.201, then xxx.yyy.xxx.202, then xxx.yyy.xxx.203, etc... I think I did 9 of the first 10 machines I targeted. At this point, I knew that I would eventually hack any machine I set my mind on. I then started picking up servers with very different configurations: Linux with a web server, FreeBSD with a mail server and things like that. After pwning all the machines I was targeting, I knew I was ready.

So yes, if you can, go after all machines in the lab. But if you don't have the time, you can be wise about it...