Viewing 6 reply threads
  • Author
    • #7690

      Hey guys.

      I don’t know why I kept my second attempt quiet. I guess it was because I didn’t expect to pass at all. It’s been a year or longer when I did my first attempt. I just got done with college and found a job. So I thought I would just schedule the exam and see how it goes. That it would be a nice to have this cert before I start working in August.

      So last weekend my exam started at precisely 4pm. I already had in my mind that if I fail I would buy some more labtime. If I fail, at least would have fun in the labs again 😛 I knew that I lacked sufficient practice for the kind of scenarios during the exam. I mean, I did practice some on distros like Metasploitable and Metasploitable 2. Though, those are way too easy and have so many ways to aquire administrative access.

      Anyway, I’ll tell you guys how it went. I’m almost a bit embarrassed to say that I didn’t have much of a plan, or well at least not a good plan. Did some enumeration with nmap to find vulnerable services of course, scanned ALL ports etc. Like 4 hours passed before I got the first box with max points. Then 3 hours later I got the second box with max points. Then around 2 or 3 am in the morning I got a shell! Rooting this one would give me enough points to pass the exam.

      Hours passed… Kept looking at the clock.. 4 am… 5 am…. Wahh? The sun is rising Again a few hours passed.. 8 am.. I tried so many things but I didn’t manage to get root. I tried to sleep for a bit.. maybe if I slept like 2 or 3 hours, I would have some better focus. The problem was, I drank so many coffee and Red Bulls that I didn’t manage to get one bit of sleep. I was just in bed staring at the ceiling. Thinking of rooting that box..even browsing the internet using smart phone for new strategies.

      I tried closing my eyes..thinking of something else. Like how tomorrow would be a good day for fishing lol 😛 I couldn’t fall in sleep. So after 2 hours of laying in bed, I decided to just continue on one of the other machines. around 10 or 11 am I managed to figure out the vulnerability. But my method wasn’t allowed. I was happy at this point, because knowing the vulnerability gave me some hope, and could make me pass the exam.. Well if I managed to actually get in. Guess what? It wasn’t going to happen.

      With no sleep at all, I realized that at this point I’m just going at it blindly, exactly the way like I did on the first attempt for the OSCP certification. Hours passed again, and I started getting anxious because my time was running out. I gave all the other machines one more try before the clock reached 4pm again. A full day had passed, I wasn’t even tired any more.

      The funny thing is, somehow I managed to do a lot better than my first attempt. Was it luck? I dunno really. But I’m feeling kinda confident about my next attempt. I really got so close, and that’s why I’m having mixed feelings right now. I didn’t expect much, I didn’t feel ready. But because I got so close, I’m feeling more disappointed than before.

      After doing the exam I kept looking for local exploits for privilege escalation. And I probably found a way that would have worked. Not sure though. Tomorrow I’m going to buy 15 days of extra lab time to practice..and practice. Probably will schedule the exam a few days after that.

      Just sharing my story. Now I’m going to continue reading The Web Application Hacker’s Handbook (2nd edition). I’m sort of wondering what would be a good book while I’m preparing for the OSCP certification retake..

      To be continued

    • #47938

      Just out of curiousity – why did you schedule your exam for so late in the afternoon? Have you considered starting it in the early AM so you’re fresher?

    • #47939

      Good question. I’m not sure now. I though I would get some sleep in between, that it would help me regain my focus if necessary. If I started earlier it would be more difficult to take a nap, as there’s no way I can sleep during the day or evening. So starting later in the afternoon, would give me more time the next day to wrap things up.

      Things turned out differently because of the amount of coffee and energy drinks. I’m surely not going to do that next time. And perhaps, like you said, its better if I schedule it earlier. Not sure yet, I’ll consider it, thanks.

    • #47940

      A fews guys I chatted with said they opted to start their test early, like between 7-9 AM. That way by the halfway mark, you’re still in the mind/body’s “awake” zone. Plus, they all said they were too wired to sleep in the middle. I don’t know if that was from caffeine or the rush of the test.

      That said, of the 3, two passed and one failed so it’s not a guarantee. Anyway, good luck on your retest.

    • #47941

      I agree with the early start. I started at 7AM after a good night sleep.

    • #47942

      @cd1zz wrote:

      I agree with the early start. I started at 7AM after a good night sleep.

      [O/T] What time did you start for the OSCE?  ;D

    • #47943

      1st attempt at OSCE
      7AM start – went strong until like 11-12 PM maybe? Slept. Woke up, continued all day long. Realized I was going to fail about dinner time on the second day.

      2nd attempt at OSCE = same plan as above + better prepared.

Viewing 6 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?