July 2, 2012 at 1:55 pm #7690zeroflawParticipant
I don’t know why I kept my second attempt quiet. I guess it was because I didn’t expect to pass at all. It’s been a year or longer when I did my first attempt. I just got done with college and found a job. So I thought I would just schedule the exam and see how it goes. That it would be a nice to have this cert before I start working in August.
So last weekend my exam started at precisely 4pm. I already had in my mind that if I fail I would buy some more labtime. If I fail, at least would have fun in the labs again 😛 I knew that I lacked sufficient practice for the kind of scenarios during the exam. I mean, I did practice some on distros like Metasploitable and Metasploitable 2. Though, those are way too easy and have so many ways to aquire administrative access.
Anyway, I’ll tell you guys how it went. I’m almost a bit embarrassed to say that I didn’t have much of a plan, or well at least not a good plan. Did some enumeration with nmap to find vulnerable services of course, scanned ALL ports etc. Like 4 hours passed before I got the first box with max points. Then 3 hours later I got the second box with max points. Then around 2 or 3 am in the morning I got a shell! Rooting this one would give me enough points to pass the exam.
Hours passed… Kept looking at the clock.. 4 am… 5 am…. Wahh? The sun is rising Again a few hours passed.. 8 am.. I tried so many things but I didn’t manage to get root. I tried to sleep for a bit.. maybe if I slept like 2 or 3 hours, I would have some better focus. The problem was, I drank so many coffee and Red Bulls that I didn’t manage to get one bit of sleep. I was just in bed staring at the ceiling. Thinking of rooting that box..even browsing the internet using smart phone for new strategies.
I tried closing my eyes..thinking of something else. Like how tomorrow would be a good day for fishing lol 😛 I couldn’t fall in sleep. So after 2 hours of laying in bed, I decided to just continue on one of the other machines. around 10 or 11 am I managed to figure out the vulnerability. But my method wasn’t allowed. I was happy at this point, because knowing the vulnerability gave me some hope, and could make me pass the exam.. Well if I managed to actually get in. Guess what? It wasn’t going to happen.
With no sleep at all, I realized that at this point I’m just going at it blindly, exactly the way like I did on the first attempt for the OSCP certification. Hours passed again, and I started getting anxious because my time was running out. I gave all the other machines one more try before the clock reached 4pm again. A full day had passed, I wasn’t even tired any more.
The funny thing is, somehow I managed to do a lot better than my first attempt. Was it luck? I dunno really. But I’m feeling kinda confident about my next attempt. I really got so close, and that’s why I’m having mixed feelings right now. I didn’t expect much, I didn’t feel ready. But because I got so close, I’m feeling more disappointed than before.
After doing the exam I kept looking for local exploits for privilege escalation. And I probably found a way that would have worked. Not sure though. Tomorrow I’m going to buy 15 days of extra lab time to practice..and practice. Probably will schedule the exam a few days after that.
Just sharing my story. Now I’m going to continue reading The Web Application Hacker’s Handbook (2nd edition). I’m sort of wondering what would be a good book while I’m preparing for the OSCP certification retake..
To be continued
July 2, 2012 at 2:21 pm #47938DragonGorgeParticipant
Just out of curiousity – why did you schedule your exam for so late in the afternoon? Have you considered starting it in the early AM so you’re fresher?
July 2, 2012 at 2:28 pm #47939zeroflawParticipant
Good question. I’m not sure now. I though I would get some sleep in between, that it would help me regain my focus if necessary. If I started earlier it would be more difficult to take a nap, as there’s no way I can sleep during the day or evening. So starting later in the afternoon, would give me more time the next day to wrap things up.
Things turned out differently because of the amount of coffee and energy drinks. I’m surely not going to do that next time. And perhaps, like you said, its better if I schedule it earlier. Not sure yet, I’ll consider it, thanks.
July 2, 2012 at 3:48 pm #47940DragonGorgeParticipant
A fews guys I chatted with said they opted to start their test early, like between 7-9 AM. That way by the halfway mark, you’re still in the mind/body’s “awake” zone. Plus, they all said they were too wired to sleep in the middle. I don’t know if that was from caffeine or the rush of the test.
That said, of the 3, two passed and one failed so it’s not a guarantee. Anyway, good luck on your retest.
July 2, 2012 at 7:35 pm #47941cd1zzParticipant
I agree with the early start. I started at 7AM after a good night sleep.
July 2, 2012 at 7:49 pm #47942
July 2, 2012 at 8:19 pm #47943cd1zzParticipant
1st attempt at OSCE
7AM start – went strong until like 11-12 PM maybe? Slept. Woke up, continued all day long. Realized I was going to fail about dinner time on the second day.
2nd attempt at OSCE = same plan as above + better prepared.
- You must be logged in to reply to this topic.