.

Failed my first attempt at the OSCP exam

<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sat Apr 06, 2013 11:12 pm

Re: Failed my first attempt at the OSCP exam

Aren't you done yet? ;)
The day you stop learning is the day you start becoming obsolete.
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Sun Apr 07, 2013 11:50 am

Re: Failed my first attempt at the OSCP exam

Thanks to everyone for the positive thoughts and wishes of luck. I am very disappointed to say that I have failed the exam for my third time. The month leading up to the exam I was working on an external pentest and haven't had as much time to study. I had been on the bench most of the year, so I had a lot of time to study. Things have picked up for me and I have to learn to make the most of the time I do have to study. The last two weeks leading up to the challenge I was debating about rescheduling and decided I would do it anyway. I am not giving up and I will take this exam until I pass. This is the first certification exam I have taken since I got my CISSP in 2002. I actually passed the CISSP the first time around. That was my most coveted certification, but that will soon be replace by the OSCP.

I don't think I am going to renew my lab time. I spent enough money on lab time that past year. April 16 will mark the one year anniversary of me starting this journey/challenge that is PWB. If I would have put as much effort into the course the first nine months and utilized my lab time better, I am sure I would have passed the exam by now. I will take the exam again, but it will be a matter of months instead of weeks this time.

If anyone has any advice, I am all ears. As for now, I am going to finish the SecurityTube python course I purchased around the same time I started PWB and go back through the manual and work on mastering each area.
CISSP, IAM, working on OSCP
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Sun Apr 07, 2013 12:03 pm

Re: Failed my first attempt at the OSCP exam

ajohnson wrote:Aren't you done yet? ;)


LOL!
CISSP, IAM, working on OSCP
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sun Apr 07, 2013 12:59 pm

Re: Failed my first attempt at the OSCP exam

Ah, sorry to hear about that. This exam is about as polar opposite from the CISSP as you can get. Doing well in one will do little to help you with the other.

What general areas do you feel weak in?
The day you stop learning is the day you start becoming obsolete.
<<

azmatt

User avatar

Full Member
Full Member

Posts: 103

Joined: Sun Jul 29, 2012 2:11 pm

Post Sun Apr 07, 2013 1:28 pm

Re: Failed my first attempt at the OSCP exam

:(

Sorry for the bad news but glad you're sticking with it.
GCFA, GCIH, GCIA, GWAPT, CISSP, CEH, GSEC
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Sun Apr 07, 2013 2:09 pm

Re: Failed my first attempt at the OSCP exam

ajohnson wrote:Ah, sorry to hear about that. This exam is about as polar opposite from the CISSP as you can get. Doing well in one will do little to help you with the other.


Thanks, AJ. I agree with your statements about the two exams. I guess my statement about the CISSP is me just trying to save face and deal with failure. I don't like losing or failing.

ajohnson wrote:What general areas do you feel weak in?


I feel my weaknesses are changing shell code in exploits, and Windows privilege escalation in systems that are somewhat secure. That being Windows hosts that don't allow use of AT, etc.
CISSP, IAM, working on OSCP
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Sun Apr 07, 2013 2:13 pm

Re: Failed my first attempt at the OSCP exam

azmatt wrote::(

Sorry for the bad news but glad you're sticking with it.


Thanks, azmatt!
CISSP, IAM, working on OSCP
<<

superkojiman

User avatar

Jr. Member
Jr. Member

Posts: 81

Joined: Thu Sep 20, 2012 9:42 pm

Post Sun Apr 07, 2013 4:25 pm

Re: Failed my first attempt at the OSCP exam

r0ckm4n wrote:I feel my weaknesses are changing shell code in exploits, and Windows privilege escalation in systems that are somewhat secure. That being Windows hosts that don't allow use of AT, etc.


Sorry to hear you didn't pass. Do you feel that you did better this time round than the last time though? You should still submit your lab + exam report as others have reported getting the certificate even though they didn't get all the points in the exam.

With regards to privilege escalation on Windows, perhaps the following links will be helpful if you haven't yet seen them:

http://obscuresecurity.blogspot.ca/2011 ... iques.html
http://travisaltman.com/windows-privile ... rmissions/
http://www.room362.com/blog/2012/8/25/p ... -edit.html

Enumeration is key, sometimes you just need to find a misconfiguration somewhere or an exploitable program that will give you SYSTEM privileges.

As for writing exploits, practice is the only way to really learn it. I recommend reading the Corelan guides. the first few should suffice:

https://www.corelan.be/index.php/2009/0 ... overflows/
https://www.corelan.be/index.php/2009/0 ... overflows/
https://www.corelan.be/index.php/2009/0 ... art-3-seh/
https://www.corelan.be/index.php/2009/0 ... e-part-3b/

It definitely helps if you have your own lab to practice on. VulnHub.com has several vulnerable virtual machines you can practice on, and I recommend trying out sites such as https://hack.me/ and other war game sites such as http://www.overthewire.org/wargames/ and http://smashthestack.org/
OSCP + OSCE
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Sun Apr 07, 2013 4:48 pm

Re: Failed my first attempt at the OSCP exam

Hi r0ckm4n,

I really feel your pain... When it happened to me (failling the exam again and again), I decided to put it on a shelve for a while. I waited a whole 2 years before trying again and finally passing the exam (and with a confortable margin).

Like me before, you obviously know your weaknesses and you should also know by now that your preparation method is somehow lacking something. Let me tell you what I did in the two years I spent away from this OSCP exam:

- I passed the GPEN certification (by self-study) exactly 3 weeks after my last OSCP attempt with a very good mark. This was quite a moral boost for me. Honestly, after scoring twice 60 points in my OSCP attempts, GPEN felt like a walk in the park...

- I then bought the "Cracking the Perimeter" (CTP) course from Offensive-Security and went through the videos several times.

- After that, I spent the worse 17 days of my life studying like hell and passed the CISSP exam (I really hated my experience, but I need that cert to get contracts...). Like everyone is saying, this is probably the opposite of OSCP.

- I took Joe McCray's "Advanced Penetration Testing" course and I loved it. Joe had a different approach than OffSec on pentesting and it really helped me open my eyes.

- I tried my first hacking competition and guess what? I won! Another great moral boost for me!  ;D

- I then took a complete year off studying. After studying a lot for more than 3 years and going through a divorce, I needed a break...

- I self-studied for GWAPT last November (2012) and passed with a very good mark.

- Tried a locale hacking competition and I won again!  ;D

So it's only at this point that I decided to challenge the OSCP exam once again. I bought a 30-day lab period from OffSec and connected to their VPN once again for the first time in 2 years...

This is when I new I was ready. I was able to pwn any targets, given that I had enough time (between 30 minutes for the easy ones to something like 4 hours for the harder ones). I was completely different guy now. My notes were much better and my mindset was also miles ahead.

It's only after my 4th and final attempt that I finally understood what I needed: Another pentest course from someone outside OffSec. I needed  to do things on my own, outside the OffSec lab. I needed to hear the same concepts explained in a different way...

So, I think you should take a break now. Take several months off studying for OSCP. Read/learn/practice/play with what ever interest you (for example, wireless hacking). Like Yoda said: "Free your mind!". I suggest you take 6 months off this exam. Then, think about what your weaknesses are and how you can practice getting better. Just don't take more lab time until you feel you could take the exam tomorrow and pass it. Then, take 30 days of lab time and "confirm" you are ready, as oppose taking lab time to learn new things. You have tried this route and you are at the next level.

Finally, I don't know how much you scored in your last attempt, but if you managed to get 50 points or more, man you're a hacker, not just a script kiddy anymore!! So be proud at yourself, take a break, do something else for a while and come back stronger!  ;)

Hope I could help!  :)
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

azmatt

User avatar

Full Member
Full Member

Posts: 103

Joined: Sun Jul 29, 2012 2:11 pm

Post Sun Apr 07, 2013 5:11 pm

Re: Failed my first attempt at the OSCP exam

To H1t M0nk37 and superkojiman --

Those were two awesome posts. I'm hoping to take a run at the OSCP late this year and posts like these are worth their weight in gold and very much appreciated.
GCFA, GCIH, GCIA, GWAPT, CISSP, CEH, GSEC
<<

YuckTheFankees

User avatar

Sr. Member
Sr. Member

Posts: 332

Joined: Fri Apr 08, 2011 3:07 pm

Post Sun Apr 07, 2013 8:46 pm

Re: Failed my first attempt at the OSCP exam

+1 for H1t M0nk37.


r0ckm4n ,

Sorry to hear about your fail but knowing you got this far should count for something. Keeping pushing yourself and learning, you'll pass soon enough.
OSCP in progress
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Mon Apr 08, 2013 4:04 am

Re: Failed my first attempt at the OSCP exam

Sorry to hear you failed but don't worry about it. I would not look at it as a fail but as by not passing first time you would gained some really good skills that help you pass it next time. Now you know what the exam is you can prepare yourself for it better and I sure you pass next time.
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Mon Apr 08, 2013 11:00 am

Re: Failed my first attempt at the OSCP exam

superkojiman wrote:
r0ckm4n wrote:Sorry to hear you didn't pass. Do you feel that you did better this time round than the last time though? You should still submit your lab + exam report as others have reported getting the certificate even though they didn't get all the points in the exam.


Thanks for your support and advice, superkojiman.

I did do better this time. The first two times I focused too much on the buffer overflow and really didn't spend much time trying to penetrate the other boxes. This time I got console access on a Windows box, but couldn't escalate my privileges. I uploaded a backdoor to a Windows box, but couldn't get any further. I didn't get root on any of the servers. I gained more valuable experience in the lab this time, which will help prepare for my next exam attempt. 
CISSP, IAM, working on OSCP
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Mon Apr 08, 2013 11:13 am

Re: Failed my first attempt at the OSCP exam

H1t M0nk3y wrote:Hi r0ckm4n,

I really feel your pain... When it happened to me (failling the exam again and again), I decided to put it on a shelve for a while. I waited a whole 2 years before trying again and finally passing the exam (and with a confortable margin).


Thanks for your support and advice, H1t M0nk3y. I appreciated all support and advice from everyone, and I needed your point of view since you can relate to my experience. The next time I take the exam, I will be ready. I will take your advice on getting more lab time when I feel like I am ready and if I can hack everything in the lab I will know I am ready.
CISSP, IAM, working on OSCP
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Mon Apr 08, 2013 11:16 am

Re: Failed my first attempt at the OSCP exam

Thanks for your support, YuckTheFankees and Jamie.R. I appreciate it.
CISSP, IAM, working on OSCP
PreviousNext

Return to OSCP - Offensive Security Certified Professional

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software