.

Failed my first attempt at the OSCP exam

<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Sun Feb 17, 2013 7:27 pm

Failed my first attempt at the OSCP exam

I completed and failed my first attempt at the OSCP exam. I started PWB in April of last year. I started out with 90 days of lab time and have extended my lab time 7 times. My goal is to retest at the end of my lab time, which is the March 1.

I at least have a better idea on my weaknesses and how to prepare better. One thing I had a problem with was creating a good password dictionary for Hydra brute force password attacks. Anyone with any tips in that area, it would be much appreciated. I have been putting in a lot of hours studying the past 6 weeks. I average between 35 to 45 hours a week. I need to focus more on quality study time.
CISSP, IAM, working on OSCP
<<

superkojiman

User avatar

Jr. Member
Jr. Member

Posts: 81

Joined: Thu Sep 20, 2012 9:42 pm

Post Mon Feb 18, 2013 12:51 am

Re: Failed my first attempt at the OSCP exam

When I was doing the lab, I had pretty good luck with the RockYou wordlist found here: http://www.skullsecurity.org/wiki/index.php/Passwords

However, it is a huge list and it's unlikely you'll be able to use it all in the limited time you have for the exam. Better to start off with a smaller list - like the one you created as you were going through the machines in the lab.
OSCP + OSCE
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Mon Feb 18, 2013 6:12 am

Re: Failed my first attempt at the OSCP exam

A lot of OSCPs and especially OSCEs fall the first time. Recognize your weakness as you did, and make sure you won't fail the second time  :)
I'm an InterN0T'er
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Mon Feb 18, 2013 11:36 am

Re: Failed my first attempt at the OSCP exam

superkojiman wrote:When I was doing the lab, I had pretty good luck with the RockYou wordlist found here: http://www.skullsecurity.org/wiki/index.php/Passwords

However, it is a huge list and it's unlikely you'll be able to use it all in the limited time you have for the exam. Better to start off with a smaller list - like the one you created as you were going through the machines in the lab.


Thanks for your repsonse, superkojiman. I will give that a try in the lab and work on a smaller list.
CISSP, IAM, working on OSCP
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Mon Feb 18, 2013 11:36 am

Re: Failed my first attempt at the OSCP exam

MaXe wrote:A lot of OSCPs and especially OSCEs fall the first time. Recognize your weakness as you did, and make sure you won't fail the second time  :)


Thanks for the words of encouragement, MaXe.
CISSP, IAM, working on OSCP
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Feb 18, 2013 1:19 pm

Re: Failed my first attempt at the OSCP exam

Skull Security has a great collection. There is also http://www.isdpodcast.com/resources/62k ... passwords/ (which I believe includes some/all of the Skull Security lists). https://dazzlepod.com/uniqpass/ is also a nice collection if you don't mind parting with a few dollars.

They're not going to make you grind passwords for hours, so if you're not having any luck, maybe try being smarter about it -- i.e. reviewing HTML source for comments (random example unrelated to OffSec training/testing), or look for another attack vector. I found the darkc0de.lst file that's included with BT to be sufficient for most services with weak passwords in the lab.
The day you stop learning is the day you start becoming obsolete.
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Mon Feb 18, 2013 2:21 pm

Re: Failed my first attempt at the OSCP exam

Like MaXe said, many people don't pass the first time. I passed on my third real attempt...
Like many, you have probably found that the exam simply continue your learning process. It will only feel better when you'll succeed on your next attempt!  ;)

They're not going to make you grind passwords for hours, so if you're not having any luck, maybe try being smarter about it

ajohnson is right about this. They don't expect you to crack password for hours and hours because you'll run out of time!

Good luck, don't despair and keep posting your questions!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Mon Feb 18, 2013 4:18 pm

Re: Failed my first attempt at the OSCP exam

Thanks for the advice and encouragement, ajohnson and H1t M0nk3y.
CISSP, IAM, working on OSCP
<<

azmatt

User avatar

Full Member
Full Member

Posts: 103

Joined: Sun Jul 29, 2012 2:11 pm

Post Mon Feb 18, 2013 7:41 pm

Re: Failed my first attempt at the OSCP exam

I'll be taking on the PWB later this year or early next year and I fully intent to pay for extensions and fail a test or two  ::)

It's tough to see in times like this but if you take a step back and look to your skill level when you first started the PWB I'd imagine that you're night and day better now.

If you stick with it, you will get it. Good luck!!!
GCFA, GCIH, GCIA, GWAPT, CISSP, CEH, GSEC
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Mon Feb 18, 2013 11:01 pm

Re: Failed my first attempt at the OSCP exam

Thanks for the encouragement, azmatt!

The course has well been worth it and I have learned a lot. I highly recommend the course and good luck to you when you start.
CISSP, IAM, working on OSCP
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Sun Feb 24, 2013 10:14 am

Re: Failed my first attempt at the OSCP exam

I'm registered to retake the test next Sunday.
CISSP, IAM, working on OSCP
<<

DragonGorge

User avatar

Jr. Member
Jr. Member

Posts: 86

Joined: Wed Feb 08, 2012 6:30 pm

Post Sun Feb 24, 2013 10:55 am

Re: Failed my first attempt at the OSCP exam

Good luck!

I 3rd (or 4th) what ajohnson said...a password attack shouldn't be your primary vector. Personally speaking, in the lab and on the exam, I didn't put much effort into password cracking/guessing other than the obvious ones (username, defaults, etc). I felt that there were more direct/less random ways to get into the machines.
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Sun Feb 24, 2013 5:11 pm

Re: Failed my first attempt at the OSCP exam

DragonGorge wrote:Good luck!

I 3rd (or 4th) what ajohnson said...a password attack shouldn't be your primary vector. Personally speaking, in the lab and on the exam, I didn't put much effort into password cracking/guessing other than the obvious ones (username, defaults, etc). I felt that there were more direct/less random ways to get into the machines.


Thanks, DragonGorge!
CISSP, IAM, working on OSCP
<<

rockman

Full Member
Full Member

Posts: 104

Joined: Sun Apr 06, 2008 12:38 pm

Post Tue Mar 05, 2013 11:04 am

Re: Failed my first attempt at the OSCP exam

I failed my 2nd attempt.
CISSP, IAM, working on OSCP
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1661

Joined: Mon Jan 29, 2007 2:59 pm

Post Tue Mar 05, 2013 11:41 am

Re: Failed my first attempt at the OSCP exam

Sorry to hear it, r0ckm4n.  I know it gets old when folks tell me this, but I'll pass it along anyway...

Don't get discouraged.  As I'm sure you did last time, take it, learn from it, and keep growing.  If it does NOTHING else, it'll teach you that, no matter how much you know, there's always things to be learned. 

It's both a blessing and a curse, in the IT security realm.  For those who LOVE change, there's ALWAYS change / updates / new ideas, methods and technologies.  For those who don't...  well...  ;) 

Either way, I'm confident you'll continue to grow, and you will succeed, when you're ready.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
Next

Return to OSCP - Offensive Security Certified Professional

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software