.

OSCP Fail

<<

zeroflaw

User avatar

Full Member
Full Member

Posts: 208

Joined: Fri Feb 12, 2010 10:41 am

Location: Holland, Den Helder

Post Mon Jul 02, 2012 8:55 am

OSCP Fail

Hey guys.

I don't know why I kept my second attempt quiet. I guess it was because I didn't expect to pass at all. It's been a year or longer when I did my first attempt. I just got done with college and found a job. So I thought I would just schedule the exam and see how it goes. That it would be a nice to have this cert before I start working in August.

So last weekend my exam started at precisely 4pm. I already had in my mind that if I fail I would buy some more labtime. If I fail, at least would have fun in the labs again :P I knew that I lacked sufficient practice for the kind of scenarios during the exam. I mean, I did practice some on distros like Metasploitable and Metasploitable 2. Though, those are way too easy and have so many ways to aquire administrative access.

Anyway, I'll tell you guys how it went. I'm almost a bit embarrassed to say that I didn't have much of a plan, or well at least not a good plan. Did some enumeration with nmap to find vulnerable services of course, scanned ALL ports etc. Like 4 hours passed before I got the first box with max points. Then 3 hours later I got the second box with max points. Then around 2 or 3 am in the morning I got a shell! Rooting this one would give me enough points to pass the exam.

Hours passed... Kept looking at the clock.. 4 am... 5 am.... Wahh? The sun is rising Again a few hours passed.. 8 am.. I tried so many things but I didn't manage to get root. I tried to sleep for a bit.. maybe if I slept like 2 or 3 hours, I would have some better focus. The problem was, I drank so many coffee and Red Bulls that I didn't manage to get one bit of sleep. I was just in bed staring at the ceiling. Thinking of rooting that box..even browsing the internet using smart phone for new strategies.

I tried closing my eyes..thinking of something else. Like how tomorrow would be a good day for fishing lol :P I couldn't fall in sleep. So after 2 hours of laying in bed, I decided to just continue on one of the other machines. around 10 or 11 am I managed to figure out the vulnerability. But my method wasn't allowed. I was happy at this point, because knowing the vulnerability gave me some hope, and could make me pass the exam.. Well if I managed to actually get in. Guess what? It wasn't going to happen.

With no sleep at all, I realized that at this point I'm just going at it blindly, exactly the way like I did on the first attempt for the OSCP certification. Hours passed again, and I started getting anxious because my time was running out. I gave all the other machines one more try before the clock reached 4pm again. A full day had passed, I wasn't even tired any more.

The funny thing is, somehow I managed to do a lot better than my first attempt. Was it luck? I dunno really. But I'm feeling kinda confident about my next attempt. I really got so close, and that's why I'm having mixed feelings right now. I didn't expect much, I didn't feel ready. But because I got so close, I'm feeling more disappointed than before.

After doing the exam I kept looking for local exploits for privilege escalation. And I probably found a way that would have worked. Not sure though. Tomorrow I'm going to buy 15 days of extra lab time to practice..and practice. Probably will schedule the exam a few days after that.

Just sharing my story. Now I'm going to continue reading The Web Application Hacker's Handbook (2nd edition). I'm sort of wondering what would be a good book while I'm preparing for the OSCP certification retake..

To be continued
ZF
<<

DragonGorge

User avatar

Jr. Member
Jr. Member

Posts: 86

Joined: Wed Feb 08, 2012 6:30 pm

Post Mon Jul 02, 2012 9:21 am

Re: OSCP Fail

Just out of curiousity - why did you schedule your exam for so late in the afternoon? Have you considered starting it in the early AM so you're fresher?
<<

zeroflaw

User avatar

Full Member
Full Member

Posts: 208

Joined: Fri Feb 12, 2010 10:41 am

Location: Holland, Den Helder

Post Mon Jul 02, 2012 9:28 am

Re: OSCP Fail

Good question. I'm not sure now. I though I would get some sleep in between, that it would help me regain my focus if necessary. If I started earlier it would be more difficult to take a nap, as there's no way I can sleep during the day or evening. So starting later in the afternoon, would give me more time the next day to wrap things up.

Things turned out differently because of the amount of coffee and energy drinks. I'm surely not going to do that next time. And perhaps, like you said, its better if I schedule it earlier. Not sure yet, I'll consider it, thanks.
ZF
<<

DragonGorge

User avatar

Jr. Member
Jr. Member

Posts: 86

Joined: Wed Feb 08, 2012 6:30 pm

Post Mon Jul 02, 2012 10:48 am

Re: OSCP Fail

A fews guys I chatted with said they opted to start their test early, like between 7-9 AM. That way by the halfway mark, you're still in the mind/body's "awake" zone. Plus, they all said they were too wired to sleep in the middle. I don't know if that was from caffeine or the rush of the test.

That said, of the 3, two passed and one failed so it's not a guarantee. Anyway, good luck on your retest.
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Mon Jul 02, 2012 2:35 pm

Re: OSCP Fail

I agree with the early start. I started at 7AM after a good night sleep.
<<

Dark_Knight

User avatar

Sr. Member
Sr. Member

Posts: 294

Joined: Mon Aug 11, 2008 7:03 pm

Post Mon Jul 02, 2012 2:49 pm

Re: OSCP Fail

cd1zz wrote:I agree with the early start. I started at 7AM after a good night sleep.


[O/T] What time did you start for the OSCE?  ;D
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Mon Jul 02, 2012 3:19 pm

Re: OSCP Fail

1st attempt at OSCE
7AM start - went strong until like 11-12 PM maybe? Slept. Woke up, continued all day long. Realized I was going to fail about dinner time on the second day.

2nd attempt at OSCE = same plan as above + better prepared.

Return to OSCP - Offensive Security Certified Professional

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software