I don't know why I kept my second attempt quiet. I guess it was because I didn't expect to pass at all. It's been a year or longer when I did my first attempt. I just got done with college and found a job. So I thought I would just schedule the exam and see how it goes. That it would be a nice to have this cert before I start working in August.
So last weekend my exam started at precisely 4pm. I already had in my mind that if I fail I would buy some more labtime. If I fail, at least would have fun in the labs again I knew that I lacked sufficient practice for the kind of scenarios during the exam. I mean, I did practice some on distros like Metasploitable and Metasploitable 2. Though, those are way too easy and have so many ways to aquire administrative access.
Anyway, I'll tell you guys how it went. I'm almost a bit embarrassed to say that I didn't have much of a plan, or well at least not a good plan. Did some enumeration with nmap to find vulnerable services of course, scanned ALL ports etc. Like 4 hours passed before I got the first box with max points. Then 3 hours later I got the second box with max points. Then around 2 or 3 am in the morning I got a shell! Rooting this one would give me enough points to pass the exam.
Hours passed... Kept looking at the clock.. 4 am... 5 am.... Wahh? The sun is rising Again a few hours passed.. 8 am.. I tried so many things but I didn't manage to get root. I tried to sleep for a bit.. maybe if I slept like 2 or 3 hours, I would have some better focus. The problem was, I drank so many coffee and Red Bulls that I didn't manage to get one bit of sleep. I was just in bed staring at the ceiling. Thinking of rooting that box..even browsing the internet using smart phone for new strategies.
I tried closing my eyes..thinking of something else. Like how tomorrow would be a good day for fishing lol I couldn't fall in sleep. So after 2 hours of laying in bed, I decided to just continue on one of the other machines. around 10 or 11 am I managed to figure out the vulnerability. But my method wasn't allowed. I was happy at this point, because knowing the vulnerability gave me some hope, and could make me pass the exam.. Well if I managed to actually get in. Guess what? It wasn't going to happen.
With no sleep at all, I realized that at this point I'm just going at it blindly, exactly the way like I did on the first attempt for the OSCP certification. Hours passed again, and I started getting anxious because my time was running out. I gave all the other machines one more try before the clock reached 4pm again. A full day had passed, I wasn't even tired any more.
The funny thing is, somehow I managed to do a lot better than my first attempt. Was it luck? I dunno really. But I'm feeling kinda confident about my next attempt. I really got so close, and that's why I'm having mixed feelings right now. I didn't expect much, I didn't feel ready. But because I got so close, I'm feeling more disappointed than before.
After doing the exam I kept looking for local exploits for privilege escalation. And I probably found a way that would have worked. Not sure though. Tomorrow I'm going to buy 15 days of extra lab time to practice..and practice. Probably will schedule the exam a few days after that.
Just sharing my story. Now I'm going to continue reading The Web Application Hacker's Handbook (2nd edition). I'm sort of wondering what would be a good book while I'm preparing for the OSCP certification retake..
To be continued