It’s been more than a year since I made a post on my blog. This was due to the fact that a lot have happened within the past year. I hope I’ll get back to posting tools and tutorials soon.

So let’start: My OSCP Certification Review

The Lab:

I’ve paid for the exam in December 2013 and chose the 60 days lab option. When I received the email with instruction on how to start the VPN I was overexcited. The blog posts that I read about this certification were awesome. So… I started.
The first scan revealed the largest penetration lab that I had access to. The multitude of operating systems and configurations will not let anyone down. After entering the exam control panel (web-based) you will notice that additional areas can be accessed only by performing certain “tasks” let’s say.
The first attempts at hacking the machines made me very confident as they were falling one by one. As I advanced into the lab things started to take a turn for the worse and I decided to finally watch the video tutorials and read the pdf.

I recommend to each one of you considering taking the exam to read and watch the resources provided by Offensive Security no matter how confident or highly skilled you are. The fact that I did not do so made me loose a few bucks as I failed at my first exam attempts (yes, with an s). The second issue was that my personal life took some unexpected turns that made me use only 20-25 days from the 60 that I paid for. Don’t be stupid. I mean proud.

Here are a few tips when you are in the lab:

  • Keep notes of everything, what technique worked and why, exploits used, loot collected,Make sure all your tools work, make time to be sure that everything is running smoothly on your station. On my first exam attempt I discovered that java was missing from my system and w3af didn’t work.
  • Don’t keep all your eggs in one basket. Use Dropbox or whatever you like to make backups. I was system support engineer for some time and I would have never guess that I, the guy that created backup jobs and laugh at normal users when they permanently delete their files, would use rm –rf on my notes. The good thing was that I used different tools that kept records of what I did.
  • Plan ahead the time of the exam/certification. If you are expecting a baby and a job switch DO NOT book the lab or exam.
  • Explain to your friends and family that you will be kind of busy in the next period. If you don’t have friends or a family tell your neighbor. Just tell someone.
  • Do things the manual way, automate as much as you can but DO NOT use Metasploit on a regular basis.
  • Learn before you take the exam from online resources. Privilege escalation on both Linux and Windows, exploit writing, scanning techniques. Thinking back, now I wish that I re-read some of my own posts 🙂

The Exam:

1st attempt
I was very confident, extremely confident, before taking my first shot at the exam. However, the first 12 hours flew very quickly and I’ve obtained only 50 points. I was stunned and could not cope with the fact that I would fail. After another 10 hours, from which only 3-4 sleeping, I had 65 points. A score that I did not expect whatsoever. The 24 hours passed and the VPN connection dropped. Disappointed of my results I started writing the exam and lab report. I made a horrible report, probably because I knew that I will fail. The following days the result that I expected came by email: FAIL.

2nd attempt
Limited shell on almost all of the boxes. Frustration and no sleep. FAIL again

3rd and final attempt
I decided to start reading as much as I can about things that made me fail at my previous attempts. Blog posts, web-sites, tutorials, re-read the Offensive security materials, watched the whole videos again. Then I started creating virtual machines and improving my skills. Finally I understood what Abraham Lincoln meant when he said: Give me six hours to chop down a tree and I will spend the first four sharpening the axe.

I cannot disclose any technical details of the exam but what I can tell is that the guys that created the exam lab have a lot of imagination and you can knock on multiple doors in order to enter (no, I’m not referring to port-knocking).

The lab and exam report were more detailed containing full information regarding the machines and step-by-step instructions on how I managed to get access. The result came the next day. SUCCESS.

What went wrong on my first attempts?
– No brakes during the exam.
– Not enough rest prior to taking the exam. Avoid alcohol
– Being proud
– Not verifying that all tools work as expected
– Not informing my wife/friends/family/neighbor that in that particular weekend I need peace and quiet. At my second attempt it was like something out of a bad comedy. At one point in time all my family and probably half of my relatives were in my living room. Even my godfather came to visit that weekend although I see him twice a year.

I do not work as a penetration tester, it’s a hobby and passion that I have for many years. The OSCP is something I would recommend to any IT security professional. It was the most challenging hacking exam I’ve had so far. The skills that you will get will not turn you instantly into the foremost hacking ninja ever but you will get the best course on the market and the best starting point regarding penetration testing.

Or you can just spend thousands of dollars on PDFs and video tutorials that will get you nowhere when entering real IT infrastructures.

If you have the time and money go for the OSCP. No other course on the market has the added value as this one. The support and training materials are awesome and you will not be disappointed.