Well the day had finally arrive, now I don’t like exams don’t get me wrong I’m happy that my brain soaks up information but I prefer to be able to recall it on my timescales and not with the pressure of a deadline. I had heard lots of “horror” stories about the OSCP exam and needless to say I was a little bit nervous about. To be honest I actually expected to fail the first time around (which to be honest I wouldn’t have minded).
Now this course was never about the certificate, for me it’s been about learning and I have learnt a lot over the last 3 months (and it’s just the beginning) but I don’t like to fail… 🙂
My exam was scheduled for a 2pm start (GMT), now there are lots of opinions about when is a good time to start, a 24 hour exam isn’t going to be easy not matter and the earliest I could start was 2pm (the admins need to be around in case you are having VPN issues). To be fair I don’t mind working through the night, I do it currently for work so I stocked up on energy drink, coffee and dried fruit (the sugar is good for energy).
I spent a few hours in the morning prepping my laptop and writing a list of tasks to complete once I started, I created a new notebook within Keepnote (I used that through my lab time) and was all set. The biggest killer for me was the waiting, being up at 5:30am as per normal and trying to kill 8.5 hours wasn’t easy especially when you are a bit nervous about the exam.
The exam email arrived just after 2pm and I connected to the exam network over VPN without issue, now obviously I can’t divulge the content of the exam (so don’t ask). The same rules for the exam apply as the lab, scan, enumerate the buggery out of everything and plan your attack.
Within 5 hours I had successfully exploited 2 machines and half way through another one, excellent I thought but then I hit a “wall”, the next 7 hours were slow, nothing seemed to work and I made no progress, in fact I was angry with myself so at about 2am I went to sleep.
I was up again at 05:30 and was back in the exam full on by 7am, again things started to go wrong, a couple of hours in and I got another machine (I was very pleased with myself for that one), I was so close but still was struggling, I struggled on up until the last hour then suddenly I worked out my mistake and started working like a mad man to get another box, in the end the little bugger gave I got root and 5 minutes later my VPN dropped and the exam was over.
With hindsight the issues I had were of my own making, combining over thinking with not thinking (if that makes sense) and in reality I could have been clear (and happy) before the 2am mark but some days it just doesn’t work out that way. I didn’t get all the exam boxes but I got enough (I hoped).
The next part was the exam report, I followed the same process for this report as the lab report and this one was a lot easier it took me about 6 hours to write the exam report (I admit I got a proper nights sleep and started it the next day so that might have helped).
I submitted all my documentation and then waited, you are told it’s up to 3 business days before you are told, I found out less than 24 hours after submitting my reports, I had passed the “challenge” and have the honour and privilege of now holding the OSCP certification.. was it worth it?? you will have to wait for my next blog post.. 🙂
So you want some OSCP exam tips??? oh ok here you go:
1. Write a list – As stupid as it may seem I wrote a list of tasks I needed to do once I had VPN access, it helped me remember when the panic/excitement set in.
2. Don’t panic – Oh you will panic, but remember you’ve done the course, you’ve been through the labs, you know the stuff it’s in there somewhere.
3. Don’t get tunnel vision – In reality (good or bad) at one point I had 3 or 4 different windows open on different boxes all doing different things, the danger is getting stuck on a box, losing track of time and then realizing you have run out of time. Try and set a time limit for each box, then move onto another repeat the process through the 24 hours.
4. It’s hard for a reason – The exam that is, if it was easy who would want the certification?? and remember Try Harder!! (it really does work).
5. Have FUN!!!! – The most important part to be honest, we started this course because we have a passion for InfoSec, it’s that passion that drives us, if it isn’t fun then you shouldn’t be doing it. Enjoy it… you will miss it when it’s gone..
If you are planning on taking the OSCP exam, good luck… 🙂