OSCP Fail - Try Harder

So this post is slightly different to most of the posts out there that discuss  the OSCP certification. Instead of writing about how I passed the exam, I'm focusing on why I failed it.  Strange ? yes perhaps, but I feel that there is no shame in admitting that I was unsuccessful on my first attempt.  By writing this post and noting down my failures, I hope it will help others from making the same mistakes as me, whilst also serving as a reminder of what not to do when my next attempt comes around.

So lets go through some of the areas that I felt I failed in, hopefully you wont make the same mistakes.

Practicing the lab exercises

Whilst it seems obvious at the time of starting the course, it is very easy to skip over the exercises in the pdf as its so tempting to jump straight into the labs.  Read the pdf, do the exercises and pay particular attention to certain exercises that are of a more technical nature. Also, try to schedule your exam when you still have lab time remaining. My lab time expired at the end of January, and come March I felt I had forgotten a lot of the techniques I had learned.  Then having to delay the exam due to the early arrival of our 2nd daughter really threw a spanner into the works. I was short of time to practice and had the added pressure of the exam expiring if I didn't schedule it.  Excuses aside, my skills simply weren't as sharp as what I thought they were and this slowed me down.

System Privilege Escalation

My biggest issue was that once I was inside a machine, I choked. I felt overwhelmed, where to start? what to look for?  I simply didn't have a clue.  I used g0tmilks priv esc to try and help me, but I felt like I was looking for a needle in a haystack. After I had finished the exam, I spoke to a friend about this and shortly afterwards he wrote a great article that sums up this issue.  I won't repeat everything that he wrote, instead you can have a read of Pauls blog here.

Stick to a schedule

I started my exam at 10am, however on the previous day I decided to try and draw up a rough schedule which incorporated some of things I knew I would need to do during the day, this included lunch and dinner as well as picking my daughter up from school.  Sitting in front of the computer without a break for a prolonged time will do you no good. So I broke my day up into 2 hour chunks which went something like the following:

10am - 12 Noon - Initial Scans / Machine & Service enumeration
LUNCH
12.45 - 14.45  - Machine 1
SCHOOL RUN
15.15 - 17.15  - Machine 2
DINNER
... you get the idea.

Having a schedule keeps you on track and keeps you focused on the machine at hand, obviously if you complete a box early you now have more time to focus on the next.  Likewise, if your struggling on a machine, moving onto another machine can give you a fresh perspective on things. However saying all of that, my schedule went completely out of the window later in the evening, and I found myself skipping between machines too much as I was getting frustrated  with my priv esc skills.  Skipping back and forth between the machines wasted a lot of precious time.

At the end of the day

I managed one root and one limited priv out of the five machines. I felt I could have done more on another machine, but by 3.30am I was exhausted and decided to turn in for the night.  Whilst disappointed not to have passed 1st time, I'm still pleased with my effort, I had nightmares of not even getting one machine.

One final tip

Don't be afraid to take the exam, even if you fail you will  have a better understanding of how the exam works and the points allocated to each machine.

Now that I have identified my areas of weakness, I need to Try Harder in order to ensure success next time around.