Failed with 80 points
Elitis
Member Posts: 50 ■■■□□□□□□□
Took the exam a couple days ago and since its been stuck on my mind, I thought it best to get it off my chest somewhere. I got called in to work at the very last hour of my exam, so I may have caught my mistake had I not been called in. What did I do? I submitted the root flag for one of the boxes to the wrong IP. I left the control panel webpage for submitting flags open when I left, so after getting back home, I looked over everything and noticed it then. I haven't gotten my results back yet, of course, so officially I haven't passed or failed yet. But, I'm sure I'll be taking it again here in the next couple weeks. I guess there is a (small) chance, depending on how many points are given for standard user-level access, that I could still, just barely, pass, but I'm not banking on it.
Overall, I'm happy that the exam was (is) within my ability to do. I agree with those who say the entire exam is doable within 12 hours. Had I not overcomplicated one of the privilege escalation paths, I would have likely stopped at 12 hours myself. I think it took me about 10 hours to root 3 boxes, and get a foothold on a fourth. From then, I bounced between escalating privileges on that fourth box and trying to get a foothold on the fifth. I am dreading having to do it again though. Breaking into 5 boxes with a time limit of 24 hours and severe restrictions on what tools can be used is mentally exhausting.
Overall, I'm happy that the exam was (is) within my ability to do. I agree with those who say the entire exam is doable within 12 hours. Had I not overcomplicated one of the privilege escalation paths, I would have likely stopped at 12 hours myself. I think it took me about 10 hours to root 3 boxes, and get a foothold on a fourth. From then, I bounced between escalating privileges on that fourth box and trying to get a foothold on the fifth. I am dreading having to do it again though. Breaking into 5 boxes with a time limit of 24 hours and severe restrictions on what tools can be used is mentally exhausting.
Comments
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
I agree with the experience statement. I think I only did as well as I did during the exam because I've been exposing myself to a ton of labs, videos, guides, etc for the past year. I would rather see more boxes in a non-test environment though.
2023 Cert Goals: SC-100, eCPTX
I'll probably take a few days off to recharge and then jump into working on my AD skills. I still have a couple weeks or so of lab time in the PWK labs so I'll use those to practice what I learned during the course and from there its on to the eCPTX. Maybe some wifi hacking here and there since I never did that module in the PTP course.
2023 Cert Goals: SC-100, eCPTX
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?