Failed with 80 points

ElitisElitis S+ Pentest+ CCENT CCNA eJPT eCPPT OSCPMember Posts: 35 ■■■□□□□□□□
Took the exam a couple days ago and since its been stuck on my mind, I thought it best to get it off my chest somewhere. I got called in to work at the very last hour of my exam, so I may have caught my mistake had I not been called in. What did I do? I submitted the root flag for one of the boxes to the wrong IP. I left the control panel webpage for submitting flags open when I left, so after getting back home, I looked over everything and noticed it then. I haven't gotten my results back yet, of course, so officially I haven't passed or failed yet. But, I'm sure I'll be taking it again here in the next couple weeks. I guess there is a (small) chance, depending on how many points are given for standard user-level access, that I could still, just barely, pass, but I'm not banking on it. 

Overall, I'm happy that the exam was (is) within my ability to do. I agree with those who say the entire exam is doable within 12 hours. Had I not overcomplicated one of the privilege escalation paths, I would have likely stopped at 12 hours myself. I think it took me about 10 hours to root 3 boxes, and get a foothold on a fourth. From then, I bounced between escalating privileges on that fourth box and trying to get a foothold on the fifth.  I am dreading having to do it again though. Breaking into 5 boxes with a time limit of 24 hours and severe restrictions on what tools can be used is mentally exhausting. 

Comments

  • LonerVampLonerVamp OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK Member Posts: 515 ■■■■■■■■□□
    Is this the OSCP?
    Did you list and map the correct flag within your report? You can always fall back onto that to plead your case.

    If you do end up taking it again, at least you get to see even more boxes and solve more puzzles. :) Experience is knowledge is power!

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2020 goals: AWS Security Specialty, maybe AWAE or SLAE, CISSP-ISSAP?
  • ElitisElitis S+ Pentest+ CCENT CCNA eJPT eCPPT OSCP Member Posts: 35 ■■■□□□□□□□
    OSCP yeah. Everything listed correctly in the report, on the off chance that would help but the exam guide clearly says flags have to be both in a screenshot and the control panel so I doubt it will help.

    I agree with the experience statement. I think I only did as well as I did during the exam because I've been exposing myself to a ton of labs, videos, guides, etc for the past year. I would rather see more boxes in a non-test environment though. 
  • Neil86Neil86 Member Member Posts: 157 ■■■■□□□□□□
  • DatabaseHeadDatabaseHead Teradata Assc 16, CSM, MS Access 2016, 2019 Member Posts: 2,566 ■■■■■■■■■□
    Talk about a pleasant surprise!
  • chrisonechrisone Senior Member Member Posts: 2,070 ■■■■■■■■■□
    Congrats @Elitis ! Crazy turn of events :)
    Certs: CISSP, OSCP, CRTP, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (completed), BlackHills InfoSec: Breaching the Cloud (completed), eLearnSecurity: WAPTv3 (completed), eLearnSecurity: IHRP (completed), eLearnSecurity: THPv2 (in-progress)
    Certs: VHL: Advanced+ (completed), OSCP (completed), AZ-500 (failed 1st attempt), eLearnSecurity: eWPT (failed 2x, no further attempts), eLearnSecurity: eCIR (complete), eLearnSecurity: eCHTPv2
  • ElitisElitis S+ Pentest+ CCENT CCNA eJPT eCPPT OSCP Member Posts: 35 ■■■□□□□□□□
    Thanks everyone. My review and comparison is on reddit for anyone who wants to read about it (https://www.reddit.com/r/oscp/comments/ho0j5z/oscp_vs_ecppt_my_experience_with_both/).

    I'll probably take a few days off to recharge and then jump into working on my AD skills. I still have a couple weeks or so of lab time in the PWK labs so I'll use those to practice what I learned during the course and from there its on to the eCPTX. Maybe some wifi hacking here and there since I never did that module in the PTP course.
  • chrisonechrisone Senior Member Member Posts: 2,070 ■■■■■■■■■□
    Elitis said:
     Maybe some wifi hacking here and there since I never did that module in the PTP course.
    That would be all of us hahahaha
    Certs: CISSP, OSCP, CRTP, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (completed), BlackHills InfoSec: Breaching the Cloud (completed), eLearnSecurity: WAPTv3 (completed), eLearnSecurity: IHRP (completed), eLearnSecurity: THPv2 (in-progress)
    Certs: VHL: Advanced+ (completed), OSCP (completed), AZ-500 (failed 1st attempt), eLearnSecurity: eWPT (failed 2x, no further attempts), eLearnSecurity: eCIR (complete), eLearnSecurity: eCHTPv2
  • LonerVampLonerVamp OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK Member Posts: 515 ■■■■■■■■□□
    Congrats!

    The review and comparo is always useful and good stuff. OSCP reviews are kinda almost passe over the past couple years, but few have done both and talked about it.

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2020 goals: AWS Security Specialty, maybe AWAE or SLAE, CISSP-ISSAP?
  • LonerVampLonerVamp OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK Member Posts: 515 ■■■■■■■■□□
    If you can make your way through the whole PWK lab with your time left, that's always a nice little feather in the cap. :)

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2020 goals: AWS Security Specialty, maybe AWAE or SLAE, CISSP-ISSAP?
  • ElitisElitis S+ Pentest+ CCENT CCNA eJPT eCPPT OSCP Member Posts: 35 ■■■□□□□□□□
    Thanks LonerVamp. Its a shame more people don't do eCPPT, it really is an excellent exam and course. I'm glad I went through both though, and hopefully my comparison answers some questions I've seen being asked around and helps someone out. And now I'm interested to see what's at the end of the tunnel. I'm pretty sure I've seen it mentioned somewhere else before of a nice little surprise once you root one of the boxes in the admin (?) network too.
Sign In or Register to comment.