It was quite a long time since my last post now. That is simply because my family and my job is taking up all my time since the last years ;) The last month I found myself that I need to challenge myself and wished long time ago to get a technical certification in the security sector.
My last certification was quite a lot of time ago and was a Qualys Guard certification so i searched the internet for an adequate challenge to take.
After reading some blogs i found that the certifications from
http://www.offensive-security.com seemd to be really challenging, even for people who worked for years as pentesters.
A bit of reading on the offensive website stated:
“… widely regarded as one of the most respected and difficult to obtain technical information security certifications available, the OSCE is the industry premier advanced penetration testing certification.
Holders of this certification are part of an elite group who have proven they have what it takes to be among the best and brightest in the field.”
Umm making that statement from such a respected company…
I thought this could be really challenging.
So i decided to give the Cracking the Perimeter and the resulting Offensive Security Certified Expert (OSCE) a shot
That said, I found myself over at fc4.me, the registration challenge for the CTP course.
The first few steps of http://fc4.me were quite easy, just because I had managed to get a few levels over at http://3564020356.org years ago and remember everything of that, the rest you can think of yourself :)
Please be aware that I will not give any hints on the registration challenge / the course or the exam.
The exam is so hard – if you can not make it yourself and need to use hints from anybody to do the exam you are cheating and have not deserved the certificate.
-the CTP course-
You will have an option to register for 30 or 60 days, i chose 60 days and planned to do my exam after about 45 days and if i could not archive it, I could work on the lab for another 15 days and try again.
If you need other information’s about the course itself, give google a shot, there are plenty of reviews on the CTP course itself.
Of course nothing you plan for your life is exactly happening the way you planned before.
I wanted to plan my exam 15th April but on Friday 2016-03-25 my public services provider dropped a letter that they will break up the whole street where I live and maintain power, gas and water for 15 WEEKS, starting the 15th April.
Damnit, so i cannot rely on a stable internet connection for the whole 48 hours of exam.
I then found an exam slot at Monday 28th March – yeah 2 days after I received the letter from public services..
I then scheduled the exam to this date…
As stated before that nothing you plan is going exactly this way, everything is trying to get the hell out of me and my whole family went sick in the night to Monday >:(
Nothing i could do – I couldn’t reschedule the exam and had to do it now.
– the exam –
I can’t tell you how nervous I was. I created a lot of scripts beforehand where I thought Offensec will put me some stones. I even learned python a little bit as I want to get everything I could from the course.
The exam consists of 4 challenges, 2 with more points, 2 with fewer points rewarded.
I started with the smaller ones where even my scripts come handy so my nervousness flattened..
7 hours later I had 3 out of 4 challenges made.
I started the exam at 16:00 PM now it was 1 o’clock. I went to my first sleep.
Wakened up at 8AM I get a coffee and immediately headed over for the last challenge.
This challenge could be broken up in 2 parts and after some fiddling I got the first part working after two hours or so.
But then, this one put everything out of me, I couldn’t get it to do what I want – I worked really hard with some little breaks to regain consciousness.
I found several ways that *could* work, but none of them did work at the end and I started to get frustrated.
It is now 02:00 AM and I went to bed again, couldn’t do anymore..
After a horrible sleep I woke up and the first thing that came to my mind was:
Okay, got a coffee.. More ideas came…
5 hours later I was really between hope and desperation.
It was now 13:00 and I started to get ready to fail at the last step of the exam.
But not with me, I tried shooting at the dev-target as much as I could and baaam!
Out of nowhere my last idea did work!
Now I started to get really nervous now, I had to hack all my findings together in a working manner and has to circumvent some little problems but I managed to get everything up and working 2 hours before the end of the exam.
Now I was ready to work against the objective and on the first attempt it did work!
YEAH I was so happy that I screamed around and really felt like a hero.
I hacked together my documentation of everything for what i had again 24 hours after the exam but I needed to know if I did pass or not. I had invested soo much hard thinking I couldn’t wait for the result.
After 2 days I got the revenue:
We are happy to inform you that you have successfully completed the Cracking the Perimeter certification exam and have obtained your Offensive Security Certified Expert (OSCE) certification
And they even sent me a nice image to include in my online activities:
In the end I was sooo close to give up, but the moment when you overcome this feeling and get it working is what everybody out there is meaning with the words “try harder” – with enough persistence everything is possible.
Thank you Offensive-Security for this mind-blowing course and to allow me to master success and failure – this was the hardest thing I ever have made under the pressure of time!
Really I need to say thanks to my 2 kids and my wife – they have gone sick but managed to not disturb me the whole 3 days while i took the exam. Thank you :) Love you ;)
Now, the next step is to recon from this and to get my family healthy again ;)