My Experience of OSCP Proctored Exam
Offensive Security has changed their OSCP exam format as proctored since July 2018 for the sake of preventing the cheater.
Though I wouldn’t agree with them, I decided to get OSCP as it is the most In-Demand certificate in Info-Sec industry.
Fortunately , the rest certs like OSCE ,OSWE ,OSEE are still unchanged.
First of all, to save the time and money, I didn’t want to spend too much time in their lab as my profession is a penetration tester, I have confidence in myself that I could make it. I went with default option inclusive 30 days lab time. But lab package would depend on how much experience you have in hacking, some goes for 60 days and some goes even 90 days.
Once registered , I’ve got the down link for course material which is included PDFs and videos. I checked thoroughly the course and most of the techniques are basic and luckily I was familiar with them.
After spending 2 or 3 days in lab and I figured out that the lab was not too difficult, not to mention the old exploits and public POCs available.
However, I didn’t own the whole network of their lab , as they mention there are 3 network segments.
In addition, all the people mentioned out there , some machines in Labs are difficult like Ghost, Pain , Sufferance ,Humble. Honestly , I didn’t try them.
After a week , I took exam. I needed to get online 15 minutes prior to exam time in order to get verified my ID, installed screenconnect, shared web cam feed and needed to scan the whole room including under the desk. Also the web cam feed stopped a few times and they would be asking to refresh the feed during the exam which is annoying in deed, if you were in a situation of dullness.
It would be frustrating if you don’t like other people watching you while you are hacking , of course I am one of them.
I am a little bit sensitive for my data like , my directory path ,google search, etc. I tried not to open sensitive data during exam as they don’t allow to install screenconnect in VM.
So , I had prepared the notes for referencing during the exam to lessen searching a lots in google but my notes were not enough for referencing.
After 6 hours ,I got 3 machines and took a break. It is necessary to inform them when you get out the room , take a break , have a meal , take a nap , etc.
I noticed the exam was more difficult than the lab. The approaching will be a lot different than the lab. So better be prepared well if you had a little experience in Hacking.
Although OSCP is a entry level exam , they have already mentioned that you will need basic knowledge in TCP/IP and some programming language.
And another necessary skill-set is a basic exploit development skill like buffer overflow.
Another 2 hours later, I got another machine root , then I informed them to take a nap.
I started again after taking a nap for an hour or two. I got another local user after a while.
I noticed that I was above passing mark and started thinking to quit but was eagerly figuring out how to get root the final machine.
I spent about 1 hour by enumerating to escalate the privilege, frankly, I could not get root to the final machine.
Even though I had about 8 hours to go but I wanted to get rest so I informed them to end the exam early. They confirmed with me that as soon as the exam end, the exam machines could not able to be accessible again.
if you are the careless person like me, should be aware of that situation, better be checked if you lacked screenshot and notes for the exam machine to produce a fine report.
Usually I took notes with CherryTree and prepared Tmux session with log file size extended but still I missed some minor screenshots.
The most important thing before taking exam is reading their guide below.
This guide explains the objectives of the Offensive Security Certified Professional (OSCP) certification exam. Section…support.offensive-security.com
The rule you should be aware is that you can only use Metasploit (all Modules)and Meterpreter payload in one target. It would be perfect if you can stay away from Metasploit, ortherwise choose wisely the target for the Metasploit.
They mentioned the guideline for reporting as well. Professional report will be needed in order to be qualifying the exam which means another technical person could able to reproduce the steps you did in exam after reading your report. In the guide , they are expecting proof screenshots that you own the server. And report template is given by them in above link. Do note that they are seriously checking your report.
Last but not least , after submitting the report , there will be acknowledgement email within twelve hours. And the final result will be in 5 business days.
Thanks for reading