CEH Practical | My Exam Review

Published in

Cyversity

6 min readJan 25, 2023

Hello Cyber Enthusiasts.
This is Vaibhavi Paliya. I am writing this blog to give my review of the CEH Practical, help people with how to prepare for this exam, what does this exam encompass and what resources I used for the same. I took my CEH Practical exam a week ago and passed by scoring 19/20 on the exam. I did not find the idea of writing an exam review blog good for me as I not very good at writing :). But as I found that many people are asking me for the resources and tips for the exam, I decided to write this blog. I hope I won’t bore you and give you confidence for giving the exam. So, Let’s dive right in.

I would like to begin with a brief explanation of what the exam is.

CEH Practical gives you 2 machines with several technical tasks given on a side panel attached with the machines on the exam portal. One machine has the Parrot OS and the other has Windows 2016 server. The parrot OS does not have access to internet and you have to connect to the windows server through Remmina which will have access to internet.

In my case, there were two windows server available which I found after scanning the subnet with nmap and connected through Reminna to the other IP. You are required to use both machines as the questions will be related to both of them. During the exam, no one should be in your room and you need to keep your camera, microphone turned on and share your screen with them. They record the entire session.

Also, this exam is proctored and you have 6 hours to solve 20 task. You are allowed to take a break of 15 minutes during the exam which I did. The minimum score to pass this exam is 70% which is 14 out of 20 tasks. The exam is completely on iLABs environment and if you have watched the iLabs videos or have purchased the course, you will be familiar with it. I myself did not purchase the course as I felt I can find enough resources for free.

Exam Scenario.

My exam was scheduled to start at 17:30 pm on 14th of December, 2022. You can start the exam through the Aspen Dashboard by going to “View My Sessions” and then clicking on “Start”. You will be connected to a proctor. Before starting the exam, the proctor will ask you to download GoTo meeting app and connect with them in a meeting so that they can monitor you and take control of your system and enter their credentials to actually start the exam. They will be available on chat for the full time of the exam and you can communicate with them in case you have any issue. They will test your network bandwidth and then they will take a 360-view of your working area before starting your exam.

My review of the exam.

It was not too easy for me as I am also a beginner in ethical hacking but yeah with some resources and a cool mind I solved 14 questions in 3 hours which gave me a little confidence and motivation to solve further. A score of 19 was not what I had expected but yeah, I got it.

I would recommend that you try all of the tools that are likely to be used in the exam beforehand and get familiar with them as I did not do that and it made me waste some time in the exam which led to anxiety as well. The parrot OS was really really slow and you cannot copy anything from your system to the machines so be prepared for that as it takes up some of your time. The exam is beginner-friendly and can be passed easily. However, scoring 19 or 20 could be somewhat tedious.

My recommendations.

>I would like to recommend that you choose a suitable place to sit to give the exam and have at least 30mbps of bandwidth internet as I faced some issues in the starting due to slow internet.
>Keep a bottle of water and a snack with you if you’re an anxious eater like me during the exam.
>My proctor was chill and reconnected me multiple times due to the internet but I would not recommend risking it as it takes your time and make you nervous at the start of your exam itself.

How I prepared for the exam?

I started with doing TryHackMe rooms related to the topics listed below. I watched videos of many CEH practical reviews and read blogs on what all tools I need to prepare. As one of the weaker topics for me is SQL injection, I worked on it through TryHackMe rooms and SQLmap tutorials. The modules listed below are all of the topics

Now, let’s jump into the topics for preparing.

#Cryptography
#Steganography
#SQL injection
#Website Hacking
#Android Hacking
#System Hacking
#Networking and Scanning
#Active Directory (Possible)

In Detail:

#Cryptography : For cryptography challenges, you have to use the Windows machine and the tools that will be used mostly are:

* Cryptool 2
* Veracrypt
* BCTextEncoder
* Hashes.com
* Md5 Hash
* HashCalc

#Steganography : For steg tasks also, the Windows machine has to be used, and mostly all of the tools will be preinstalled but it is not necessary so can download them also. The tool used in steganography will be “Snow” and “StegHide” mostly.

#SQL injection : The tasks for SQL injection were based on the parrot OS and the tools “SQLmap” and “DSSS”. I could not find DSSS installed so I had to install it on the windows machine.

#Website Hacking : In website hacking, you would have to bruteforce a Wordpress site for username and password using “wpscan” and then find the answer.

#Android Hacking : An IP for an android device will be there in your given subnet and you have to use the “adb” tool to connect to it and answer the question accordingly.

#System Hacking : After nmap scans you will discover some services running on different IPs like ftp or ssh. In system hacking you need to bruteforce the username and password for the service running using “hydra” and “john the ripper” then answer the question. For directory bruteforcing, you can use “rockyou.txt” with gobuster.

#Networking and Scanning : In the start of the exam, you will need to scan the given subnet for IPs using “nmap or netdiscover”. Some of the questions will be based on basic nmap scans and whatever results you get. I suggest you have a basic knowledge of “Wireshark” filters as it will save time. Wireshark questions will mostly be about DoS and DDoS attacks in which you have to find the IPs of attackers.

#Active Directory : In this module, there will be some questions related to domain controller or domain users. It is not very deep active directory but some basic active directory questions might be there as it was true in my case while it is also true that many people do not get any active directory questions.

Note: The wordlists for all the bruteforce tags will be provided in the machine itself.

That’s all about my exam and all of the points I wanted to share about my exam. Listed below are all the resources I used.
All the best for your exam!
Keep Hacking!

Resources for the exam: (You can bookmark them and either use them during the exam or use them for preparation).

https://github.com/cmuppin/CEH/blob/main/CEH-Prac%20Guide
https://github.com/infovault-Ytube/CEH-Practical-Notes
https://book.thegurusec.com/certifications/certified-ethical-hacker-practical
https://www.youtube.com/playlist?list=PLWGnVet-gN_kGHSHbWbeI0gtfYx3PnDZO
https://medium.com/techiepedia/certified-ethical-hacker-practical-exam-guide-dce1f4f216c9
https://bughacking.com/dvwa-ultimate-guide-first-steps-and-walkthrough/#File_Upload
https://github.com/System-CTL/CEH_CHEAT_SHEET
https://www.youtube.com/watch?v=gH3krN3RKC4
https://www.youtube.com/watch?v=TSd33l_6IyY
https://medium.com/techiepedia/certified-ethical-hacker-practical-exam-guide-dce1f4f216c9
https://youtu.be/FOHqH5f56Kk
https://youtu.be/xpHkjEqGqgU?t=229
https://youtu.be/bDcz4qIpiQ4
https://www.youtube.com/watch?v=z2F5gauWuZE

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

Find Me Here:

Twitter: https://twitter.com/PaliyaVaibhavi
LinkedIn: https://www.linkedin.com/in/vaibhavipaliya/
Github: https://github.com/VaibhaviPaliya