This Tuesday, at 4:31 pm I closed my OpenVPN connection to the Offensive Security labs. Just out of curiosity I re-entered the command I had grown so accustomed to over my time working through the Pentesting With Kali (PWK) course en route to achieving my Offensive Security Certified Professional (OSCP) certification. The all too familiar “Initialization Sequence Completed” had now been replaced with “AUTH: Received control message: AUTH_FAILED” signifying that indeed my time in the labs is truly over.
My journey to the OSCP actually began in the early spring of 2014. I had recently separated from the military and had been working as a developer in a small shop having been inspired by several friends who were quite accomplished in the developer community. My small shop took on a new contract which required a security program, and as I had military experience (?) my boss figured I would be the best suited to be the ISO of our company.
Overnight my world turned upside down and my duties went from pushing code to close tickets to securing an enterprise network, setting Wi-Fi passwords in our office and oh yeah, conducting quarterly penetration tests. I quickly figured out that I had no clue what I was doing and should probably figure it out in a hurry or lose my new position. A bunch of googling led me to the Offensive Security (Offsec) site and I discovered the PWK course. It seemed like a great way to learn how to conduct a penetration test, so I spoke with my boss and got the corporate credit card and dove right in to this new world.
I opened up the course material and stared blankly at it for roughly the first two weeks of my initial 90 days inside the course. I struggled to work through the information overload I was experiencing. There were so many techniques to learn, so many different avenues to probe a system and I had just barely gotten a grasp on the Linux command line during my tenure as a developer. I had just received a sizeable raise contingent on my completion of the course, so I was determined to see it through.
I worked hard to learn the material and hit the labs feeling good about what I had accomplished. Again, I hit a wall of inexperience. I struggled to find any point of attack on the machines in the labs, and when I did find something I had no clue what to do after I did. I think in my three months of lab time I managed to get a few low hanging fruit before my time there expired.
I spoke with my manager about the course and was honest in my assessment, I was not ready to sit for the exam and needed more lab time to prepare. I purchased this on my own and during my extension was struck with some life changes and ended up moving to a different company. This new place didn’t really care about certifications, so I set the OSCP on the backburner and left it there.
Three years and two more career transitions later and I’m finally a Senior Information Security Analyst at a fairly large financial company. I have gotten this far almost through sheer force of will and a refusal to be told I can’t do something. There was still something missing though. Every single time I log into my desktop there is a folder – simply labeled “OSCP” that contains all the course material that I started all those years ago. Since abandoning my work I have worked in the industry for years, gained valuable experience and discovered a love of capture the flag events.
My free time which used to be occupied with video games is now is spent taking on Hack the Box. I opened the folder for the first time in a long time and saw the familiar pdf and video files that are included with the course. This time, I’m going to do it I told myself. After a quick chat with the support team to make sure my material would be useable after all this time I signed myself up for 30 days of lab time, which includes an exam voucher.
This time it was different, I found my skills gained from playing CTF games had prepared me for the labs extremely well. I managed to get root access on most of the public network and unlocked some of the additional networks. I went over all of the course material again and redid the exercises. This information which was so foreign to me in 2014 was old hat now. I found myself adding a little creative flair to the various scripts and commands which are required for completion of the course.
The labs this go-round were still incredibly challenging, however I had developed a new skillset to be able to handle these situations. I know where to look for vulnerabilities, I know how to manipulate exploit code, and I know how to handle hitting a wall. All of these skills are needed and yet on several of the VERY solid “How to pass the OSCP” blogs I have read are not discussed. The course gives you everything you need to succeed, but the most important is to gain a mindset where when you are hit in the face with a brand-new situation, you can remain calm, work through the steps and find a solution.
I have progressed in my career to a point where I probably do not need to accomplish the OSCP certification to prove my mettle to a potential employer, however I need to accomplish it to prove it to myself. I will not sit for my exam until this Saturday, which is the deadline for submitting articles, and thus I do not even know at this point if I will be successful. Four years ago, I started this journey, today I’m not entirely sure if I’m well enough prepared. I am, however ready to find out.
Main Image Credit : The awesome piece of artwork used to head this article is called 'Good Luck' and it was created by graphic designer Ruby Zhang.