Firstly, this is by far the toughest exam after the OSCP back in 2017. I signed up for CTP course with 3 months lab time but I had to extend it another month due to work and personal obligations. I decided to take a shot at the exam about 4 months into the course material, the first try was disastrous, I failed miserably. The second time, well, lets just say I was over confident and thought I could pull thru by acing 3 out of 4 questions. That expectation fell short as there was a trick challenge that I couldn't crack on prod. The way offsec tailored this exam, you had to attempt all the questions. Offsec really made the exam brutal and they really planned it out well, it was like they knew how most students would have avoided the dreaded topic and tried to focus on the 'easy ones'. So don't expect a walk in the park. Many times when I thought I had solved 1 problem, I ran into another one around the corner. It was very frustrating but in the end, it was persistence and perseverance(6 months in total) that lead me to pass this exam after the 3rd attempt. I think I spent over 40 hours doing my own research outside the course material. The material given is just the tip of the iceberg. To pass the CTP challenge, you really need to know the subject matter in and out. Offsec designed the exam to test your understanding. Replicating the answer straight out from the courseware will not help you pass this exam. This challenge will test your lateral thinking and your patience!! At times, I felt like quitting. Some of the material especially the HP NNM shellcode encoding subject was presented too shallow that I couldn't fully comprehend it. I remember going over and over this topic to a point I have recognized mutts voice by heart. If you search on youtube, you will find his full demo at Defcon explaining his exploit in depth with more detail. It is true that the CTP material is abit outdated, I'm guessing it was written around 2009 but the fundamentals remain the same. A lot of emphasis on Windows Exploit Development, Debugging with Olly, Egghunting & Shellcoding. Other topics like code review is also necessary to pass this exam. Websites like Coreland, fuzzysecurity and Googling the shit out of these subjects are necessary. There are some useful blogs out there and there's even binaries for practice that is very useful. I read some peeps even took up separate assembly lessons in preparation for CTP challenge but I honestly don't think it is necessary. I don't want to give out too much detail but don't expect straight forward answers from the web either. Much of the info is out there but you have to piecemeal it until you have full level of understanding on the topics presented in the course material. I found the offsec forums and community very helpful too! Just don't go asking for exam materials ;-)
CTP is more focused in advance pentesting topics. Areas such as XSS to shell and SNMP to GRE sniffing was something that awed me! My advice to those thinking of attempting the CTP challenge is don't rely on the course material alone, think out of the box, challenge yourself to try different solutions to the ones already presented to you and most of all....TRY HARDER..if you fail...F*&^*** TRY HARDER UNTIL YOU GET IT RIGHT!
Overall, I think its not about obtaining the OSCE certification that gave me the confidence at what I do but rather the thought process of overcoming the challenges and the hours of perseverance in cracking the perimeter!
No comments:
Post a Comment