A couple months went by and I signed up for 60 more days of lab time and scheduled my exam. I jumped back in the Labs and started going over each machine I had gotten Redoing my notes and being more thorough. I finally understood that methodology and persistence were key, besides the number one thing Enumeration. I pretended like every single lab machine was an exam machine. I took notes just like you would for the exam report I did the ipconfig ifconfig and screenshots I wrote detailed reproducible steps for local and root/system access.
I wanted a clearly defined set methodology that was my own. Something I could modify When finding new techniques or tools that I would want to encorporate eventually into my toolbox. I also needed to start writing my own scripts or automate as much as I could so I could spend my time sifting through information.
I played on (hackthebox.eu) for a month or two and am still active there. I got to the top 200 that first month. I would strongly recommend this site as well as the netsecfocus community in general. I have talked to some interesting people that were way more knowledgeable than I was. I never want to be the most knowledgeable person in the room, if I am then I am in the wrong room. I always want to be learning and or finding new sources of information to absorb.
So I go to take the exam the second time. I still didnt feel comfortable, but trying to push myself to keep trying. For some reason This time I hit a wall and just derped out on my initial footholds. I got Several of the machines done and just pounded away until I got frustrated and went to sleep for a nap. I Woke up got local on a machine and then the rabbit holes were real. I spent the remaining time trying to figure out what I did wrong.
Lessons Learned From Failing A Second Time
I found several rabbit holes that I should’ve continued down I think. I also think that I needed to do some vulnhub as well as. I never really thought about it, but I should’ve had the mentality that these exam machines are meant to be broken into. There has to be a way in. While the Second time was frustrating it was not near as bad as the first time for me. I’ve taken some time off because I had a new baby girl, but am scheduling my third attempt sometime in the next couple of months. Below is a list of what I am going to do to prepare this time.
Third Attempt Preparation
- OSCP like VulnHub Machines I am going to hit these again for a couple weeks.
- The next time I take my exam I am going to start at lunch or the afternoon that way I don’t mess my schedule up and am not struggling with brain fog.
- Regular Breaks I am going to set timers on my phone every hour and a half or two hours to walk away for 15 minutes and clear my head.
- Try Harder.