Today I received my first certification from Offensive-Security (not counting PEN-100). If someone else is in progress of taking this course or thinking about it here are my tips and tricks.
Here are some links from offensive security that you shall read if you will attend an exam from Offensive-Security.
You have 3 different networks that you can revert to. One of the network are mandatory to complete. You must “hack” 2 networks in total. You need to do this under 4 hours.
You can revert the networks 50 times during the test.
You must write a report and upload that to Offensive-Security after the exam. In the report you must provide screen shot and proof.txt of the network. Read the links above.
Use external webcam if possible
Use a portable web cam with a long cable, it works with integrated but the proctor want to see the surroundings and that can be sticky with integrated camera. My external camera did not work for this proctor application. It was not possible to change webcam in chrome extension for me. 😦
Use external monitor if possible
I used a laptop and a second monitor.
Prepare your Kali VM ( so you know that it will work)
Have your driver license or passport ready
Clean room and clean desk
Put a sign on the door that it is exam time and if you open the door you will die
Have water or something else you like.
Write the report as you go
Learn how to connect to wireless networks in kali
Make your terminal logging everyting or I use tmux, so you can go back if you miss a screenshot
My Exam timeline
I first receive an email from Offensive-Security
Exam starts 2022-08-07 14.00
12.00 – 14.45
Clean the desk, setup my laptop and monitor.
Startup my laptop, check that my web cam works. Start up my kali vm. My local Kali VM is the vm that I use to connect to the exam-vpn. So openvpn must be installed on the vm.
The proctor application is a chrome extension that is on the laptop. I am running ubuntu 22.04 with VirtualBox.
Installed the Chrome plug-in for the proctoring stuff
In the email from Offensive-Security it says:
The exam package will be sent to the following email address(es):
This will be sent to you after you passed the proctoring people.
Here the proctoring people want to see you ID and you need to share all your screens. They also want to see the surroundings thru the web cam. When they are happy they will start the exam and you will receive the VPN package and the link for the Control Panel.
This is for you kali VM so make sure that you can access your email from the kali vm or transfer files to it.
Download the vpn package to my kali vm. Connect with openvpn. The on the Control Panel link that you will receive in the email you have an ipadress to connect to.
On the remote machine you do all your work. You will not do anything on you kali vm except connect to the machine that Offensive-Security provided for you.
15:05 – 22.00
I fucked up really hard during the first 2 hours. It was a simple task to do but for some reason it did not work for me. After 2 hours going nowhere I saw that I have misspelled the network name. My dyslexia makes it hard sometimes. I need to use copy and past instead for typing.
After that it went the way that I want. Because I lost 2 hours of the test because of misspelling I finished the exam 5 minutes before the end. Puhhhh
Now to the reporting. Because of my first mistake I did not follow my own words and did not do the correct reporting from the beginning. So that is why my reporting ended at 22.00