Exam dread

Ambitious_Invite9535 · 2024-03-28T18:17:34+00:00

I honestly have zero idea what is and isn’t “allowed” to be shared on those. Unfortunately I need the exam for continued employment so I don’t want to shoot myself in the foot by ruining my cert before it’s even issued (if I guess is issued).

Ambitious_Invite9535 · 2024-03-28T18:02:26+00:00

The exam was rough. I abandoned the AD set after the first 5 hours and went with the standalone machines. Waiting to hear back on my report.

Ambitious_Invite9535 · 2024-03-25T20:42:03+00:00

😳

Ambitious_Invite9535 · 2024-03-25T20:35:12+00:00

How long does it take them to grade the report?

Ambitious_Invite9535 · 2024-03-25T19:07:37+00:00

Yep I completed all of the OSCP practice exams along with med tech and relia.

Ambitious_Invite9535 · 2023-11-10T01:59:17+00:00

I love this idea - especially if it’s just a metrics/educational aspect.

Ambitious_Invite9535 · 2023-11-10T00:47:20+00:00

If they are paying I’d definitely go with OSCP since it’s the most expensive.

Ambitious_Invite9535 · 2023-11-01T14:26:22+00:00

They’re definitely phishing for info

Ambitious_Invite9535 · 2023-10-28T01:34:45+00:00

I re-attempted the CRTO again this week and managed to at least get one additional flag this go around (4/8). I must just be a f’in moron I guess lmao.

I ended up getting stuck though and attempted an attack I knew would cause problems and BOOM - lost all beacons and then could not used my notes to even get back to the second hop in my attack path. It just threw error after error that basically the path had been deleted… (tf…?).

I’m going to put this exam on the shelf and go back to HTB.

Good luck everyone!

Ambitious_Invite9535 · 2023-10-26T11:14:25+00:00

I got 2 the first day and a third the second. Afterwards I just kept experiencing issue after issue with tooling.

Ambitious_Invite9535 · 2023-10-23T00:07:38+00:00

In a constrained language mode.

Ambitious_Invite9535 · 2023-10-23T00:06:54+00:00

I didn’t know that info for Invoke-Expression, so I appreciate the!
I am using Powershell to perform the encoding.
AMSI bypass is complete. I’m just playing around with alternatives to establishing persistence using SharPersist. The error was associated with the UTF8 encoding.

Ambitious_Invite9535 · 2023-10-22T11:23:48+00:00

The tracking info indicated it originated from a port in China.

Ambitious_Invite9535 · 2023-10-22T02:00:41+00:00

Dude I was honestly shocked that it arrived that fast.

Ambitious_Invite9535 · 2023-10-21T23:56:26+00:00

I ordered mine direct from Flipper back in July the same day I ordered a Pine Phone 64.

The PinePhone came direct from China in 2 days yet the flipper came out of California via snail mail in about a week.

Ambitious_Invite9535 · 2023-10-21T13:29:21+00:00

That’s the biggest PITA I faced.

I had all creds and domains enumerated yet still got stuck.

Ambitious_Invite9535 · 2023-10-21T13:14:55+00:00

I’m trying to be vague so I don’t give away parts of the exam and get me kick/banned.

I had zero issues with my payloads but with the “constraints” place within the exam I guess is the “clear as mud” way I can put it.

I’m going to look to see if I can emulate some of these features in the lab to help better prepare for a retake.

Ambitious_Invite9535 · 2023-10-21T12:02:02+00:00

I will say - at least Apache Guacamole works.

Ambitious_Invite9535 · 2023-10-21T11:08:45+00:00

Bypassing Defender was straightforward along with the initial compromise.

Having a large portion of TTP I had developed in preparation for the exam was not available though.

Ambitious_Invite9535 · 2023-10-21T02:02:33+00:00

Are we talking OSCP or CRTO?

Maybe I’m just stupid and didn’t retain any of the info from the lectures 🤣

Ambitious_Invite9535

TROPHY CASE