This is a quick overview of what I went through.
About me
As for the people who were following this blog, this post is about the journey of my eCPPTv2. First of all, I will tell you guys about my background. I’m an Assistant Cyber Security Engineer. I have been working in the field for almost 2 years. Started my courier with no experience in the field. Only knew few things like burpsuite and sqlmap.
For a person like me this is a huge achievement and I think everyone to anyone can do it. I started out from bits and pieces like going through Youtube free channels. Joining Udemy courses. After a while started to prepare for OSCP with no experience.
I thought it would be a great start but there was no one to help me until I came across discord channel the owner was falconspy which helped me a lot.
Started out with hackthebox which was amazing later on joined in TryHackMe which was fun. So that’s basically me. Last year I got my eJPT which was the first penetration exam I took from ElearningSecurity.
This year I took eCPPTV2 and passed which was great. I found lot of people who were very helpful and also found some people who were like always in high horse. You know what I mean.
Purchased the course last year but couldn’t finish it cause of some difficulties I had. But two weeks earlier before Jan 22nd 2021 I got an email saying I need to sit in the exam or else it will expire. So this is how I started.
First week went through some of the course materials like a quick view on how things worked. Second week I started doing the labs but I couldn’t finish on time. I still have more than 50 hours of lab.
Now the question would be how did I pass the exam? Well if you know how to use tools you will pass this exam. Metasploit is your best friend for this exam. I spent most of my time reading about Metasploit than going through the labs. I learned a lot about Metasploit. You need to learn pivoting and proxychains. I don’t know how anyone can survive this exam without it. Actually, I did complete more than that but never marked complete.
So yea what I thought was let’s just do it. If I fail will take it again.
Exam
Day 1: Broke into the first server. Found some interesting things. Went to sleep cause I was too tired.
Day 2: Broke into more machines in the second network. Was searching around for more information. Found more machines but couldn’t break-in.
Day 3: Did the Buffer overflow. I got stuck at this point because the scripts weren’t working fully and on Day 3 I was also working so was switching between work and exam. Found the problem with the scripts and did it.
At this point, I was really impressed with how I actually had to exploit it because from the local machine I couldn’t do it so had to improvise a bit and do it. I don’t think I can actually give those details but that was something really unexpected.
Day 4: Was working. Broke into the last Zone. Ok so think out of the box for this one cause it might be a pain if you don’t really know what’s going on. Just start googling because google can never fail you at somethings. By the end of the night, I was done with the box.
Day 5: Started writing the report started taking screenshots of what I have missed.
Day 6: Completed the report. Went through the report I don’t know how many times I did it but was reading it over and over again trying to find small simple mistakes that I usually make in my Reports.
Day 7: Submitted the report at noon.
Day 8: I was impatient thinking I might not pass. At night before going to bed checked my email and there it was. Congratulations! You are now an eCPPTv2 ! at this point, I thought I was the happiest person in this world.
Few Resources that helped me during the exam.
Dotstackbufferoverflow: https://github.com/V1n1v131r4/OSCP-Buffer-Overflow
Pivoting: https://pentest.blog/explore-hidden-networks-with-double-pivoting/
This was one of the best exam I ever took in my life.
Be First to Comment