Hi everyone! Apologies for taking so long to write the review. As I am sure most of you are aware that I passed my eCPPTv2 exam. I received my certificate on the 24th May and I completed the exam aprox 10 days before.
A lot has been going on since! It all started off when I caught the dreaded covid-19 virus during the exam. It took me about 3 weeks or so to fully recover from that (it really was awful). We are expecting a baby in the next few weeks and I had been neglecting preparing the baby room because I was busy studying for the exam. So yeah last few weeks have really been just painting and making IKEA stuff! In between the baby prep, I have also had a few job interviews (junior pentesting roles) which took priority as I really feel its time for me to get a cyber related job. I have not heard back from all the interviews yet, but I am hoping someone takes a chance on me! (fingers crossed)
Anyway, with all that out the way lets get into why you are all really here for – The eCPPTv2 review. I am a big fan of eLearnSecurity and when I started off I pointed out that I want to learn the right way, for me its not just about CTF or get root. The idea has always been to be able to find vulnerabilities and perform a full pentest in a real environment. If you have read my early blogs you are probably aware I brought the elite version and I spent around 80 hours in the practise lab environment before I took the exam. This might be an overkill for some but I always wanted to take the exam when I felt comfortable and that’s different for everyone.
I really enjoyed prepping for the exam, eLearnSecurity’s labs and resources are awesome. Another bonus is that you dont have to look too much outside their resources for any extra help (all the extra resources I will share below).
I have read a few other reviews for eCPPTv2 before I took the exam and I will be following the same style. My day to day summary will be fairly vague as I don’t want to give anything away.
I got up nice and early, feeling good! The exam about 10 on Monday 4th May. I read the rules of engagement and got myself all prepared to start the exam. As soon as the exam started my morale dropped and nerves got the best of me. I felt a bit all over the place straight away and thousands of thoughts started going through my mind. After about 3 or 4 hours I started finding my feet and calmed myself down. My whole schedule went out the window! I had promised myself breaks etc but because I was struggling and not making much progress I didn’t feel like taking a break. Frustration started to get the best of me! Eventually I got my breakthrough and I felt much better. I found the initial foothold hard and spent most of day 1 on that.
Second day was also tricky for me, I realised I get worked up easily. I thought I had decent patience but this exam taught me that solutions don’t come straight away and I need a lot more patience in this field. Frustration again got the best of me, I started stressing and didn’t take breaks again. Day 2 started early and finished extremely late, the whole day was very blurry and progress was slow. I did manage to make progress, I got escalated privilege and I was able to further enumerate the machine and the network. (I really did some soul searching on Tuesday night and I had a prep talk to myself about discipline!)
Day 3 is where it really started turning around for me, I was calmer in my approach. I was taking regular breaks and the weather was decent so I was going for walks around the area too (I found this awesome little forest near my house which made it even better!). Another thing that helped was making a mind map, I added the machines I found from enumerating the network on day 2 to it. So I made a plan and started to try and exploit the machines. I made really good progress on this day and confidence started coming back to me. It really is a game of morale, the more confident you are the better you do. I started working on BoF exploit in the evening.
This day was mainly about BoF, it was tricky! I don’t want to give too much away and obviously everyone works differently but I am glad I spent time on ruby. There wasn’t much more to day 4 to be honest. The most difficult part I found for BoF was which payload to use and it was really just trial and error until I got it right. I stuck to taking regular breaks, going for walks and I also decided to start sleeping more!
I realised one thing on the morning of Day 5. I work much better in the mornings than the evenings! Day 5 started great, I got BoF sorted and I could finally move on. I found something interesting whilst enumerating the machine. I kind of got a flashback of one of the labs from the study material and it helped! By the end of the day I was in a very comfortable place as I was able to map out the whole network and knew where the DMZ was. (physically I was more tired than ever but that was because the covid-19 symptoms started kicking in!)
The struggle on day 6 was unreal, I was starting to get really ill. I thought it was because of the exam was taking its toll on me and the lack of sleep was weakening my immune system. Some how I powered through though as I knew I was really close to the end. By the end of the day I completed the practical side of the exam!
I woke up much later than I had been throughout the week. Feeling sluggish I went over everything. I started writing the pentest report too and whilst doing so I was taking additional screenshots where I felt I needed them.
The pentest report itself wasn’t too difficult although I completed it on the Thursday the 14th May. I used the template provided by the cyber mentor but I did make some changes to it wherever required. Before the exam started I was quite concerned about the report but once the exam was completed I was confident and I think that will be the case with most people. Once you know the vulnerabilities, you will know what to write and how to present it. The report including screenshots was approximately 40 pages long.
When I think about the exam now it feels rather bittersweet, I really enjoyed the exam but the memories attached to it also remind me of covid-19!
All I can really say about the exam is that eLearnSecurity do a great job prepping you for the exam. I would like to add that the PTP course material will not prepare you for everything and I wouldn’t expect them either. The exam would be very boring if it did. The idea is to use resources provided in the PTP course but also use your initiative. In a real life pentest you will be expected to come across the unexpected and figure a way out. 7 days for the exam is ideal, you have enough time even if it feels at times during the exam that its not.
Overall it’s a great exam, I have learned a lot from the PTP and the exam itself. Not just pentesting knowledge but also about myself. I realised its about how to handle the information in your brain and how to use it in pressure situation. The exam was a turning point for me, I feel much more confident in my pentesting abilities.
- Discipline – no matter how tough it gets or how frustrating it gets, learn to walk away from the computer to take a break and come back calmer and with a fresh mindset. (don’t make the mistake I made for the first 2 days, I made way more progress after day 2)
- Keep hydrated and don’t forget to eat. You will need energy levels to be high for the brain to function properly
- Understand PIVOTING – I cant stress this point enough. Pivoting is huge! I had to use additional resource to understand pivoting properly and its unfortunate that you cant really practise it in the labs that well.
- Practise your Buffer overflow technique, keep hammering it away until you know exactly what you are doing when it comes to BoF.
- Understand payloads – you need to know when to use bind or reverse etc. Play about with msfvenom, it will help you.
- Work to your strengths – Everyone has different strengths. Some may prefer RDP to enumerate whilst other may feel comfortable working in the command line. The point is there is more than one way to get to your goal. Use the tools and techniques you are comfortable with.
- Don’t overthink it – It really is sometimes much simpler than you make it out in your head and when you do finally get the answer you were looking for, you will feel stupid! 😛
- Create backdoors – make it simple for yourself to get in and out of the machines.
- Cheatsheet – I talked about this in one of my prep blogs but yeah my cheatsheet definitely came in handy.
- Screenshots – I know in the spur of the moment you can forget about screenshots but they are really important for the report.
- This is not a CTF exercise – the idea is to find as many vulnerabilities as you can, just like you would in real life pentest.
- Web App Vulnerabilties – PTP doesn’t go in a lot of details when it comes to Web App so I suggest brushing up on different type of web app vulnerabilities.
- The one you probably have heard the most – Enumerate, Enumerate and Enumerate!
What is next?
So this is the end of the eCPPT journey! It has been really good and I have really enjoyed blogging too!
I haven’t really decided what cert I want to do next. The next few months will be dedicated to family time and therefore I don’t want to dedicate myself to any certificate. A question to all of you guys – what cert do you think I should go for next?
Also I don’t want to stop blogging, so what kind of blogs would you guys be interested in? I am really enjoying spending time on TryHackMe (if you haven’t checked the website out yet, then please do so!). Would you guys be interested in walkthroughs for the TryHackMe rooms? I cant promise how consistent I will be but I will try my best!
That’s all for now, I hope you guys enjoyed the journey and the review. Thank you all for reading my blog too I really appreciate everyone who has followed me from the start.
Its time for a new challenge! 😊