Try Harder. No, harder! Keep going… TRY HARDER!

Try Harder! It sounds like an annoying catch phrase, doesn’t it. I thought the same, when I started PWK in January.

I thought that you do, or you do not. There is no try.

Well, having now completed my OSCP exam and lab report and having been granted the OSCP certification, I now know there is no do – there is only TRY HARDER!

“Try Harder” is a hard concept to explain. It’s probably even a very individual concept to each person who does the certification – but I know for certain that the PWK labs and the OSCP certification exam challenged me more in a short period of time than just about anything else in my professional career!

I’ve done some challenging things as a developer. Designing a secure solution for single sign on from a custom mobile application into another custom application was challenging. Designing a protocol to allow a staff member to emulate student access to a major system in an afternoon was challenging. But, these were challenging in a different way. At 3pm in the afternoon after documenting the protocol for HMAC data validation in a custom mobile application, if I get tired, and assuming I have managed my time correctly, I can task-switch to something else for the rest of the day to give the grey matter a break.

That’s challenging. Putting yourself in the mindset of an attacker for hours on end, considering what they could see on the wire, what the protocols in use are, what known weaknesses the protocols have and how they can be mitigated – that’s all pretty challenging stuff. It’s also a place I thrive in!

Then 5pm comes along – and off to the pub you go. It simmers in the back of your mind over the weekend, but not much more thought is given than that.

But PWK and the OSCP exam take the concept of challenging to a whole other level. 24 hour exam. 5 hosts. 70 points required. Metasploit on one host only. No commercial tools. But, then it’s not over. Not by a long shot. You then have 24 hours to prepare and submit your lab & exam report. This in itself is a tough challenge, and if you’re also submitting your 10 lab hosts you’d better make sure they’re finished BEFORE you need to document your 5 lab hosts!

The OSCP exam itself isn’t just a penetration testing challenge, it’s a test of your stamina. It’s a test of your preparation. It’s a test of your time management skills.

It is a test of YOU.

It gets tough.

It gets really tough.

But, if your preparation is right, if your skills are on, and if the luck is with you – it all falls into place.

But. Here’s the thing. It only falls into place if you…


It’s kind of intangible. It’s hard to explain.

If you’re considering doing PWK, you’ll just have to jump in and find out for yourself.




NullByte CTF – Walk Through

This is a writeup of the NullByte CTF challenge which can be found on VulnHub.

I really wasn’t sure what to do next after the last challenge, but this one looked as good as any!

I ultimately headed down the slightly wrong path at the end here, but I learned a lesson from that in itself. Also I learned about manual, blind SQL Injection rather than using SQLMap to do all the dirty work, so that was nice.

Continue reading NullByte CTF – Walk Through