The Corrosive One

After 3 long months of studying, on top of my school work for my actual college classes I took my oswp exam on Oct 1, 2011. I had to wait a couple of days, I had been worried that I wouldn’t pass even though I managed to crack every access point. On Oct 3, 2011 I received my confirmation email stating that I had passed my OSWP exam!

So here is my little review of what is was like and what I though of the whole course.

Registration to actually take the class was interesting, you had to register with a non-free domain, in other words it had to be an email address that was alloted from a .gov, .edu, etc. This way they could ensure they knew that I was the person I said I was before they handed over the keys to the castle pre-say.

I hadn’t started college when I joined up but luckly had been issued my email account already and was able to complete my registration.

I was emailed a time expiring link, this link gave me 24 hours to download my lab videos and .pdf lab guide, If I didn’t download them in the time allotted they would be deleted and I would have to pay a fee to receive my material. The reasoning for this is that all of the course ware has your name, address, email, and your assigned id for example OS-xxxx os.

The PDF is very extensive but I had issues reading it on the computer, just due to the fact that I didn’t want to be bound to a PC to study, I spend about $48 to have fed ex office print the manual into a binder.

The first few chapters teach you the basics, not stuff that is on the exam but information on how the technology and security methods work. The course is around 802.11x in other words it based on wifi hence the name of the course WiFu. Unfortunately you do not learn about other devices in the 2.4GHz spectrum like cameras or Bluetooth but the course is still very useful and in-depth.

You have to do you own lab work which means you’ll need to have a wireless router that you can use on the exam as well as a wireless card that can do packet injection, they lab guide does give you a nice list of compatible devices.

I did my studies on an Asus eee 1005HA on a custom linux distro I built called Corrosive Linux. That may have been a mistake to an extnet, you see the exam is on Back|Track 3 and I was using a linux distro, it did have the same tools but some of the commands did vary a bit from the exam. Alot of people have a problem with the fact that Back|Track 3 is used on the exam but the fact is when your working on the wireless portion of Back|Track the tool set remains the same in version 4 and 5 so using the newer distro just means you’re bogging down your system or you’ll have to use a live dvd vs a cd to carry tools you don’t know how to use.

The exam as its listed is a [challenge], I didn’t really think much of it going it, I had done basic pentests on my network before I it wasn’t the first time I had broken into a wep or wpa network. But my god, it was exactly as stated, a challenge.

To do your exam you connect to your exam pc over an ssh connection, you can do this over windows or mac but I do not recommend it, the fact is you had to practice on linux, you should do the exam on linux. I personally dual booted my windows 7 box with ubuntu just so I had a real linux terminal to work from, if you don’t know how to use ssh you should look up a quick tutorial because you’ll need to in order to pass. I was able to open 4 instances via ssh so you have 4 terminals that you can work from, This is more than enough, I tend to use 3 on average.

1 terminal for airodump, 1 terminal for aireplay, packetforage, etc and 1 terminal for aircrack and removing old captures, dumps, etc… The 3rd terminal is my multi-function one if you will.. I use it for everything else.

You are given 4 hours to complete your exam, I thought I could do it in an hour and a half because others have said they did it in that time frame.. I ran right up to the mark and spent the full 4 hours the exam.

All in all the exam is very good and was alot of fun, I had never enjoyed something while being so stressed out.

During the exam you’ll have 2 or 3 cards to work with, I would recommend you know how to use them both, this way you can multi-task or you can inject with one card and monitor with another, this is what I did during my exam although I don’t want to give out too many details.

You should know everything they teach you the videos, wireshark and viewing packet dumps is important but you can pass without it. you’ll have to break into 3 networks all with different configurations and you’ll have to email a report of what you did to get your end result. Sometimes an attack does not work as planned, in that case you may have to try a different attack, that is one difference between learning from a youtube and being a certified professional, you learn to adapt and if one thing doesn’t work than doing another might.

The difference between offensive security certifications and ALL other certifications is that enstead of a short response and 500 multiple choice questions you have to actually perform and do it hands on… This is a pass/fail exam you either get 100% or 0%

I wish the best of luck to anyone who goes for this certification, you will not regret it.