I’ve been busy lately with new attack tools, hackthebox, practical pen-test and pen-tester academy (Wow whats wrong with me) but I have been working on me OSWP (Offensive Security Wireless Professional)
So without many spoilers I will mention that this test is amazing the course gets really into detail with wireless attacks (outdated, but who cares!!) that still work in our current date since it gets really into detail with wep attacks a few with wpa without counting the new attacks like wps pixie, reaver or KRACK and lets not forget the new recently discovered New attack on WPA/WPA2 using PMKID its keep it in my notes
OSWP is amazing and really get’s into detail I needed this course for a practice that probably might not help with my road to OSCP that I am starting Sep 22 2018 and I am really nervous but yeah back to its (again) oswp is really great explaining wireless attacks into detail and even if its kinda outdated it still applies to recent engagement as you still see people utilizing WEP out in the wild!! When I was learning OSWP I really got into new attacks and found out how easy this was and how WPA even robust still crack-able and now in current times and new attacks it got easier with OSWP that has almost around a 4 hour video course and around 400 pages of PDF file that really gets into details is still amazing I decided to watch everything twice and read the PDF afterwards everyone has a unique method as I planned to take the test 2 week’s after receiving the course.
The exam is pretty straight forward you will receive an Email with a VPN connection and instructions on what AP to attack with a designated word list given by them, you will notice that there are different one’s out in the open DO NOT tempt yourself to attack these AP since it is being closely monitored and if they see that you are attacking anything other than the Exam’s AP you will be disconnected and terminated with no chances to retake the test again, you will want to avoid that there is usually 3 AP that you will need to attack using your skills acquired in the course there is nothing that you need to use extra even if you know that you can attack the AP in a different way just do it the way they teach you so they know you get it ha ha… then after that there is the Report I am not good with reports and always forget to take notes even on HTB but in this one you will get a Report-Example where you can easily describe how you attacked the AP with designated screenshots and proof of the Key from the AP.
After a the most craziest 20 min of my life I got really nervous starting the exam I blanked out and forgot everything I just learned!!. Even with all the practice I did and this is a 3 hours and 45 minutes test My first wep attack was unsuccessful and had no idea what I was doing the second one was really easy that got my confidence back up and I tried the first one again still with no success so I decided to attack the last one and BAM!! 5 minutes I got the key so I was like damn!!! I was confident I was gonna pass since I still had 1 hour and 25 minutes left so I went back at it and looked at my cheat sheet then 5 minutes later and 35,000 IVS I finally received a key wrote done the report with its designated Screenshots and Keys waited 3 days and Finally received that amazing Email that got me smiling
Well all I have left to say is that it was amazing really straightforward and detailed in every way it is the basic in wireless pen-testing to get you into more interested and have more research in this field don’t be afraid and go for it even though its one of there cheapest and easiest but you need a boost of confidence for OSCP this is really recommended and go for it until next time!!!