Yeah that’s a story to tell you know.. when you lose yet you win… story of life 😛
SO let’s get started.. to make it more interesting and to save you time based on your preference to read, I am segregating this blog into three sections, where one talks about the reasons I had not to take the exam, Excuses as they say, second reveals the roller coaster ride I had during the exam and it’s overwhelming result and the last one reveals the big secret of how the failed tag got me a prize. So let’s dig in:
Excuses, Excuses, nothing but big fat Excuses..
See I didn’t get much time to prepare for my exam because of my ongoing engagements you know (Yeah! I have a job that pays the bill :D)
So, a day before the actual exam, I created my own lab and thought “I have one more day to prepare” but naive me, I didn’t notice the time zone that PtAcademy provided me which resulted in the amazing kick start of the exam as I woke up at 7:00 in the morning, checked my phone (old habits ;)) and laid my eyes on the mail that somehow showed that my exam is about to begin in half an hour. What!! Yeah I am sleeping, checked again and I realised what a smart ass I am.
That mail sucked the fun of taking the exam out of me and I gave up before I began. See, I know I am considerably awesome in attacking side (kidding but yeah I already cleared few certs like OSCE,OSCP,CRTE,CRTP,CREST CRT,CPSA,SLAE etc..), but I was well-aware of the defensive side also. Since I knew I am not that good at patching, I wasn’t confident on that part of exam. So I had this feeling in my mind that this might be the exam that would make me experience the taste of failure..yeah li’l ironic but Defense could lead to failure for me.
The course content or the lab also doesn’t help much training us on the defence side. Then again, when you take an exam with that mind-set you end up not reading the instructions carefully, at least that’s what happened to me.
LOL .. these were my excuses.. Forget about them for a while and move for the exam part…shall we?
TRUTH — I FAILED, yeah for the first time, I FAILED…
Even after all those fuck-ups, I was really excited for the exam and knew that this could be the most challenging and exciting exam I have ever attempted. I cannot go into so much detail (for obvious reasons) therefore I will keep it high level.
The passing criteria is to hack 5/5 machines and patch all the misconfigurations with proper detailed report of both the phases. You can not skip defending side of it and why I say so, you will know it at the end of this post.
The Attack Phase —
To be honest, this was not easy for me. I feel 50% of the attack phase is really difficult and challenging. Once you own 50% of the machines then probably you can own it all but again this may vary from person to person. If you have done the labs properly then there is a good chance of nailing the attack phase. I owned all 5/5 machines in the attack phase. I documented about all the steps that I performed in order to get the trophies.
The Defense Phase-
I learned a lot of things while patching. Now I have complete idea about how I can create my own lab with those misconfigurations and patch them. This is the most interesting part of this exam and I really appreciate pentester academy for this idea. Although I patched all of the attack path that I took (I tried my best to) and fixed the issues which I later checked and confirmed.
The reason why I failed is I didn’t achieve code execution on a machine using the intended way and therefore I didn’t patch it. I accessed that machine over RDP using the credentials so I didn’t think if it needed patching since I already disabled the RDP from group policy. Yeah that’s the reason I said you can’t skip the defending side.
PentesterAcademy made it very clear in their mails that there are certain objectives that needs to be completed. One of which was patching code execution on this machine so it was my fault that I overlooked this point. Yeah I failed because I overlooked this part, fuck-ups you do at times :p So that’s for the exam part, let’s go to the twisted part 😀
How I won an expensive brand new TV by failing the exam …?
The big revelation is not so big, there is one of my friends, when I told her about the exam and the probability of passing this one is not quite high in my head, she thought I am just being a girl looking for validation and some praises around like how awesome am I and how I can conquer the entire world, you know how girls are :D, so she took the efforts to convince me that how it’s all a big lie and I am crack the exam easily and when nothing worked, we placed a bet on the results. It was quite funny to see how confident She was that I will nail this one also (which sounded stupid to me), I knew the reality, tried stopping her but girls you know..they never listen. So the deal was on! which was-
If I win, she will gift me an Iphone 11 pro Max (yeah we went big on this one) and If she wins, I will buy her one thing she asks for.(I am sure she wanted me to buy a cruise for her.. lol)
It was a deal of lifetime, go big or go home kind of.
After the exam, we were excited for the result, she more for her gift, I to see if I’ve made it.
Now since I failed in the defense part of the exam but still behaved fair and did all that I could to pass the exam therefore I won the bet. (Verdict is out)
So do I own an iPhone 11 Pro Max, Nope! I passed on it. Now you’d ask if I am an idiot, which I am 😛
Why I didn’t get the iPhone 11 pro max …?
See the thing is, I don’t like iPhones and I would never want to invest that much money into just a phone so I made her purchase a Brand TV for my family. lol ..
I insisted my friend to contribute the 50% amount of the purchase and after an hour long discussion that included much pledging and requesting, she finally agreed.
Morale: place a bet on your exam, that way, you’ll never lose 😀
PS: I have paid full for the Tab which is for my father ❤
I totally recommend GCB Lab for an intermediate AD pentester or a red teamer and trust me the certification and lab is totally worth every penny. Also, I highly recommend to buy 3 months of lab access as the lab is more difficult than the exam itself. If Pentesteracademy hasn’t been supportive to me while the complete journey then probably I would not have completed the lab in time. So much thanks to the support team for giving hints and verifying my paths.
If you are beginner in Active Directory then go for CRTP then CRTE and at last try GCB because even CRTE is not even close to GCB lab.
I hope this helps the people to understand the importance of both attacking and defending part of the exam and why they can’t ignore any of it. Enjoy learning.
How I failed in GCB exam yet won a Brand new expensive Sony TV. was originally published in InfoSec Write-ups on Medium, where people are continuing the conversation by highlighting and responding to this story.