OSWE Tips
Straight to it!
Tips
Labs
Do all the exercises and extra miles
A lot of the extra miles will give you knowledge and practice on how to do stuff once you are at a certain point or situation.
At least 1 week before the exam, you must have already finished lab machines DocEdit and Answers. This will prep you for what the actual exam feels like. You can also try to time yourself to finish it in 48 hrs like a mock/pseudo exam but make sure to physically and mentally recover within the week before your actual exam.
On the last week before the exam, go through your previous machines as you might be so used to other languages and frameworks at the latter part of the course that you already forgot the very first machines you took (i.e. PHP). In my last week, I just went through the videos while making an egrep list on HOW to find those vulnerabilities if present or at least give me an overview of what I'm up against. If the list of commands does not find solid leads, then you could at least consider it a code "recon" script. It will save you time.
Scripts
If you're scripting in Python in the labs or exam, make heavy use of Burp Suite's Copy As Python-Requests plugin especially when time is of the essence. With that said, during the course (AWAE), you will be developing scripts for the lab machines and you may get carried away having so much fun making your script beautiful and awesome that it is so tailored to owning the vulnerabilities in the specific machines. Try not to do that. Make your scripts as generic and modular as possible. You will be thankful later if you face a machine/vulnerability where you can just grab that bit or section of script you previously made and just perform very minimal changes to it to make it work on the current task you are in. You can separate it per individual script or as much as possible per function. What I mean is it would be better if they are separated per script and within that script separated per function. This is where you just change the arguments or global variables (SQLi entry) and the script will easily work for another machine. I learned this the hard way, going back to my scripts since I know some portion of my previous script does something but it was challenging/time-consuming to understand and replicate for the current machine. This was a good lesson for me and I now apply that practice even towards what I think is a very unique or specific situation/vulnerability.
Exam
Sleep
Have a good night sleep before the exam.
For me, I start 10 hrs before I wake up since I get so excited that I won't fall asleep for the first 2 hrs.
Sleep during the exam.
Take AT LEAST 6 hrs of sleep in between and maybe even if you did not pwn the 1st machine on the first day. I had a total of 12 hrs sleep during the 48-hour exam but only 4 hrs after that which made it challenging to put words together when writing the report.
If you pwn the 1st machine on the first day and it is already 2-4 hrs before your sleep time, it would be better just to sleep early as your brain is already full from the first machine and therefore would need to "defrag", de-clutter or refresh your brain for the next machine which is also big and might fill your head more.
Take lots of breaks.
In OSCP I had long breaks for each shell/RCE and a break each time I got root. Here, I had probably 10 breaks in each "first" vulnerability on each machine.
It would be good to take a walk after each vulnerability.
I took walks right after retrieving the flags even before it was fully automated. Then I'd jump back in, automate it then take another break. Keep it fresh.
Keep yourself hydrated.
Going to the toilet also gives you some mini breaks and an opportunity to stretch and get blood flowing.
Proper diet (If this makes you cringe, do it just this once)
- Nuts for snacks!
- Fruits
- No junk food
- Not too much sugar or none at all
- “What you eat–and when you eat–matters for your grey matter.” - Jim kwik
Pace
With all emphasis above on breaks, sleep, and diet, you've probably already figured that this a marathon, not a sprint. This is OSWE, not OSCP. It has to be treated differently. Take your time, you've allotted 3 days in your schedule, right? Pass or fail?
Recovery
With all its possible negative effects on your body such as sleep deprivation and stress, recovery after the exam is a must. Get as much sleep in. You are more prone to getting sick as soon as you step out of your house since your immune system is low. Recover. There might be a pandemic out there.
A little AWAE/OSWE review
I considered code review (web or not) to be one of my weakest areas in cybersecurity. I get intimidated when encountering a lot of code in an engagement which is why I took OSWE first rather than OSEP. As the saying goes, “Turn weakness into your best friend, then make it your b*tch” - Really can’t find who said this. That said, I don’t think this course really made me into an expert(1337 Z3r0 d@y Pwn M@$t3rz) in code review (even in web) but it sure did give me the confidence to tackle what I usually tend to shy away from. Now during an engagement, I ask my teammates to hand me the custom-developed code of the target organization if they found one (commonly happens when the web application backup/archive is saved on the webroot folder i.e. backup.zip, app_name.zip). To add to this, code review projects are now being handed over to me which I never would have thought of 2 years ago.