I have to admit that doesn’t matter how much experience you have with penetration testing, the exam is challenging because the attack surface is big: 65535 ports x 2 protocols x 4 machines = 524,280 ports.
In the fifth machine, you know beforehand which is the vulnerable port and you just have to develop a tailored exploit.
As 24 hours past fast, the best advice I could give you, apart of studying all awesome training material, pwn as many machines you can in the labs (at least have presence in all subnets!), is put a countdown for each machine just as chess players do. So you don’t get mad wasting all your time with the first and hardest machine, but you are rotating machines every hour or 1.5 hours.
I was not able to get some sleep until I finished, but it is very appropriate to get some fresh air at least, every 4 or 5 hours and do some power naps, so you don’t burnout and your mind remains focused.
Overall, very worth experience!! It really opens your mind in terms of trying harder and finding crazy exploitation vectors in difficult environments.
We are sorry that this post was not useful for you!
Let us improve this post!
Tell us how we can improve this post?