OSWE is an advanced web application security certification exam, you have to take the AWAE course which contains live labs for testing and learning and a lot of modules. The exam is designed for advanced information system auditors and pen-testers.

The exam lasts for 48 Hours.

The goal of the exam is to find 4 vulnerabilities in 2 targets, authentication bypass in each target, and two remote code execution(RCE) vulnerabilities in both targets.

Authentication bypass: 35 marks.

Remote code execution (RCE): 15 marks.

In a total of 100 marks, there are 4 flags, one for each vulnerability. The targets are running locally on offsec private network, To pass the exam you must collect at least 85 marks.

 

the course focused on WhiteBox attacks, which are code reviews.

So before starting with the course you should work on your code review experience especially in these languages: Java, asp.net, PHP, Node.js.

And the course will cover a lot of vulnerabilities such as XSS, CSRF, Session Hijacking, Blind SQL Injection, Path Traversal, Type Juggling, Insecure Deserialization, Arbitrary File Upload, and more.

In the exam, it’s your choice about how to spend your 48 hours,

when the exam starts you will be supervised for the next 48 hours via webcam and screen share, and at the start, the supervisor will ask you to show him the room and even what’s inside your table if you wanted a break you should ask him.

And the supervisor will ask you to show him your passport so they can verify your ID.

 

It’s forbidden to use any mass scanners tools and mass exploiters such as SQLMAP, when you find the vulnerability you must write a single script to exploit both vulnerabilities in each target.

After finishing the exam you have 24 hours to write a professional report with screenshots and proof of concept scripts, and how did you found the vulnerability step by step.

And again, you should be wise about how to spend your time,  spend every hour wisely.


I passed the exam from my second attempt, In my first attempt I found 2 flags in the first target authentication bypass and remote code execution which it guarantees for me 50 marks now I just need more 35, which it means more authentication bypass, I finished the first target after 30 hours, and started in the second target next.

I was so tired 30 hours without sleep and I was nervous and afraid of failing.

And I just found out that always the second target is the harder one it was so complicated and a lot of code needs to be reviewed and a lot of files, many gray-box tests need to be done.

I started to find the right track for the authentication bypass in the second target but it’s already 42 hours passed now and 6 hours left for me, I did not sleep only 3 hours and it was a disaster.

I’m trying and trying, and the time is ticking, and my supervisor told me it’s only 1 hour left for me and the exam will end.

Honestly, I started to give up, It was impossible to finish, I’m running out of time, and the time is up they finally ended the exam, so I decided to write the report, and I wrote the report, and send it then I just slept for 15 hours xD I have to get my life back on track, It was more than 48 hours of hard working, the real hard working !!

 

After two days I got the sad answer from Offsec saying, unfortunately, I did not pass the exam and I have to retake the exam…

I took the retake and the exam scheduled after 45 days, And I decided to study hard this time, and TRY HARDER.

Finally the exam day, 8/8/2020 at 13:00 PM the exam started and the same steps, but this time there was no chance for failure or mistakes so I started and I solved the first target after only 6 hours and all the time was left for me to work on the second target, So I did everything I could, with no sleep and no rest after 8 hours around 2 or 3 AM I collected 4 flags which it means 100/100 if I made a professional report and I chose to end the exam now so I can start writing the report and I did finish the exam before even 24 hours and I wrote the report.

And after 2 days of submitting the report, I got the answer from offsec and I was passed the exam successfully.

 

I was so happy that I passed the exam after all these efforts and time.

 

Okey things you should know for the exam, and some advice:

  1. Prepare good for the exam, read more, and solve some boxes.
  2. Do not rely on the course materials and labs only.. the exam will be sort of different.
  3. Don’t waste time in the exam even if you solved the first target, The second target might destroy you.
  4. Trust yourself and don’t be nervous and remember there’s a second try so it’s not the end of the world.
  5. The targets on the second try will be different from the first try so don’t think in this way.
  6. Take screenshots while you’re in the exam, make sure of that, and write the report if you can.
  7. Try to make a single exploit script for both vulnerabilities for each target.
  8. While you’re reviewing the code, Write notes write everything you think about.
  9. Use a tool for notes such as Cherry tree and another tool for programmings like visual code or sublime.
  10. Prepare yourself for 48 hours of hard work and suffering, and remember no one can help you, You’re on your own while in the exam.

In the end, I’m gonna add one more thing which it’s the secret of passing the OSWE .. TRY HARDER

Alaa Abdulridha on EmailAlaa Abdulridha on FacebookAlaa Abdulridha on GithubAlaa Abdulridha on InstagramAlaa Abdulridha on LinkedinAlaa Abdulridha on Twitter
Alaa Abdulridha
My name is Alaa Abdulridha I'm a computer engineering student and cybersecurity researcher I'm interested in web application pen-testing and game development, also I'm interested in some bug bounty programs, I like a lot of things such as reverse engineering, reading the others code to learn and then to find my own exploits and teaching it to you, Do you want to know more about me? Click Here.