My Offensive Security AWAE Experience

Introduction

How did I find out about the course?

Cybersecurity has always been a passion of mine, ever since I discovered the fascinating world of Kali Linux and hacking during my college years. I was amazed by the possibilities and challenges that hacking offered, and I wanted to learn more. However, there was one problem: the best courses in the field, offered by Offensive Security, were too expensive for me at the time. I had to settle for the free courses that Kali Linux provided, which were helpful, but not enough. They focused more on the tools than on the theory behind the hacking techniques.

Why was I interested in taking it?

I hoped that things would change when I entered university and enrolled in security courses. I expected to gain a deeper understanding of the techniques that I had learned from Kali Linux, and to apply them in practical scenarios. However, I was disappointed. The courses were too theoretical and not very engaging. They did not cover the topics that I was most interested in, such as web application hacking.

It was only when I started working as a freelancer that I realized how much I loved web application hacking. During my final year at university, I got a job as a bug fixer for an e-commerce platform. I had to review the code and fix any errors that I found. However, I soon realized that there were more bugs than I had anticipated, and some of them were very serious. For example, I found a flaw in the checkout process that allowed anyone to bypass the payment and get the products for free. I was shocked by how vulnerable the web application was, and how easy it was to exploit it.

How I finally decided to enroll

This experience made me more curious and motivated to learn more about web application hacking. I wanted to know how to find and prevent these kinds of vulnerabilities, and how to protect the web applications from malicious attacks. I decided to invest more time and money in studying the subject, and I finally had enough savings to enroll in the Offensive Security AWAE course. This course was exactly what I was looking for. It taught me everything I needed to know about web application hacking, from the basics to the advanced techniques. It also gave me the opportunity to practice my skills in a realistic and challenging environment, where I had to hack into various web applications and write detailed reports about my findings.

The course was not easy, but it was worth it. I learned a lot, and I had a lot of fun. I also earned the prestigious Offensive Security Web Expert (OSWE) certification, which proved my competence and credibility in the field. I am very proud of this achievement, and I am glad that I finally fulfilled my dream of becoming a web application hacker. It was a long and exciting journey, and I am looking forward to the next challenges and opportunities that await me in the cybersecurity world.

My AWAE Journey

I enrolled in the AWAE course in late 2020, with a diverse and rich professional background. I had worked as a web developer for two years, and as a Database Administrator for nine months. I had also learned and mastered various programming languages, such as Python, JavaScript, PHP, JAVA, C++, C#, and some Go. I was confident in my coding skills and eager to learn more.

However, 2020 was also a challenging year for me, as it was for many people around the world. The COVID-19 pandemic disrupted the normal course of life and work, and forced me to adapt to a new reality. I was fortunate enough to land a job as a Google Developer Support Engineer, a role that not only tested my technical knowledge, but also my communication and interpersonal skills. I had to provide support and guidance to developers who used Google products and services, and to help them solve their problems and achieve their goals. I also had to actively engage in community outreach, especially on platforms like StackOverflow, where I answered questions and shared my expertise with other developers.

I had to find time and motivation to study and practice the AWAE course material, while also keeping up with the latest trends and developments in the field of web application security.

The Course

What is AWAE?

AWAE stands for Advanced Web Attacks and Exploitation. It is a course that teaches you how to perform white-box hacking, which means you have access to the source code of the target application. This gives you an advantage over black-box hackers, who only rely on external inputs and outputs.

Why AWAE?

AWAE is not just a coding course. It is a course that challenges you to think like a hacker. You will learn how to identify and exploit multiple human errors, such as logic flaws, misconfigurations, and insecure coding practices. You will also learn how to chain these errors together to create a functional exploit that can achieve Remote Code Execution (RCE) - the ultimate hacker goal.

RCE allows you to run arbitrary commands on the target system, giving you full control over it. This can lead to serious consequences, such as data theft, ransomware, or denial-of-service attacks. Therefore, learning how to perform RCE is essential for both offensive and defensive security professionals.

How AWAE works?

AWAE is divided into modules, each covering a different vulnerability category. For example, some of the categories are:

  • SQL Injection
  • Cross-Site Scripting
  • File Inclusion
  • XML External Entity
  • Server-Side Template Injection
  • Deserialization

Within each category, you will encounter multiple exercises, each with a different level of difficulty. You will also have the option to try an extra-mile challenge, which is more complex and requires more creativity. These challenges are designed to prepare you for the final exam, where you will face a two-day solo challenge.

Are you ready for AWAE?

AWAE is not a course for beginners. It requires a solid foundation in web development, programming, and security. You will also need to have a lot of patience, persistence, and curiosity. AWAE is not a course that spoon-feeds you the answers. It is a course that pushes you to the limit and makes you learn by doing. AWAE will not only teach you how to hack, but also how to think like a hacker.

The Exam

Structure

The AWAE exam is not a sprint, but a marathon. It requires stamina, endurance, and perseverance

The AWAE exam will test your skills in two realistic scenarios, where you will have to break into two web applications running on virtual machines. Your goal is to find and capture two flags hidden in each system: one for the user level and one for the root level. But that’s not all. You also have to develop a working exploit that can achieve Remote Code Execution (RCE) on the target system. And you have to document every step of your process in a detailed report, explaining how you discovered, analyzed, and exploited the vulnerabilities. You will have 48 hours to complete the exam, during which you will share your screen(s) with an observer who can help you or give you breaks.

How I Hacked My Way to the OSWE Certification

Me reading some vulnerable code

As I prepared for the ultimate white-box hacking challenge, I adopted a strategic mindset, aware of the importance of time management. The 48-hour exam was like a marathon, not a sprint. I had to pace myself and conserve my energy for the long haul. Therefore, I considered the necessity of resting my weary eyes and taking regular breaks to refresh my mind. I also nourished my body with healthy food, knowing that intense hacking required optimal brain function. In case of hitting a wall, I did not waste time on a single challenge, but moved on to the next one or focused on writing my report. I treated the exam like a puzzle, not a battle. I did not let frustration or anxiety get the best of me, but used logic and creativity to solve the problems. Scheduled breaks and physical movement helped me clear my head and enhance my thought processes. As a result, I was able to complete the exam with confidence and satisfaction.

The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards. - Gene Spafford

This quote sums up the difficulty of the AWAE exam, a 48-hour white-box hacking challenge that requires you to break into two web applications and develop a working exploit. How do you prepare for such a daunting task? Well, here are some personal habits that helped me optimize my productivity and pass the exam with flying colors.

First, I knew myself and my circadian rhythm. I’m not a morning person, so I didn’t force myself to hack at dawn. Instead, I used those hours to write my report, which was less mentally demanding. I saved my peak productivity times for hacking, when I needed to be alert and focused.

Second, I completed the course material and all the extra-mile exercises before the exam. This gave me a solid foundation of knowledge and skills that I could apply to the exam scenarios. For example, one of the extra-mile exercises taught me how to bypass a file upload restriction, which came in handy in the second exam challenge.

Third, I actively participated in the open forum throughout the course. This was a great way to learn from a diverse pool of talented participants, who shared their tips, tricks, and solutions. I also got feedback and support from the instructors and moderators, who were always helpful and encouraging.

These personal habits played a key role in optimizing my productivity and helping me pass the AWAE exam. Of course, I also had some luck and a lot of coffee along the way. But hey, that’s part of the fun of hacking, right?

Results

As soon as I submitted my report, I felt utterly exhausted. I had just completed the AWAE exam, a 48-hour white-box hacking challenge that pushed me to the limit. I finally managed to capture the elusive root flag of the second exercise late on the second day, around dinner time in Spain. I had already written half of my report, documenting the user flag exploits for both exercises. I spent the third day refining my report and improving my exploit. The submission deadline was 24 hours after the scheduled end of the exam, so I had some time to polish my work. The confirmation of passing the exam, and officially attaining the title of Offensive Security Web Expert (OSWE), arrived approximately five days later, bringing me a surge of accomplishment and satisfaction.

2021-01-11