Yeah! I did, I never thought I would be at this point with the exam having only failed one exam ever in my life before this (way back in 2006). It was an experience for me and to be honest every time I have failed, I have learnt something new. In the meantime, I have been learning the Perl Dancer2 web development framework. Its been interesting and sometimes, it does seem like a win when I get the code to do exactly what I wanted. Seeing especially as I need these wins. This writeup is mainly going to be about my journey so far from failing my last OSCP attempt to my foray with the Perl dancer2 framework.

As with any other programming language, I started with the basics. The MVC concept was the first thing I had to get familiar with. Using the PForum tutorial I was able to learn how to create static and dynamic webpages and link them to templates. I was also able to create and link the webapp with a MYSQL database. I had to enable root access and create a new “MySQL” user before I was able to do this. Next was insert and update records on in the database in order to allow form user account creation, management and authentication. This I was able to do using the DBIx module on the Perl dancer2 framework. It was easier than it looked initially. The hard part was configuring the session management. At first, I tried to make use of the “hook” command, but it wasn’t working like I wanted it to. At the end of the day, I had to make do with a simple “IF” clause.

In between learning web development with dancer, I managed to go back to what I like doing which is cracking boxes. I did a few hard boxes on HTB; Notebook, finished up tentacle and some easy ones just for kicks. Ironic right?! Exam pressure hits different when you are facing OSCP. On the bright side, I secured my CEH master certification.

The next phase is the 2FA authentication interface which is supposed to be a group project. I already have an idea on how I want to implement it and I think I would like to make use of an OTP being sent to the email address on record for that user. This will be slightly different from the tutorial I was give because that made use of a QR code . To be honest, the QR code method is great but I think my method would be more durable. That would be my main goal this week.

At the end of the day, I am still going to try harder and rewrite the OSCP exam in about 6 weeks and then I would reevaluate my planned progress and how far I have come so far. I think I have made great progress especially in turning a hobby into a profession. While I still have a long way to go, this journey has been a great entry point / stepping stone into the professional cyber security world and I have been totally humbled.