Several days ago, I passed CompTIA Security+ exam and got my certification, then I planned the next one. At that time, I initially planned to register OSCP/PWK, but I know it would be a long journey, therefore I still need a confidence boost to start my OSCP/PWK journey. And I am also interested in Wireless hacking, so I registered OSWP/Wifu course.
It takes me a week to pass the OSWP exam, yes typically we don’t need long time to go through Wifu course and pass the OSWP exam. The exam is very straightforward and fun, you can definitely pass it after going through the textbook and videos. The Wifu course focuses mostly on WEP cracking, and WPA/WPA2 cracking. Because WEP networks are very few in real life, in some ways the content of the course is outdated, but I still recommend OSWP/Wifu. It is very interesting and present us with deep look at of wireless network. And just as I said earlier, passing OSWP exam will give you a boost on your confidence for you to prepare for OSCP and other certification exam.
You can find plenty of information about OSWP on Offensive-Security’s website (https://www.offensive-security.com/wifu-oswp/), I prefer to share some my personel suggestions and reviews on it.
You need to buy hardware for yourself to study the course. And I need to admit that I did not use offical recommended hardware (Wireless Network Card and Router), and I encountered some issues when launching any type of WEP cracking, yes the first time I successfully crack a WEP network was in my exam:) But I did not have any issue when it came to WPA/WPA2 cracking. Therefore, please just follow offical recommendation.
Offensive-Security’s Recommended Wireless Network Routers
- D-Link DIR-601
- Netgear WNR1000v2
Offensive-Security’s Recommended Wireless Cards
- Netgear WN111v2 USB
- ALFA Networks AWUS036H USB 500mW
The exam is very straightforward, being familiar with all types of attack is enough. Here is my note for my exam:(https://github.com/ziyishen97/OSWP-Notes/blob/main/OSWP%20Note.md).
I was nervous when I started my first stage. It was a WEP network, because I chose wrong hardwares, I did not successfully conduct any WEP cracking before the exam, but I must crack the key of the WEP network or I would fail the exam. But because I understand the mechanism and theory of any types of WEP cracking, after 30 minutes, I successfully cracked the first WEP network. It boosted my confidence signifficantly. The second stage was also a WEP network, but it required a different sub-type of attacking approach (I am sorry that I could not share further details about it). And the last stage was a WPA/WPA2 network, it was pretty easy to crack its key. After that, I completed my exam report and submitted it. Here are more details about the timeline of my exam.
The timeline of my exam
30 minutes: Cracked the first key
70 minutes: Cracked all the keys
110 minutes: Completed my exam report and submitted it
24 hours: I was informed that I passed the exam and got my certification.
During the exam, it was not quite smoothly when cracking the network and I need to troubleshooting. For example, when cracking the first stage, I failed to conduct Attack A against the WEP network, therefore I switched to another attack approach which was also described in the textbook and it succeeded. When cracking stage 2, I used a command with standard parameters and flags, and it failed, therefore I used another set up of parameters and flags described in the textbook and it succeeded. When cracking stage 3, though the steps were quite simple, I still had issues. I did not change anything but to wait for more time, and it succeeded. In summary, there was no tricks actually in the exam.
1: Very important! Write exam report while you are launching the attack instead of after cracking.
2: Be patient, and switch to another attacking approach flexibly.
3: Have a cheatsheet before the exam (My cheatsheet already has all the commands you will need)
4: I recommend you to use Bitvise (https://www.bitvise.com/ssh-client-download) to open multiple terminals during the exam. Screen is also okay.
5: Note all the info about networks and devices you need in the exam. Such as ESSID of the AP, MAC address of your own monitor, AP, and victim client, etc.
Finally, let me list the advantages/disadvantages of OSWP
1: Short period of learning and preparation for the exam, typically 2 weeks.
2: Not expensive register fee.
3: Boost your confidence before registering OSCP.
4. Enhance your understanding of wireless security and it is very fun!
1: Difficult to bypass HR
2: A little outdated (It will be better if having WPA3 vulnerabilities described in the textbook, containing WPA/WPA2 enterprise network, and further actions after cracking the key such as sensitive info gathering, etc.)
3: You need to buy your own hardwares
Thank you for reading my experience and review on OSWP/Wifu.