Thoughts on sitting ejpt certification

Although at the time of sitting the certification I had been working as a junior penetration tester for over a year, my company asked me to sit it as a stepping stone for other certifications. The certification is good for obtaining a foundational level of of knowledge for performing certain tasks relevant to internal and external penetration tests. However the aspect of it being a entry-level “Gateway” into the security industry rings true. For anyone looking to obtain this certification who has prior experience with penetration testing or even performing in CTFs 2 weeks of an hour a night will be able to allow you to obtain this certification.

Even though I already had prior experience before going in, I mainly used the exam and research prior to solidify some concepts that were yet to come up much in my day to day life.

Pivoting

As someone who doesn’t like to sit through video based learning materials, my goal was to take the titles of the different sections provided list them out and assess, based on titles alone, different areas for improvement. To clarify, Networking moved straight to the bottom of the list being one of my most developed skill sets. Within this list of titles was “Pivoting”.

Throughout researching the exam and finding other peoples opinions on it (not that it mattered had to sit it anyway) a number of people were referencing the necessity of commands pertaining to pivoting. The being leveraging the compromise of one host to gain access/enumerate others. Proxychains was useful for me hear, once setting up an autoroute using a meterpreter session.

So anyway, the necessity of fundamental knowledge. While I was sat in the exam cursing myself for being an idiot as I couldnt get an nmap scan to work through this tunnel that I had set up with proxychains i sat head in hands believing myself to be well fucked. Now there a core “philosophy” that has followed me through my career, it’s something I think to myself at least once a day. “If you’re ever stuck, it usually means you’re either being stupid and need a break, so go make a coffee, or you simply don’t know something and you need to obtain more information.” I might write a seperate blog post about the process of finding out what information you need to obtain when you don’t know something as it quite pertenant to myself as someone who is self taught on alot of things. So I’m just being stupid go make a coffee come back and check for typos in my commands.

After a further 5-10 minutes of checking i sit and think “pfffff how does proxychains actually work?”. Just came down to one of those things id used in the past but never actually really looked into the name it self seemed to explain everything I needed to know, proxychains. Well a further 5-10 minutes of googling led me to my old friend the OSI model. Nmaps default scan is -sS a SYN Scan. It requires one thing raw socket access to the network stack which proxychains can’t handle. You need to run a connect scan -sT while also disabling ping -Pn to get the scan to work over proxy chains. Cause the connect scan uses the normal system call connect() so proxychains is like sure while handle those requests for you, its why it also doesn’t handle pings.

After this scanned what i needed to and moved on.

Conclusion

So what is the purpose of writing this? The EJPT exam is easy “Don’t Panic” its fine, if in doubt brute force it. Secondly and mainly in a field that will almost seem to ridicule you or punish you for not knowing something I’m here to say it’s fine calm down. Put your ego aside accept you don’t know something and learn something. we’re only human i suppose.