The costs vary very much from what I know, depending where you take it. If you are still at school or university you may ask one of the uppers if you can make it through your school (you can also ask your company, often they are glad to see that their employes want to improve theirselfs and pay you for it).

Good luck ethicalhack3r

Heh, that's right.
I already started a writing how a true scenario could have looked like to get those credentials from someone and at the end I wanted to write something like "But as the account seemed to be none existing anymore I just reregistered it and all the previous explained stuff was not necessary".

 

I have so far done 1-3 and currently working on 4. So far all where not that hard and where easy to pass if you have studied the course material well. Read the questions carefully.

Good luck, looking forward to hear about your results.

I succeeded in terms of getting your credentials for your Kvntu10@yahoo.com account. Maybe you send me from somewhere else an email to this account and as proof I copy it 1:1 into here.

What do you think about it, Kev?

Ports and Services are not the same, no. Although many services are applied to certain ports (e.g. FTP often uses port 21), it is possible to let a service run on different ports too. So just because port 21 is open on a machine it does not mean for sure that a ftp server is running.
Also often malware etc. uses ports which are used usually by different services.

A good scanning software which you may test too is nmap which can be found at http://nmap.org/

Just because you found an open port it does not mean that you can automatically exploit it. When you know a certain service/ software running on a machine and can't write your exploits by yourself then just search on google or other sites for already existing exploits. There are already thousands available

When you want to learn about SQL more, why not search about it? I searched only one minute and found already plenty of very useful information. Also on this (and other) subjects are many many books available which will teach you.

I don't see the point in using just one particular (OS X) operating system for penetration testing (and in general). It depends on the target/ assessment and sometimes what the client wants.
For example, if I have to reverse engineer something, I surely will use mostly Windows as for this platform most (and in my opinion the best) debuggers and disassemblers are available. I like linux too and use it often, but only to use it for everything just because I like it, would be stupid.
Limit oneself to only one operating system will not only limit your knowledge too but also the results you may got.

Can't add much to Hayabusa0194's post, as it is quite detailed to point you in the right direction.
Maybe just downloading some EH CDs you found somewhere on the net is not the best solution to learn something, maybe you should invest some money in real courses or even books (although there are many resources available for free too).

In my opinion it is not possible to be in the it-field without being good at English, as English is used everywhere on the computer, also most resources are available in English. Maybe you can visit an English-course in your country..this would surely help you and improve your skills.

As reading some of your posts I would also recommend you to get some steps back to the basics as it seems you are lacking the needed knowledge. When you are then comfortable with them it will also be easier for you to understand and succeed in advanced topics in the field of penetration testing.

I am quite sure that nobody will write you emails and give you instructions as this is not something you can apply to every target you are assessing. It really depends on so many things which have to be considered.
Of course people can help you if you have specific questions or don't understand something in praticular but it is very important that you start to research by yourself.

A very good start to work on is - as Hayabusa0194 and others already wrote - build up your own lab for testing purposes. This will let you at least at the beginning help very much to gain more experience. I would recommend a mixture of real hardware machines (consider to buy a KVM for saving energy and space) and virtual machines. You can find on this many tutorials on the net (even here on EH when you search), books etc.

I can affirm this. I think it is really important to know yourself, your goals and desires, your skills etc. - Often people think about this but to actually write it down and think even more about it is very important for ones softskills. Often things will come different than you expect and may change everything, but it is very important to know yourself. This definitely helps.

What do you like more - programming or security?

When you go for something it doesn't mean that you won't be able to do the other. Often one involves the other or is somehow related to each.
Doing a degree is surely helpful and will help you in learning many new things, but as already said by others, it is not necessary. You can apply for a job even without a degree and get it when you know your stuff. Often companys prefer someone with experience rather than only a degree but no or little practical experience.
I won't study only because you think that you need a degree for something. Neither I would to it because of money. The aim to study at a university should be something different.

Whatever you do, you have to decide it by yourself.

Is that really so? I don't agree with this fully. Although mostly everyone from us has some data which are private (nothing in particular, maybe family photos etc.) I don't like the idea that someone uses my network for whatever without my knowledge and admission to do so.
People who think that nothing will happen to them, e.g. by thinking nobody would hack their network or that they in particular will be the victim of such an attack, are somehow ignorant (I don't mean you with this). I have often heard people saying that they will surely not become the target of such an attack, but the truth is, that most (non professional) attacks are launched randomly and everybody could be by accident become a target.
Depending on your country it also may become a legal problem when someone is using your network - but not for the attacker but for the victim. In Europe several cases occured where someone broke into someone elses wireless network, downloaded some porns or did some illegal action, and afterwards, the person owning the network was sentenced guilty because it was his/ her computer/ network/ infrastructe which were used and his/ her fault, because they did not secure it properly. If they where just sloppy or lacking the technical knowledge doesn't matter.

So I think it is a good idea for securing a network as good as possible, also if there is no 'danger' (I am not considering things like putting up a honeypot or similar as the average person may not be interested in this).

The tips given by Hayabusa0194 and don should be read by you closely.

As you wrote about "real access" maybe the FTP is not the best contact point, but it could give you more information to work on. Often people use their credentials for different services, websites etc. and onced found out, you can often use it for gathering more information.

What other services have you discovered? As of your writing I assume that this is a Blackboxtest (no knowledge about the infratsructure etc.)?

You could look for existing exploits for the ftp server running on the target machine or if you know howto write your own. Often there are exploits easily available for certain programs which will save you time in your task.

If you can't go any further with your bruted ftp account I would recommend to go back and start the process from the beginning (or at least from the information you have gathered so far, e.g. running services, open ports, etc.). Maybe there are some other vulnerable services you could exploit for gaining access.

Is Social Engineering by your 'friend' also allowed? If so, try this out too if you have the ability to talk good to people. Often you get much information just by asking (or pretending). This part of a penetration test is definetily often underestimated.

Do you already know which service packs are included on the target? Maybe it i not up-to-date (check if possible for its uptime and search if there where any critical updates between the time it is running and now).

There are really many ways to penetrate into a machine, but it is important to know the basics (which in my opinion you are somehow lacking; don't take it offensive). If you are really interested in this subject go read some books and make some research. In the forums you will find many recommendations from the pros, so use them.

What do you mean by 'did it wrong'? What was your goal?
If it was just to test some bruteforce techniques..well, then you suceeded, right?

I would recommend (if possible) to copy your important data on an external hdd, using for example the LiveCD Knoppix, and re-install your system.

Well, where's then the problem? If you have all necessary data you need, why not reinstalling?
If you don't know what you have done in order to cause this problem it will somehow hard to redo the steps in order to make it working again.

Finally I had time too to view both of your videos - I really liked them and appreciate the work you put in. I think mainly for newcomers this is really helpful and shows on the technical side how a penetration could be done.

Thanks.


Why not? Are certifications, publications etc. are not some sort of someone's qualifications?


I am still not sure yet.


I am not sure if I understood you correctly, jason. You mean when only working with a pseudonick people would be treated more seriously?

Another thing I am thinking about, is, if a forum or board would be appreciated by the audience too. I like some blogs but too often people only care about them when they start blogging and do no more updates as time come. A forum has some advantages I think but I am not sure if this is something a personal site should have.

I also thought about a section where I test various software in an extensive way and publish my results and recommendations. Would such things be of concern or a 'waste' of time because such things already exists widely?

Well, i think it is a good thing. Maybe not really necessary for someone who is doing computerstuff on a regular basis and interested in it-sec but for people who are not very familiar with computers it may reduce the possibility of getting hacked.