You're not wiping it to prevent forensic recovery though; you're just restoring the previous file system to prevent the auto-execution of something like switchblade or some other malware that may get on the drive during use on an untrusted system.

Post example on the very bottom: http://docs.python.org/library/httplib.html

You can then parse the results and evaluate success based on responses (i.e. finding the string "incorrect" would indicated that the attempted failed, so when you get a response that doesn't contain it, you can assume it succeeded). The number of bytes received could also be reviewed because they may be significantly different between successful and failed login responses.

I was about to give you a hard time for not throwing in some of your custom mixes, but then *BAM*, right at 11 seconds

That's cool stuff. It's unfortunately over my head at the moment, but it's great that you keep putting out stuff like this. I've just caught up on the articles you've put out over the past few months as well. Keep it up dude; it's much appreciated!

At this point, you should be more concerned about protecting the information that's on the phone than finding it.

Was it personal or business? If it's business, you need to escalate the loss to your supervisor/IT department/etc., so they can wipe the device and follow whatever procedures they hopefully have in place.

I'm not sure if you can get your carrier to perform a remote wipe for a personal phone or if there's some other way to get that accomplished. There's probably more personal information on their than you realize, so you should research what your options are and try to protect yourself as much as possible.

Use two thumb drives. Use one as the clean/original copy and the other as the one that is actively used. Boot from a live CD and dd from clean to used after each use.

Don't mix them up.

Alternatively, save the image somewhere else if you want to get by with a single thumb drive.

You can match what you have with the current objectives here: http://www.eccouncil.org/certification/exam_information/ceh_exam_312-50.aspx

I don't know when the last v6 test date is, but I believe you still have about six months to take that exam. v7 just came out.

Also, it looks like they're still referencing older books, practice exams, etc., which were originally v5 materials. The exam itself didn't change much between v5 and v6, so the change to v7 may be relatively minor as well. The major differences were in the courses and official courseware.

Honestly, I find that discouraging. Previous versions seemed to overemphasize tools, and this version does that to an even greater extent?

I'd prefer them to dramatically lessened the quantity of tools and focus on the underlying concepts. I think that would create much more genuinely skilled professionals compared to certifying individuals based on a cursory knowledge of a multitude of tools.


Wow. That's on par with Michael Jordan making a lay-up on a practice court. With the rim at 6'. Congrats!


This is another issue (maybe I'm reading too much into this specific situation, but I know it exists in reality). It seems that the knowledge, skill, and experience of the instructors varies greatly. I know there are some that completely destroy me (to the point where I probably couldn't even make eye contact with them), but at the other extreme, there are others that appear to be completely unqualified. Personally, I've heard of instructor complaints for years. I'd be extremely hesitant to sign up for a course where the actual value is such a crap shoot. Do you have any insight into how they oversee the uniformity of how the course is actually delivered?

I hate to break it to you, but your friends are right.

It's very rare to get a start in security. You'd need to have some exceptional knowledge and skills and/or be very lucky.

If you want to get into network security, it would be best to try to land a job as a junior network admin, possibly in a NOC, and then start taking on more and more security responsibilities (firewalls, IPS, NAC, etc.)

Honestly, you'd probably be selling yourself short by going directly into security. The best security people I know are ones that have worked in the trenches and have a genuine understanding of how things work.

Just put all your vulnerable VMs on a virtual network that isn't connected to anything else (as opposed to bridged, NAT, or host-only).


You need the handshake for WPA, but you can use something like fragmentation or chopchop for WEP.

I recently setup key-based SSH authentication to the management server, so I could then VNC to my VM console and change the boot order, install a new OS, troubleshoot subsequent boot and partitioning problems because I don't really know what I'm doing, etc. *sexy*


The reason I originally got it was because I used to travel a lot, and I wanted to tunnel all my traffic out of hotels, airports, etc. (ssh -D ROCKS). I've recently put a new OS on it and am going to take a shot administering a web server (currently setting up my FreeBSD jails). I also like having full-control of a system out on the internet. It's useful for storing files I want to be accessible anywhere, seeing who's trying to access and how, etc. You can do some of those things with shared hosting or a system at home, but it's just an ideal blend of reliability, accessibility, and management for me.

At the company I previously worked for, one of our customers would have an external penetration test done every month. They alternated between us and another company each month. The customer became LIVID that he could not schedule his tests with us at the drop of a hat and have the results a day or two later. We tried to explain that the manual testing may take a day or two in itself, and then there's the report writing, QA reviews, etc. He responded with, "They can do. Why it can't you?"

I listed mine as: Associate of (ISC)2 (CISSP Application Pending)

Wow, I was apparently on a 4-5 month hiatus (job change and college). Time flies when you're, um, running yourself ragged. I just burned through 32 pages of unread threads (and consumed a proportionate amount of alcohol), and I wanted to tell everyone how thoroughly impressed I am with how much progress everyone has made in that time. The newbies took their training wheels off, and the pros became even more terrifying. Reading through all that was really a unique experience. There was a story-like feel to it, and I was curious to see who did what next.

So the obvious question now is, what next? What are you currently working on, and what are your personal and professional goals for 2011?

Myself, I'm going way back to the beginning. I'm currently studying computer architecture and will then transition into assembly. I feel like I have a respectable amount of knowledge, yet there's this gap where I don't truly understand how things work behind-the-scenes. I obviously understand the theory behind things like buffer overflows, but if I was asked to explain what a specific piece of shellcode did, I'd be like a deer in headlights. I don't have any interest in vulnerability research, exploit development, and so on; it's truly just a case of OCD and not wanting to feel like a script kiddie

Cert-wise, I'll take a stab at the CISM and some yet-to-be-determined SANS/GIAC certs. The GSE is in my sights, but that might slip to 2012 since it's just a ridiculous goal to keep me busy and isn't necessary for anything else I'm doing. I also need to wrap-up the OWSP and OSCP, which I've left untouched for way too long.

While this isn't exactly what you're looking for, check out Plunder from an ex-coworker of mine. I don't know why this guy doesn't promote his stuff more; he does awesome work.

http://josho.org/software/index.html