|
EH-Net
|
|
May 22, 2013, 10:44:58 AM
|
 Show Posts
|
|
Pages: 1 ... 5 6 [7] 8
|
|
91
|
Ethical Hacking Discussions and Related Certifications / OSCP - Offensive Security Certified Professional / Re: OSCP exam tomorrow (16th)
|
on: July 31, 2012, 11:03:17 PM
|
A few questions to who ever took this course, do they teach you python or C? I am trying to prove my programming skills in Assembly (also memory mapping) + C before entering the OSCP, that actually helped me understanding Buffer Overflow concepts, do you guys have to program or something during the exam?
You're welcome to write code in any language, but for the course, they focus on python and shell scripting. If you prefer perl, ruby, or whatever else, that's fine too. You should know some shell scripting anyway as you'll be interacting with Linux machines, so being able to quickly script something is ideal. |
|
|
|
|
93
|
Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: please shed some light
|
on: July 27, 2012, 02:41:15 PM
|
|
If you need a tutorial for hydra, you don't have to depend on the course material to provide it, just look for it on Google. It's a well known program and there are plenty of tutorials out there. You can even test it on one of your own machines to get familiar with it.
Open ports like ftp don't necessarily mean that there are weak passwords. It could also be a service that's vulnerable to an exploit. If you're looking for usernames, you typically need a list of employee names and you can generate your list of usernames from there.
If you're interested in looking for hidden files or directories on the webserver, you can use dirb and DirBuster. You give them a wordlist and they'll start probing the server and let you know if they find anything. Nikto is another great tool for identifying vulnerabilities and interesting files on a webserver.
|
|
|
|
|
94
|
Resources / Tutorials / Re: DoS Help
|
on: July 26, 2012, 06:50:22 PM
|
<joking> but...  You didn't happen to slip and DoS Google Talk and Twitter this morning, did you?  LOL |
|
|
|
|
98
|
Ethical Hacking Discussions and Related Certifications / OSCP - Offensive Security Certified Professional / Re: OSCP exam tomorrow (16th)
|
on: July 15, 2012, 02:07:34 PM
|
Hey guys, My labtime expires coming Tuesday. But I found out that the 16th is the last day I can schedule my exam, because the Offsec guys will be having vacation starting next week. So I decided to just schedule it and suffer once again. I could have waited another 2 weeks, but it will be right before I start my new job. Also, I don't like doing it during the weekends. So I'll just give it my best shot tomorrow. I penetrated almost the entire student network and some hosts on the other subnets, so I think I'm ready. Unfortunately I lost the notes from about 15-20 machines I rooted during my lab extension. I was stupid enough to not read the exploit code, and it wiped almost all of my files from my virtual machine >_< But that's ok, now for sure I'll never EVER skip reading exploit code. Yeah 91 bytes for a bind shell seems small  And calling a function pointer that points to the shellcode also doesn't seem harmless  Though, now I can laugh about it. Anyway, tomorrow at 4pm my exam will start. I couldn't schedule it to be sooner, but oh well. I expect things to go a lot smoother/faster, but who knows. I'll try to keep you guys up to date during the exam, if time allows it. Good Luck! |
|
|
|
|
101
|
Ethical Hacking Discussions and Related Certifications / OSCP - Offensive Security Certified Professional / Re: Anyone doing PWB / preparing for the OSCP exam?
|
on: July 12, 2012, 11:30:04 AM
|
Hey all,
I'll be starting PWB this weekend or the next and I'm super pumped about it. I'm going to go for 60 days of lab time and really try to nail the test at the end before my next term of classes starts. I'll keep an eye out for everyone on the IRC and be on the forums here frequently I'm sure.
Any advice you can give before I start out or help along the way is greatly appreciated!
P.S. this is my first pentesting course and attempt at any sort of certification.... wish me luck!
Good luck! Tip: Take breaks. Staring at the screen for 3 hours in despair won't help. An hour break will give your brain a chance to rest and you'll have a few moments where the answer will just click |
|
|
|
|
102
|
Resources / Mass Media / Re: Reboot - A Film by Joe Kawasaki
|
on: July 12, 2012, 09:25:27 AM
|
|
Having not paid attention to what's coming out in theatres (with the exception of Dark Knight Rises), this is a welcome surprise. Looking forward to seeing it when it hits the big screens. Looks like it has the potential to actually be a good cyberpunk movie.
|
|
|
|
|
105
|
Ethical Hacking Discussions and Related Certifications / OSCP - Offensive Security Certified Professional / Re: OSCP exam question
|
on: July 10, 2012, 12:59:07 AM
|
i really want to get oscp its much more better than ceh but idk how to get starte and i have a question if this certificate is great, why CEH is more famous? Specially in 3rd world countries.
There's a difference between knowing how something is done, and actually doing it. A lot of certs out there focus on how something is done, and quiz you with a multiple choice exam. Don't know the answer? Guess, maybe you'll get it right. OSCP tests you on your ability to actually understand the concepts, and apply them on real machines. There are no multiple choice questions. You either know how to break into the machine, or you don't. The syllabus on the OSCP tells you what you need to know before you take it. Typically it states that you should have a good understanding of networking. I would also suggest knowing some programming as it will help you focus on the hacking material instead of learning programming as you go along. |
|
|
|
|
Loading...
|
Network Pen Testing : AIX Vulnerability Assessments
