Regarding the layout, it is possible to get a wider view if you access the forums directly:

ethicalhacker.net/forum/index.php

A new Holiday challenge by Ed Skoudis & Tim Medin called A Miser Brothers Weather Control System Challenge has just been released over on: http://pen-testing.sans.org/holiday-challenge/2012 

I just noticed in your first post that you had a capital X which won't change it, but your last post has a lowercase x. Just interested to know, do you still get that problem if use a lowercase x?

Thanks for the clarification and the link.

Have you tried it without the sudo su step?

Just for clarification, which level of CHECK status is being discussed?

Where the difficulty of exams has been referred to, are they for the CREST/Tiger Scheme exams for CHECK Team Member status or the ones for CHECK Team Leader status?

Thanks for sharing these so quickly. 

If you haven't seen it already the post below is worth a read:

https://community.rapid7.com/community/metasploit/blog/2012/11/08/abusing-windows-remote-management-winrm-with-metasploit

Totally agree with this, I enjoyed the Webcast tonight. I'll be researching this further.

As mentioned at the end, nobody knows everything! It's great that so many in the community are willing to share! 

I've always liked the fact that Nmap included a scan called Xmas because of it's behaviour:


http://www.irongeek.com/i.php?page=videos/nmap-xmas-scan

With regards to adapters, there was a fairly recent post which may be of some use:

http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,8338.0/

As already stated participation is the key. However, remember the quality of your posts is more important than the quantity.

A couple of years ago, I saw a cardboard box containing a laptop sent back for repair. The user had written their username and password on the outside of the box!

I haven't seen the passwords, but the following xkcd strip on password strength demonstrates why users may be encouraged to write down passwords:

http://xkcd.com/936/

Another yup...

I learnt about AV evasion earlier in the year, and I'd have to say it was a real eye opener! I was surprised how many AV's can be bypassed with relatively little effort.

@tturner I thought it worth mentioning as it's a well written review. I recently took the CSTA course (in the UK) and was really impressed with the quality of the course materials as well as the instructors (Jerome/Owen).

@waynegs You may be aware of these already but there are lots of vulnerable by design webapps available for learning. Using these in conjunction with the WAHH2 you can learn alot.

The link below has most of the well known ones:

http://blog.taddong.com/2011/10/hacking-vulnerable-web-applications.html

Another recent addition not included in the link above, which is worth a look:

https://hack.me/