Congrats!  What's next?

Looking forward to more fun.  Thanks!

@hanyhasan - The videos and PDF's cover a lot, but because of the 'adaptive' nature of pentesting, there is expectation that not everything in the exam is going to be a 'cut and dry' example of something that was directly covered by the courseware, leaving the student to use their intuition and research skills to find answers, much like a live, real-world pentest would.

@r0ckm4n - keep trying, keep studying, keep working at it.  Pass or fail, as impelse noted, you're learning.  Experience, in this field, comes painfully, sometimes, but it's well worth the effort, and shows your determination and dedication.

Wishing you luck on the next (and hopefully final) attempt! 

http://lmgtfy.com/?q=dns+cache+poisoning+howto

There are several examples of a dns cache poisoning attack...

First hit is a video, using a metasploit module to accomplish the task.

Welcome!  Like I said, it's a little dated (circa 2007'ish), and I've spotted a few things already that are no longer valid (like a couple of the sites for searches, that no longer exist), but the premise and ideology is all still valid, as well as plenty of info that DOES still apply.

Also, check http://www.nsa.gov/public_info/ for other great resources, that have also been made available.

Thought some folks might appreciate it.  I stumbled on it while looking for a tool, one day (ended up coding my own, but...), and bookmarked it right away, after downloading it, of course!  

Somewhat handy reference (albeit a little dated), that has some ideas for folks who are 'up and coming' and learning about information gathering, etc.

From our friends at the NSA:

http://www.nsa.gov/public_info/_files/Untangling_the_Web.pdf

Congrats!  Great job!

Password Corral, for most of my day-to-day stuff...  High security stuff, I have my own method for creating and remembering them...

Honestly, I've used neither.  Did you use any of the official material to study CEH?  If so, and if you've studied for OSCP, as well, I'd like to think you'll be fine.  IMHO, the CEH exam was not that difficult, and I'd taken it solely from reviews of the courseware, and long before I did OSCP.

Apologies I can't recommend one versus the other, to you, from those choices.

LOL!

There are literally TONS of good sites for doing encode / decode on strings.  Just depends on the format / encoding type you're using.

A couple of examples:

URL encoding:
http://meyerweb.com/eric/tools/dencoder/

Base 64:
http://www.base64decode.org/

or

http://www.motobit.com/util/base64-decoder-encoder.asp

I could go on for days. Perhaps if there's a certain format you're looking for?

As far as muti-encoded, if you don't know what the multi- steps / formats are, and if they don't appear obvious, then at that point, it's largely trial and error...

^ +1  I heard a few complain about it, on SSD.  I'm also using it on a container / folder basis, instead.

Congrats on the pass!

I've been seeing exact same things, for a few weeks now, at least.  Chalked it up to perhaps database slowness again (with all the cleanup from junk posts, etc, that don gets, we saw some weird things before, too)