Welcome dropper!

Feel free to ask any questions you want. Someone will be able to help you for sure.

cd1zz is right, no practice questions is like the real exam and that is a real shame. I bought practices questions from cccure.org, did the ones that came from Shon Harris book (even bought the extra questions from her), did more on another book and above all, I bought the expensive questions from ISC2! All in all, I did answered about 1600 practice questions from 4 different sources.

I was pissed to see the exam is different. Most questions (about 70%) are in the type: "Which answer is the BEST", "What would you do FIRST", etc. It means more than one answer is correct, you need to find the best one...

The other difference was that in the exam, they will sometime use different wording that you are use to. I think their goal is to see if you can talk to an executive who knows nothing about security and describe concepts in his own words. So for example, expect to see "pre-shared key" or "secret key" instead of "symmetric key". This drove my crazy in the exam...

@maxpeck: Don't forget you cannot take the exam when you want like SANS. Where I leave, they only give it 3 times a year. That's why I did it quickly, I didn't want to wait an extra 6 months to write it...

Yes, but I did GSEC a year before CISSP and they both cover similar material.  I didn't have any life in this 17 days: Waking up at 4:30am to study before work then studying again on every single evenings until 11:00pm (so about 5 hours a day, more on weekends). It took me a full month to recover from this crazy pace. 

Oh, I forgot to mention I have 2 daughters...

So don't do that! Take 2-3 months to study this beast...

Good luck cd1zz!!! 

I have it to (version 4) and I liked it.

A trick I did: I converted all the videos into MP3s (since 95% of the time, you see Shon Harris talking to you) and listen to them while I was driving to work. I went through the whole material twice this way, taking notes about the more difficult sections where I should read in the book. Worked very well for me since I spend around an hour an a half per day commuting.

The best way to quickly go through 1200 pages of material.  

Hi Tancred,

What is your goal? What are you trying to achieve?

CISSP is way more recognize than GSEC. Even if ziggy_567 is right in the fact that they more or less cover the same material, it is not entirely true.

GSEC is more technical (go deeper) than CISSP but doesn't cover as much material. In GSEC, you don't or barely see questions on DRP/BCP, physical security, hardware architecture, etc.

I personally did GSEC first and I liked it while I hated my experience studying for CISSP. After GSEC, you feel you have learn many useful skills. After CISSP, you feel like you will forget half what you have studied the week after the exam...

But again, CISSP is probably the top certification for HR right now, so this will bring you more $$$ than GSEC.

A tough decision...  

I had the chance to talk with Tim Pierson in Dallas last spring about VMware security and this guy knows his stuff!!!

@the_Grinch: Starting with playing around with python is a pretty good idea. I suggest you start with the "Penetration Testing with Backtrack" course from Offensive-Security if you want to go for exploit development. They have a nice way of explaining how to write exploits.

Security Tube (http://www.securitytube.net/video/231) has a pretty good (and free!) tutorial on how to exploit buffer overflow.

But to be able to write more complex exploits, look for "Cracking the Perimeter" from Offensive-Security. You will need some basic knowledge of assembly language to succeed. Assembly is much more complex than Python, but it can be learned by humans! 

@WCNA: Would you say the videos are more than enough to pass the exam?

Looks like good knowledge (and a cert!) to me for $1000.

Thanhs everyone! Looking forward to sit in this class.

I will be posting a review of the course.

 

Wow!

I thought I was on a crazy pace doing 3 certs/year... I found my match!   

Good luck and keep us posted with your experience with these exams.

One last thing: don't burn the candle on both ends!!! 

Hi Ignatius,

At this point, I think you have everything you need to achieve your goal. I proved to you it works and I tried the best I could to guide you on reproducing it.

I have been a developer for 11 years now and one thing I learn is that every time I think the tool is bad and I can't prove why it's bad, I have always been wrong.

Reboot, reinstall Ollydbg, do what ever you need to do, but it can be done and you are close to doing it.

Banging your head is not always a bad thing. But in order to view your code, I doubt the Access Violation is important.

Good luck and post your results!!

Based on the three certs you already have, go for OSCP. You will see it is quite different than GIAC certs. You will feel like it is the best thing you ever did.

So OSCP, no hesitations!

That's ASLR (Address space layout randomization). Basically, Windows makes it harder (but not impossible!!) to develop exploits by constantly changing the "starting address" of an application. So everytime you reboot, you will see your program using a different address. You will also notice that not all the address change, only half of it. There lies the trick of bypassing ASLR while writing exploits. But that's a more advance topic...

You can set breakpoints by selecting a line an hitting F2 or like you did, through the menu.

F8 resumes execution until the next breakpoint or the end of the program, so I am not sure about the access violation...

In the image I posted, you see where I placed my break point (in red). So when I launch the program (F9), Ollydbg stopped at this line. You don't need to press F7 or F8 at this point to see your code, it's in the lower pane.

One last thing I forgot to mention, make sure your see the column name "Hex dump" at the bottom. I think Ollydbg comes with Ascii or something like that display by default. You have to right-click in the lower pane and select "Hex | Hex/ASCII (16 bytes) " to see your asm code.

I may not be able to post again this weekend (no access to Win XP at home...), but I will try to continue help you Monday, if you haven't figured it out by then.

Don't give up!
 

To add on the L@Zz^y progammer:

"Good programer write great code. Great programer steals great code!"

To me, "lazyness = efficiency", when you understand what you are doing...