Hi everyone,

When I use msfpayload to generate my payload (let's say, a Windows tcp bind shell), I always encode it with msfencode to remove null bytes (\x00) or any other characters (usually \x0a and \xff, sometimes more). I do this because these bytes would otherwise prevent the insertion of my payload in memory.

But what if my payload needs to be cut in two because I cannot put it all at the same memory location? For example, if my payload is 300 bytes long and I only have two spots of 200 bytes in memory? Should I carefully cut the payload (between two instructions) then encode each part separately, if they contain any invalid bytes? I would finally jump from the first part to the second one.

I haven't hit this problem yet, I was just "meditating" on the issue and couldn't get a good answer from Google.

Thanks

And for many of us, "pleasure" turned to "pain" before going back to "pleasure" again... 

All jokes aside, Amidamaru is right: if you don't love it, you can't spend the required effort into it. You just need to go one bite at a time. You're interested in wifi? Have fun for a few weeks exploring that. Then switch your interest on whatever interests you at that time. I think it's a nice way of not getting overwelm by all the materials that needs to be learn...

+1

SEC542 is not an easy course, but it focuses on introducing all the concepts you need to become a web app penetration tester. There is simply way too much content on the topic for a 6 day course.

I haven't taken this one, but SEC642: Advanced Web App Penetration Testing and Ethical Hacking should help you become a more complete web app pentester after you have completed SEC542.

ajohnson is right. All you really need is to be able to read (not write) and understand basic HTML and Javascript. The course will teach you all this and the few other little things you need to know.

And by all means, if you are performing Vulnerability Assessments of web app, that's a great course/cert to get you started.

Why do you need to interview one of us?
You have to give more details...

Thank you all for these great advice.

I have a pretty good idea now about what to do for exploit development. But what about the web apps and the network sections? Any advice on these two topics?

Great thanks UNIX! You too (and many more here) are a gold mine!!  

I have also found this http://www.mydigitallife.info/how-to-convert-and-import-vhd-to-vmdk-vmware/ to convert these VHD to VMWare VMDK format.

Update: The last step: http://hacktolive.org/wiki/Using_VMware_images_%28.vmdk_files%29

MaXe and ajohnson, you are both gold mines!!!

Now I have a ton of things to read and practice. 

BTW, do you guys know where I can get a WinXP VM that I can use in my lab? I am running a AMD64 Linux machine at home...

Thx

Great, thanks for these great responses!

I get the point regarding exploit development: practice all the techniques often and in different conditions.

I will also have a good look at the book you proposed ajohnson!

But what about the other things (web app, router, etc). What do you guys recommend or wish you would have done before the exam? I know I need to practice fuzzing web apps more, that's for sure, and I was planning on playing with the DVWA and other things like that. But what else would you recommend?

Thanks UNIX. But what do you mean by "utilize different exploitation techniques"?

Hi,

For those who are already certified, what advice would give to someone like me who is starting the Cracking the Perimeter course in order to later challenge the OSCE certification?

I have read some stories here and on the internet, but I am curious on what you have done to succeed and what you would change if you were to do it again.

Thanks in advance for you help

Nice point Ketchup!

That's what I thought! 

Here are some free videos about SQL Injection:
http://www.securitytube.net/tags/sql-injection

Good luck!

Thanks again for the great comments!  

Are you looking for MySQL training or more something like SQL training?

I have been a MySQL DBA for 4 years in the past, so I know it pretty well now. Most developers or hackers really want to know how to connect to MySQL and run SQL statements while DBAs want to know how to install, configure and administer the RDBMS.

So what is your real goal? We will be able to help you better once we understand what you are looking for.