i will soon join you...

You really tried hard... win..win.. 

Big big Congr8s!!! You just nailed everything.

I am not running this code on any OSCP lab because i didn't register yet. I am running in homebrew lab.

I have same OS CentOS 5.5 on two machine and it behaving differently, anyway no big deal.. Thanks for reply.

Hey guys,

I am running following Glibc exploit and it works on few system but some of them my ssh terminal got crash or closed. do you know why?

http://seclists.org/fulldisclosure/2010/Oct/257

@sternone - Oh! man you refresh my memory... I was using SoftICE while ago.. I cracked lots of license software keys, cracked games etc.. Just for fun.. I thought softice got absolute because i never heard from anybody.. You are second person, first i am.. myself. lol 

is it possible to root all box in OSCP Lab without metasploit?  or there are some limitation of manually exploit?

You guys using Metasploit for buffer over flow or manually process? I am interested in manual process.

@sternone - you make me jealous

I don't know why every bufferover flow document talking about 32bit OS exploit (EIP, ESP etc..)

I didn't find any single document about 64bit OS exploit (RIP, RSP etc..) Because it has totally different register set..

just curious do we need to write buffer overfow (shellcode) in exam to get root shell?

Worth watching!!

Part1: http://www.irongeek.com/i.php?page=videos/nmap1
Part2: http://www.irongeek.com/i.php?page=videos/nmap2

Did you complete your exam? How it went? good luck

Congr8S!!! but your should post this link: http://proactivedefender.blogspot.com/2012/01/oscp-my-review.html

 

Part1 - http://www.youtube.com/watch?v=tY1fokupHQ4&feature=related

Part2 - http://www.youtube.com/watch?v=KYuqQ3S7QUw&feature=relmfu