I've been putting off the CISSP but unfortunately I think its next for me. Nice work on getting through that.

For me, recreating exploits was key because I only knew basic assembly and had basic debugger skills. It forced me to become comfortable in a debugger and learn much more about assembly. For example, if the original author of an exploit wrote it as an EIP overwrite, I'd look for the SEH overwrite and rewrite it. If they didn't use an egghunter, I would add an egghunter. If the original author only wrote it for XP, I'd write it for Vista or 7. Using this method I managed to run into all kinds of issues I had to sort out.

My biggest weakness going into this course was on the web side. I wish I would have spent more time on this. I would recommend not only focusing on the exploit dev but understand exploiting all kinds of web apps.

Go for it dude. As far as BT4 or 5, it wont matter. I actually spent most of my time in Windows VMs using Immunity because most of this is windows exploit dev and windows pwnage.

Well, it will be nice to have my life back. I managed to get through the OSCE challenge and got word today that I obtained the cert.

I documented my experience like I did with the OSCP:

http://www.networkadminsecrets.com/2011/05/offensive-security-certified-expert.html

The anticipation is agonizing, here are some new ones:

http://www.backtrack-linux.org/screenshots/

Look at the metasploit payload modules.

I would go change all your passwords so that further damage cant be done. If you had any saved credentials in your browser you'd hate to have this person empty your checking account as well.

Second, its a long shot but a decent idea to ask the IT group to notify you if the MAC comes up on the network, but then it seems you'd need some cooperation with law enforcement to actually get your PC back. There are certainly ways to track this stuff down but it all requires the ability to subpoena provider records to start to geographically pinpoint the person who stole your pc. It might be worth looking at the bottom of your gmail account in the "Last account activity" section to see if anything looks fishy but again... you might be able to get an IP but its likely the campus NATS and that IP is shared by thousands of students.

Unless you're a state senator it might be tough to get the local PD to give a crap and help you out. Sorry to hear about your luck.....but one lesson on this....back your data up...somewhere else......

Can you ping metasploit.com? What happens when you run msfupdate?

You might just want to pull down a new copy with subversion.

Are you asking what operating systems are targets on the exam?

You can never have enough RAM. Get as much as you can afford or as much as your motherboard can handle. From a HD perspective, I dont actually use that much. My biggest HD is 2TB but that is only for backups.

Think about it this way, if all your VMs are just for pwning and testing, they're not going to use a lot of RAM nor are they going have big vmdk files. So, unless you want every flavor of every Operating System ever created, you dont really need that much. I think 150 GB is probably enough. Like I said above, I have about 5 VMs, they're all on a drive that is 128 GB, in addition to my OS and I still have plenty of space left.

However, Hayabusa brings up a good point about snapshots, if you're going to use them, then make sure you have enough space! I use snaps lightly so I dont need too much extra space for them.

Vmware is your friend. So is RAM and in my opinion, a SSD if you can swing it.

My "lab" consists of my 4 year old PC running Ubuntu with Vmware Workstation, 4gb of ram and a shiny new SSD. I have various windows operating systems and a few Linux operating systems as guest OSs. I can run two or three at a time without any issues, this is mainly due to the SSD. I basically put my OS on the SSD and only my VMs, the rest of my data goes on slower drives.

If you've got a few extra bucks to spend, I'd get a PC with a 64 bit processor, lots of RAM and a SSD. Can you tell I'm excited about my new SSD?

PS - Just ran some benchmark tests and my old HD had averaged about 60 MB/s and the new one is about 270...

I think "fixvesa" then doing a startx also fixes that....

The exam is over VPN as well as the practice lab.

I believe that plugin only works on certain sites. I think that plugin just does what you should be doing anyways, and that is typing https into the browser instead of http and dealing with a redirect to https.

Its a good start but there are still many other known vulns for sslv3 and tls. Also, pay attention to your browser warnings.

I dont think so and the only reason I say that is it is always idiots with 0 posts, so they're clearly not interested in the material here...