Merry Christmas Don! (: Good to be with you all for another year! 

This actually happened to a mother of a friend I know and their computer got messed up pretty bad. It's great to see you were visiting for the holidays - they may of possibly went through with it if there wasn't a techie around. Seems social engineering is far from going anywhere! Your story made me recall a phone call to my mom where the person just flat-out asked for her credit card for them to continue through with some order she purchased. This of course was awhile back and she ended up hanging up the phone, but it makes you wonder how many people actually fall for these types of calls. Happy holidays, thanks for the share.

Hey Jamie -

I didn't upgrade yet I was holding off until I received some review of the material and how it compares with v2. What were the prime differences? When I was going through the WiFu Demo, I noticed it wasn't Muts' voice - Did they split the course work up into 2 people demo'ing the course?

Hello Abmart - You actually posted a similar thread a few days ago and received responses from us here. If we can clarify anything for you or help out anymore, please let us know. I think the CEH would be a good place to start, however I would highly recommend eLearnSecurity's Penetration Tester Pro course. It will get you introduced to a lot of topics and to pass the certification examination, you'll actually have to prove that you can hack and write a report. You could walk out of the CEH course not knowing how to pop-boxes. I've also heard your course experience will vary depending on which CEH instructors you get, but if you decide to go with eLS, as an EH-NET member, your entitled to a 5% discount.

Hello exeglitch,

I would highly recommend the Alfa AWUS036H card. I have been using it for a couple years now and it's great. It is also one of the cards the Offensive Security WiFu recommends.

Hi Exeglitch,

Welcome to the site! I used to think the same thing when I was introduced to XSS. I would say it all depends on how much you can leverage it. XSS can be used to do a whole lot, such as redirecting a users browser to a malicious URL (to inject client-side attacks, steal cookies, etc) and a lot more.

A good tool that proves how wicked leveraging Javascript on a victims can be is The Browser Exploitation Framework from http://www.bindshell.net/tools/beef.html.

Below are a few helpful links that could help you understand it further:

Hacker Uses XSS & Google Streetview Data to Determine Physical Location

vbSEO - From XSS to Reverse PHP Shell

Browser Exploitation with BeEF

Web Hacking - XSS Part 1
Web Hacking - XSS Part 2

Hey Alucian!

Congrats! Be sure to update your signature with your new cert. I've heard similar stories regarding practice exams and then finally sitting for the real examination. Do you think someone who went through the Web Application Hackers Handbook would be prepped enough for the class?

Hey Svxx,

Welcome aboard. I'll try to offer some light in having a take at the questions! Though I'm not offering all solutions here I want to throw out a few the bad guys would use here in the real world.
1) Definitely possible. Attacks happen all the time anywhere. It all comes down to your targets' security they have implemented but even then, the attackers will always find a way in.

2) Assuming there's an insider, this can contribute a lot to pulling off a successful attack. The insider could provide a listing of the software they run on the banks machines, which could possibly aid in Client-Side Attacks. He could gather up other inside information on employees if needed, he would be able to map out the Network Topology, and this insider could even be used to pull off physical attacks.

3) Being good guys and being given permission to perform audits, I'm not too sure how many of us focus on being, 'untraceable' as much as we try to go un-noticed by IDS/IPS solutions out there. We don't want to send up a red flag. To carry out this type of a scam and attempt to try to be untraceable, an attacker could attempt to compromise a list of target machines and utilize those to pull off the attack. Of course, attacking from a public wifi spot or breaking into a protected network and hacking from that are what bad guys do also. Proxies and proxy-chaining are also useful here. I would imagine these put into use big time when carrying out illegal activity.

4) The attacker could get a hold of the local password hashes on the banking systems and take them offline and attempt to crack them with 3rd party tools. 3xban mentioned phishing, which is another common route attackers use to harvest passwords. These all play a big role. The common process mainly depends on if your doing offline/online password cracking. Will the attacker be attempting a dictionary attack on the ssh or ftp service? A valid username will need to be known. The accomplice could assist in gathering valid usernames of the target infrastructure. If it's offline password cracking, 3rd party tools could be used as mentioned.

5) Hardware key loggers definitely come to mind here. Especially when dealing with obtaining passwords and all sorts of other juicy information. As far as software goes, that could be risky depending on the environment - policies are put in place to attempt to not allow employees from installing software, etc. If the accomplice was able to get a backdoor onto his workstation and let the attacker in and this was discovered, it could be suspected that the accomplice was involved. The accomplice serving as an insider role in the organization could leverage it to the attackers end if an e-mail containing a link to pull off a client-side attack, and the accomplice would be the one to click it to get the attacker on to the network. Of course there's alternatives here.

6) I would say just being an employee would be enough. Of course if the accomplice is one of the IT guys and had more access than the standard employee this would help.

The books dynamik provided will help out. Be sure to give them a read! Good luck with the book.

Hi Haz3,

Welcome aboard! I would recommend Testout's LabSim CCNA Training. It's not a bad price and I found the training good. I purchased the Network+ and the MCITP: Configuring Server 2008 Network Infrastructure - 70-642. I got all the way through the Network+ material and was practicing on the Objective Exams towards the end when school caught up with me and I had to set it aside. I plan on picking it back up next year and continuing on with it. I think you would enjoy it, they have interactive labs, quizzes, notes, video material that will keep you busy for hours.

Hi Cotica,

Welcome to EthicalHacker.net. The solutions can actually be found below for edition 2:
Spoiler Alert.

If you were interested in labs where you can practice the material that is in the book itself, look into www.mdsec.net. There's an active thread here about it.

Hi Abmart,

Welcome to EthicalHacker.net. I couldn't agree with BillV anymore. The best place to start is the search function. This site has been around for years and a lot of questions have been answered. To attempt to help answer your question, the best place to start is to cover a few threads where new comers have asked the same questions and have received responses. Below are some links:

Where and how to gain knowledge?

An Ethical Hacker must have these skills

Starting From Scratch

Where to start

Looking for advice for career path as a Ethical Hacker

Alternate source(s):
http://www.infiltrated.net/pentesting101.html

There is other topics threads out there but I pointed you to a few of the good ones. If you have any other questions, feel free to ask! Good luck!

That answered my main question right there. Didn't know the material that old. It all makes sense now when I had e-mailed Mile2 and pretty much asked if CPTE will fully prepare someone to the extent of being able to buy a CEH exam voucher and didn't receive a definitive, 'Yes' in the e-mail response.

Good to hear they're updating CSWAE course Feb. My vote for a solid Web App Pentesting course would be eLS all the way. Definitely more affordable and quality information.

Not sure how much longer they'll be around with outdated material. There's tons of training options out there today and no one wants to spend money on old course work. How is the lab environment? I heard that there was a practical environment for students to test their skills in, is this true?

Sorry to hear YuckTheFankees. I wonder how the other members who picked out the alternate courses are doing - and if they share the same opinion. If they're that much out of date on the CPTE, it makes you wonder if all of their material isn't up-to-date either.

I saw the thread wasn't getting too much attention. I figure I'll add on my opinion. I threw each certification onto Dice 1 at a time and noticed EnCE had the most results for open jobs. I'm not a forensics guy on my end, but it looks like be either EnCE or GCFA are top listed. They all look well known in the forensics industry but I would prefer to hold the GCFA due to the GIAC certifications looking really nice on a resume. A job I noticed that was listed for it that wasn't listed for the CHFI and EnCE roles were Malware Reverse Engineer - that sounds pretty wicked.

Hello moore,

Welcome to EthicalHacker.net. I would contact them through their Contact Form. Be sure to provide them with your OSID and inform them your looking to upgrade. I'm assuming they'll send you a link for upgrading which will allow you to purchase it for $100.00 USD.