Will have a go again tonight... Need to get my eyes checked...

Pretty interesting.. finding it hard to read the numbers... if you know what i mean...

Buffer overflows are fun... aren't they?  I need to work on a few more...

@sternone - what the .......

I don't know why every bufferover flow document talking about 32bit OS exploit (EIP, ESP etc..)

I didn't find any single document about 64bit OS exploit (RIP, RSP etc..) Because it has totally different register set..

Slightly off-topic, but I suppose this may help:
http://turkeyland.net/projects/overflow/index.php

My advice for learning the buffer overflow is to load the vulnerable software on your own lab machine and practice it there. That's what I did to successfully complete the exercise.

Am GREM certified and a Wizard too
The questions are relatively easy...
The GREM exam is a lot tougher...

Good luck.

Let us know how it was..

@skk - even I struggled with the buffer overflow material of OSCP and wasted most of my lab time.

I finally managed to figure it out when I tested it in my own lab and got a shell on the victim machine. Hence my suggestion, move on with the rest of the course and do not waste your lab time on buffer overflow exploitation. Once your lab time is up, you can focus on testing it locally.

Hey there..
A person with your background will be in demand these days.

If you consider a more managerial cert, you can look at CISM or CISSP.
If you consider a technical cert, you could try OSCP.
If your company will sponsor your training, attend the SANS 560 course for penetration testing.

If you are more interested in SCADA security and are in the US, you can try the INL SCADA advanced security course:
http://www.inl.gov/scada/training/

I am still counting, lol. First post and keep talking the same. I already told them, Don can give them good advertisement.

I took CEH and bought Mile2 training, and they are the same. So they keep talking about big difference, nop.

Now OSCP is really completely different and it is making me crazy. 

Totally agree. I have cleared CEH as well as CPTE, and I enjoyed my time in the OSCP lab. If you really want a challenge, attempt the OSCP.

Can one take up the Nidan (2D) without going through the 1D?

This may have been explained earlier, but would like to understand.

The 11th challenge in the series is out.
https://honeynet.org/node/829

Deadline is May 31st.

I think I have the first question figured out, but the rest of the packet capture is beyond my comprehension.

Thanks for the hint... time to investigate further.

Oh and i loved the scan of the month challenges.




Open up the capture in Wireshark, right click on the first packet and select Follow TCP stream. In the drop down, select the second option, (181875 bytes), save that as a file named "output" If you're on Linux, type: file output to find out what kind of file it is and go from there.

The 11th challenge in the series is out.
https://honeynet.org/node/829

Deadline is May 31st.

I think I have the first question figured out, but the rest of the packet capture is beyond my comprehension.

All the best. I might resume my lab access from May hopefully.