OSWP – VPN Connection Question

Viewing 15 reply threads
  • Author
    Posts
    • #7405
      esojzuir
      Participant

      Hello Everyone!

      I have a question regarding the Offensive Security Wireless Test. You are supposed to connect remotely to the test site and use a terminal to attack the routers. I’ve never done anything like this before (used to the multiple selection tests) and I wanted to see if anyone that has taken the test can clear some doubts:

      When you log in do you actually open a terminal and see a BT machine and work from that or do you log in and open a putty terminal and work from that?

      Any help will be appreciated

      Thanks in advance!

    • #46249
      UNIX
      Participant

      You will receive an email from offsec with instructions on how to connect to the exam machine through SSH, which will be your attacking machine.

    • #46250
      esojzuir
      Participant

      Thanks for the response. So it will be correct to assume that I will connect to an instance of the BT machine with GUI and from then open a konsole and fire away???

    • #46251
      cd1zz
      Participant

      No GUI, just console sessions. You can open more than one, I think I had 4 going during my test.

    • #46252
      TheXero
      Participant

      esojzuir, I used ‘screen’ in my exam and I would recommend it 🙂

    • #46253
      dynamik
      Participant

      @TheXero wrote:

      esojzuir, I used ‘screen’ in my exam and I would recommend it 🙂

      Good advice; I love screen. There’s also the added benefit of being able to retrieve your session if you get disconnected.

    • #46254
      esojzuir
      Participant

      Thanks for the help everyone! How can I get screen??? Is there a link you can post???

    • #46255
      dynamik
      Participant

      I believe it’s installed by default in BT5, which is what you’ll be connecting to.

      Otherwise, apt-get install screen (or whatever the equivalent is on non-Debian systems)

      It’s pretty simple, but you should still experiment with it a bit in advance to get used to the key commands, etc. Just check out the man page.

    • #46256
      BillV
      Participant

      Well I’m glad these guys remembered because I sure didn’t. 😛 I just remember it being very quick.

      Good luck on your test!

    • #46257
      esojzuir
      Participant

      I passed the OSWP!!!!! It’s a really cool and fun way to get introduced to the world of practical examinations, as I was used to the typical questions type exam.

      The next project is elearnsecurity pro and then PWB!!!!

    • #46258
      Darktaurus
      Participant

      Congrats! What version did you take, 3.0? If v3, how did you like the Rogue Access Points and coWPAtty modules?

    • #46259
      dynamik
      Participant

      Congrats esojzuir!

      I passed mine a couple weeks ago as well. I’ve been meaning to write a review.

      Agoonie, the v3 additions were a nice improvement. v2 was always good for WEP, but it has felt dated for a long time. I thought the GPU RT generation with Pyrit was pretty slick. I have a decent GPU because I’m a bit of gamer, and it was interesting to see how that fared against the i7.

      The actual exam is still v2, and I think there is still room for growth there (i.e. client attacks with karmetasploit, etc.).

    • #46260
      Darktaurus
      Participant

      @ajohnson wrote:

      Congrats esojzuir!

      I passed mine a couple weeks ago as well. I’ve been meaning to write a review.

      Agoonie, the v3 additions were a nice improvement. v2 was always good for WEP, but it has felt dated for a long time. I thought the GPU RT generation with Pyrit was pretty slick. I have a decent GPU because I’m a bit of gamer, and it was interesting to see how that fared against the i7.

      The actual exam is still v2, and I think there is still room for growth there (i.e. client attacks with karmetasploit, etc.).

      Thanks for the heads up.  I figured I would take it later this year to see what they improved on.  It sounds cool so I am sure I will find the time at some point.  Did they have anything on attacking WPA2 Enterprise?  I found some people talking about it but I do not remember if the OffSec guys had anything. Meh, either way, I am going to take the new course.  ;D

    • #46261
      esojzuir
      Participant

      Thanks everyone!!!! I took version 3 and both the cowpatty and rogue access point modules were really good, both on video and the text. You can set up and use both topics really fast. Unfortunately none were used on the test.

      I tried cowpatty for the WPA but it wasn’t even installed on the attack machine, so yes it’s still a v2 exam, but lots of fun. I started the exam and for those weird reasons after 1/2 hour I was no able to crack my first target!!!!!!!!!!

      I decided to move to the other 2 and I was done with those in about 25 minutes with all the documentation and everything. Then I took a breather and cracked the first one in 15 minutes, so in all I spent 1 hour and 40 minutes cracking, writing and getting screenshots and 2 hours setting the report.

      I agree that later on they should add rogue access point and karmetasploit attacks to the exam. Maybe have 5 targets to attack and make it 6-8 hours to do the test. I really recommend this class to anyone!!!!!

    • #46262
      dynamik
      Participant

      @Agoonie wrote:

      Did they have anything on attacking WPA2 Enterprise?  I found some people talking about it but I do not remember if the OffSec guys had anything.

      No, just PSK.

      I thought the upgrade was worth it. I found the rainbow tables generation, airserv/airtun, and GPS portions to be particularly interesting.

      They have the v3 Syllabus online if you haven’t reviewed it yet: http://www.offensive-security.com/documentation/wifu-syllabus.pdf

    • #46263
      docrice
      Participant

      When I did the OSWP exam some years back my SSH sessions kept dropping, but perhaps because I had a two or more concurrent sessions and I think there was some latency in my connection.  I think “doing” the attacks isn’t what consumes time, but rather the documentation.  One of the most fun exams I’ve ever taken though with that thrill-of-the-hunt.

      I got a copy of the updated course when it was released, but I haven’t gone through it yet.  That said, I’m of the impression there’s no coverage on 802.1X attacks.  I would really welcome that since it’d make the course much more applicable to enterprise networks.

Viewing 15 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?