.

oscp challenge exam question

<<

bowerbird001

User avatar

Newbie
Newbie

Posts: 3

Joined: Sat Sep 08, 2007 5:45 am

Post Mon May 18, 2009 11:50 am

oscp challenge exam question

i am studying for my oscp.
i have my challenge exam coming up soon.
i have ran out of lab time.
to pass the challenge i feel i may need some more experience in sql injection and creation of exploits.

could anyone advise me where i can find a few tutorials for the creation of exploits.
i would like the tutorial to be with current or easy to find software that is freeware/shareware.
i say this as the example in the oscp used software that is superseded and also not freeware/shareware.

the main parts of the sql injection i would like to practice is command injection and gaining shell.
also could someone please tell me how i could practice sql injection.
my guess is i would have to create the database that allowed sql injection to be preformed on.
and then practice on that.
<<

ethicalhack3r

Full Member
Full Member

Posts: 139

Joined: Fri Nov 28, 2008 11:29 am

Post Mon May 18, 2009 2:24 pm

Re: oscp challenge exam question

Hello,
Im not sure about exploit creation but for SQL injection you could use a tool that I developed last year. 'Damn Vulnerable Web App' is a deliberatly insecure web application that allows you to 'train' on. However id also like to point out that there are other apps out there that do the same and in some cases better.

Damn Vulnerable Web App:
http://www.ethicalhack3r.co.uk

Check out irongeeks tool:
http://www.irongeek.com/i.php?page=vide ... ae-1-setup
<<

Orhan

Newbie
Newbie

Posts: 14

Joined: Wed May 20, 2009 2:26 pm

Post Wed May 20, 2009 3:50 pm

Re: oscp challenge exam question

I believe you can download some extra software to exploit from the offsec forums. 

As for tutorials on exploits, the are several videos in this forum as well as on the offsec forum taking you through the process of exploit development and bypassing different issues (i.e. pop pop ret).

I hope his helps.  Good luck with the exam!
GPEN OSCP OSWP CCSE CCSA CHFI..etc
Bronze Swimming certificate..
<<

ethicalhack3r

Full Member
Full Member

Posts: 139

Joined: Fri Nov 28, 2008 11:29 am

Post Wed May 20, 2009 4:06 pm

Re: oscp challenge exam question

Orhan: I couldnt help notice that your sig is wrong or is it purposely like that?

Away
Pizza
Sausage
Throw
Not
Do
Please
<<

Orhan

Newbie
Newbie

Posts: 14

Joined: Wed May 20, 2009 2:26 pm

Post Wed May 20, 2009 4:09 pm

Re: oscp challenge exam question

I just love sausage pizza....
GPEN OSCP OSWP CCSE CCSA CHFI..etc
Bronze Swimming certificate..
<<

Orhan

Newbie
Newbie

Posts: 14

Joined: Wed May 20, 2009 2:26 pm

Post Wed May 20, 2009 4:15 pm

Re: oscp challenge exam question

I have changed it to avoid any further confusion...(probably mine)  :-[
GPEN OSCP OSWP CCSE CCSA CHFI..etc
Bronze Swimming certificate..
<<

bowerbird001

User avatar

Newbie
Newbie

Posts: 3

Joined: Sat Sep 08, 2007 5:45 am

Post Thu May 21, 2009 5:37 am

Re: oscp challenge exam question

thanks guys.

ethicalhack3r thanks for your advise. that helped.

Orhan: i had also lost access to the offsec forums, that's why i posted for help here and not there.

but anyway i added more time.
so now i have access. :)
<<

agurrutiac15

Newbie
Newbie

Posts: 2

Joined: Tue May 26, 2009 3:51 pm

Post Tue May 26, 2009 4:09 pm

Oscp challenge!!!

I am taking the OSCP challenge this Friday May29, 2009. I did 6 out of the final 7 challenges (For those OSCP grads, you probably know which is the one I could not pwn). I am looking for any hints some could give me on what to focus my studies. I' appreciate any tips you can give me....

Andres Urrutia
CCNA, MCSA, Net+
<<

Orhan

Newbie
Newbie

Posts: 14

Joined: Wed May 20, 2009 2:26 pm

Post Thu May 28, 2009 12:07 pm

Re: oscp challenge exam question

agurrutiac15,

I think if you applied yourself during the course you should be fine.  Also, by doing the extra credit questions you will have some bonus points to go towards your exam (should you need it). There are plenty to be had throughout the course. 

The exam can be a full 24 hours so get plently of rest and happy hacking!!

Good luck and let us know how you get on.
GPEN OSCP OSWP CCSE CCSA CHFI..etc
Bronze Swimming certificate..
<<

agurrutiac15

Newbie
Newbie

Posts: 2

Joined: Tue May 26, 2009 3:51 pm

Post Tue Jun 16, 2009 1:40 pm

Re: oscp challenge exam question

Orphan thank you for your response... I passeeeed! I am now an OSCP. The exam was tough but liked it. Once again thank you!

Andres Urrutia

CCNA, OSCP, MSCA, Net+
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Jun 16, 2009 2:22 pm

Re: oscp challenge exam question

w00t!!

As you grow into your career, hopefully you'll share your thoughts and experiences with the EH-Net Community.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Wed Jun 17, 2009 12:04 am

Re: oscp challenge exam question

Congratulation for passing, agurrutiac15. ;)
<<

Orhan

Newbie
Newbie

Posts: 14

Joined: Wed May 20, 2009 2:26 pm

Post Fri Jun 19, 2009 4:49 am

Re: oscp challenge exam question

agurrutiac15 wrote:Orhan thank you for your response... I passeeeed! I am now an OSCP. The exam was tough but liked it. Once again thank you!

Andres Urrutia

CCNA, OSCP, MSCA, Net+


Congrats agurrutiac15! Well done!
GPEN OSCP OSWP CCSE CCSA CHFI..etc
Bronze Swimming certificate..

Return to General Certification

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software