.

CPT Practical - Feedback Please...

<<

bm5034

Newbie
Newbie

Posts: 6

Joined: Sun Nov 07, 2010 8:55 pm

Post Wed Nov 17, 2010 7:28 am

CPT Practical - Feedback Please...

Greetings all:

I am in the process of taking the practical portion of the IACRB CPT exam. As most of you well know, you've got 60 days to complete and submit. I'm on the final step of the exam, which requires cracking of the root password on a Linux host. For me, this step seems to be taking quite a long time (15+ days now). While I realize that real-world password cracking can take days, months, or even years (depending on complexity), I'm curious to see if others have had the same experience. Also, what are your general feelings on the CPT and the amount of weight it carries in the pen-testing field? I've passed the CEH (InfoSec training) and have been considering the OSCP.  Thoughts on that?

My planned direction is to "break into" this field starting next year, and I'm looking for suggestions on a sound approach. Ideally, I'd like to work as an independent, providing services to small companies (in the long run), but I realize that true pen-testing is seldom a one-man show.

Thanks in advance!
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 569

Joined: Sat Apr 17, 2010 12:12 pm

Post Wed Nov 17, 2010 9:17 am

Re: CPT Practical - Feedback Please...

Hi, welcome to EthicalHacker.net! While I will leave your questions to others with knowledge of the subject, You say you took the InfoSec Institute training? I would be very interested in hearing your review of the company and its training. If you have time, please, let me know your thoughts in this thread, or by PM. :)
sectestanalysis.blogspot.com/‎
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Wed Nov 17, 2010 9:26 am

Re: CPT Practical - Feedback Please...

Welcome!
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Wed Nov 17, 2010 9:57 am

Re: CPT Practical - Feedback Please...

bm5034 wrote:Greetings all:

I am in the process of taking the practical portion of the IACRB CPT exam. As most of you well know, you've got 60 days to complete and submit. I'm on the final step of the exam, which requires cracking of the root password on a Linux host. For me, this step seems to be taking quite a long time (15+ days now). While I realize that real-world password cracking can take days, months, or even years (depending on complexity), I'm curious to see if others have had the same experience. Also, what are your general feelings on the CPT and the amount of weight it carries in the pen-testing field? I've passed the CEH (InfoSec training) and have been considering the OSCP.  Thoughts on that?

My planned direction is to "break into" this field starting next year, and I'm looking for suggestions on a sound approach. Ideally, I'd like to work as an independent, providing services to small companies (in the long run), but I realize that true pen-testing is seldom a one-man show.

Thanks in advance!


You may want to find a better wordlist. I cracked IACRB's password in under 3 minutes. My method for cracking the password portion of the exam was to create a pseudo distributed system to do the cracking. I took 4 machines with about 2gigs of memory each, downloaded a couple of wordlists, made some voodoo regex's of the files, put them on different machines and fired them up. At best I think I was able to generate about 20 million attempts per minute,

The pw cracking portion was easy to me. It boils down to a few things when cracking passwords: 1) The PW cracker you're using 2) the wordlist(s) your using 3) the processor speed/memory of the machine doing the cracking. Here is a quick primer on password cracking: http://geodsoft.com/howto/password/crac ... swords.htm without giving up the keys to the kingdom, this portion should not take you that long.

Did you manage to finish the second portion of the test or did you just start? There are always two ways to skin a cat you know ;) But that's all I will say on the exam.

As for the OSCP, points of view differ on this. Depending on what exam you receive for the CPT (I'm assuming here they have a few different deliverables), my technical exam was difficult as I had to work around my own exploit on a Bastille hardened version of Linux. Trust me when I tell you this, there was NO publicly available exploit for me to compromise the machine. I had to modify a few exploits with GDB in the background to get it working. Took me 3 days off and on to finish up the entire exam.
<<

bm5034

Newbie
Newbie

Posts: 6

Joined: Sun Nov 07, 2010 8:55 pm

Post Wed Nov 17, 2010 11:49 am

Re: CPT Practical - Feedback Please...

Thanks for the information; it's much appreciated.  I figured things were taking too long, but I couldn't be sure.  I'm using JTR on the passwords, and I've got two machines working together.  Best I can do, hardware-wise.  Looks like I'll be searching for other wordlists.  I've already obtained the root password for the first host; only need to get the second one at this point, then I'm ready to submit my results.

I've also considered taking InfoSec's Advanced Ethical Hacking course in the spring of next year.  I understand that course focuses more on shellcoding, exploits, malware and the like.  I've heard good reviews, so I may go for that one next.
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Wed Nov 17, 2010 11:54 am

Re: CPT Practical - Feedback Please...

From the opinions I've heard of, InfoSec's Advanced Ethical Hacking course is excellent. Looking at the instructors, I have hardly a doubt on that. If you decide to take it, a review would be nice.
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Wed Nov 17, 2010 1:48 pm

Re: CPT Practical - Feedback Please...

bm5034 wrote:I've also considered taking InfoSec's Advanced Ethical Hacking course in the spring of next year.  I understand that course focuses more on shellcoding, exploits, malware and the like.  I've heard good reviews, so I may go for that one next.


Here is a tip...  As with real world penetrations, you should perhaps seek to obtain the password of ANY account not necessarily the root password. With a normal user account, you could then use a local exploit to escalate privileges. So, again, depending on how your performing password cracking, there is a likelihood you went overboard and could have obtained root access by other means. "just a thought"
<<

jtb3125

Post Wed Nov 17, 2010 1:52 pm

Re: CPT Practical - Feedback Please...

bm5034:  Your description sounds like my own experience with the CPT practical - first machine's root password was an easy crack, but the second one's still running, 2 weeks later...  I'm also hardware limited, at least for now, so not much I can do to speed things up except perhaps a better wordlist.

My 2 cents' worth on InfoSec Institute - I thought their Ethical Hacking class was well-presented, and the materials seemed thorough and well-assembled.  The instructor (Keatron Evans) was very good, kept things interesting.  Passed the CEH, hoping to pass the CPT, then figuring out where to go next...
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Wed Nov 17, 2010 3:03 pm

Re: CPT Practical - Feedback Please...

jtb3125 wrote:then figuring out where to go next...


*sigh* my biggest dilemna :( Well I have GREM in Jan/Feb and I'm itching to take some training/testing again. Just don't know which way to go with this. I don't want to go the vendor route but I may be forced to do JNCIA + JNCIS soon because of the amount of Juniper crap I deal with nowadays... CCIE(s) reading + lab studies are still around but I do it more for perversion than anything else. (For those who don't know, I've actually spent about 10 years learning Cisco things...) Just too darned lazy to opt for taking the CCNA, then the CCSP route to get to the CCIE(S). I started studying immediately for the CCIE in 98-99 (see appendix @ http://www.ouah.org/protocol_level.htm written 2000 imagine that!) and kept on studying at my own leisure...

Anyhow, my big fear with the CCIE is the lab. Failure = a lot of moolah. It's not a cheap exam. The written I don't believe I'd have a problem with. It's the lab because I don't have enough time to create scenarios, etc., I still have my lab, IPExperts audio, books, etc., its just not worth studying at the level to me anymore.

I like technical exams. I may do the OSCE soon, but I'm thinking... GREM first. Let me take a break for a month or two... Right after the GREM I may do, CREA, CCFE, EnCE one right after the other. I may follow up with other SANS classes depending on polit(r)ic(k)s. Unsure though. By next year if I was successful, I would be a bizarre professional

CPT, OSCP, CEH --> attacker
CHFI, EnCE CCFE --> analyst/forensic
GREM, CREA --> reverser

Not only that, would likely cost more to print my business cards. I was also looking at the NOP ;) Now that would be hardcore... http://www.immunitysec.com/services-cnop.shtml
<<

bm5034

Newbie
Newbie

Posts: 6

Joined: Sun Nov 07, 2010 8:55 pm

Post Wed Nov 17, 2010 3:48 pm

Re: CPT Practical - Feedback Please...

Thinking about this more, my next step will likely be the Advanced CEH class.  I personally have more interest in shell code, reversal, malware, exploits and the like, since I come from 12+ years in software/database development.  I would enjoy working with software and data, as well as how products can be better designed to prevent these kinds of attacks.  The pen-testing/ethical hacking profession will be a new endeavor for me, but I favor working with the software/data side of security, rather than the networking/admin side.

If I fare well after that, I'll need to determine what other certifications would be best to obtain with a focus on software/database exploits and security.  I suppose that would be my next question...

(As a side note related to my original topic, I did successfully compromise the second host by logging in with a standard account, then performing a privilege escalation exploit.  From there, I was able to obtain the root password hash, and here I sit waiting, two weeks later...)
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 569

Joined: Sat Apr 17, 2010 12:12 pm

Post Thu Nov 18, 2010 3:29 am

Re: CPT Practical - Feedback Please...

So, I admit myself confused, the CEH/CPT by ISI does not require the shell-coding/programming knowledge?
sectestanalysis.blogspot.com/‎
<<

bm5034

Newbie
Newbie

Posts: 6

Joined: Sun Nov 07, 2010 8:55 pm

Post Thu Nov 18, 2010 7:27 am

Re: CPT Practical - Feedback Please...

In the CEH/CPT, you learn the concepts of programming exploits using shellcode, but you don't actually do any coding.  The exploits you use are already prepared for you in the labs.  In the advanced CEH course, you actually write the exploits, so it's *strongly* recommended that you have knowledge of assembler or C beforehand.

My instructor in the CEH class suggested that I get a copy of the Shellcoder's Handbook (J. Koziol) to do some advance reading in preparation for the advanced class.
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 569

Joined: Sat Apr 17, 2010 12:12 pm

Post Thu Nov 18, 2010 7:56 am

Re: CPT Practical - Feedback Please...

Okay, that explained it. What books did you guys use during the course? Did they provide any?
sectestanalysis.blogspot.com/‎
<<

bm5034

Newbie
Newbie

Posts: 6

Joined: Sun Nov 07, 2010 8:55 pm

Post Thu Nov 18, 2010 9:25 am

Re: CPT Practical - Feedback Please...

Two books were used: a textbook and lab manual.  You had the option of having the textbook sent to you in advance, when InfoSec received your course payment in full.  This is what I did, and it really helped me to prepare, as I had read through the textbook twice before the week of class.

The lab manual was given out in class.  You were also given two DVDs to keep: one was a linux attack server VM, and the other was a collection of tools used in the class.
Last edited by bm5034 on Thu Nov 18, 2010 9:27 am, edited 1 time in total.
<<

edygert

User avatar

Newbie
Newbie

Posts: 1

Joined: Mon Oct 04, 2010 2:28 pm

Post Thu Nov 18, 2010 3:59 pm

Re: CPT Practical - Feedback Please...

I just passed the CPT exam last month and the CEH this morning after taking the online version of the InfoSec Institute Ethical Hacking course. I found the course materials to be excellent. However, for the CEH test, I also recommend studying the Michael Gregg book before taking the CEH. The CPT multiple choice was very easy but the practical took me several days to finish. Escalating privileges on the two machines was fairly challenging.

I am currently taking their Advanced Ethical Hacking course and am about 1/2 done. I don't recommend it if you are not a programmer. I have been programming for over 30 years so I am really enjoying the course.

I am taking the GIAC GPEN test on Monday. I took one of GIAC's GPEN practice tests and did really well on it. Just have a few things to brush up on. There is a lot of overlap between CEH/CPT and GPEN.
Next

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software