.

OSCE Review

<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Tue May 03, 2011 2:06 pm

OSCE Review

Well, it will be nice to have my life back. I managed to get through the OSCE challenge and got word today that I obtained the cert.

I documented my experience like I did with the OSCP:

http://www.networkadminsecrets.com/2011/05/offensive-security-certified-expert.html
<<

millwalll

Post Tue May 03, 2011 2:10 pm

Re: OSCE Review

well done
<<

Darktaurus

User avatar

Full Member
Full Member

Posts: 181

Joined: Thu Sep 03, 2009 8:48 am

Post Tue May 03, 2011 2:36 pm

Re: OSCE Review

Great review.  I will be signing up soon, definitely.  I promised my wife I would take a break after the OSCP.  ;D  Of course I did the FC4 already just to see if I could do it.  Thanks for the review.  You and MaXe had a great experience even with the pain. LOL.  I have to take this course.  I am really excited now.  Will it matter if someone uses BackTrack 5 instead of BackTrack 4 when taking the course??
OSCE, OSCP, OSWP, CISSP, GPEN

www.agoonie.com
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Tue May 03, 2011 2:37 pm

Re: OSCE Review

Congrats, cd1zz.

Will it matter if someone uses BackTrack 5 instead of BackTrack 4 when taking the course??


Doesn't matter.
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Tue May 03, 2011 3:01 pm

Re: OSCE Review

Go for it dude. As far as BT4 or 5, it wont matter. I actually spent most of my time in Windows VMs using Immunity because most of this is windows exploit dev and windows pwnage.
<<

alucian

User avatar

Full Member
Full Member

Posts: 228

Joined: Mon Dec 29, 2008 2:01 pm

Location: Montreal, Canada

Post Tue May 03, 2011 3:09 pm

Re: OSCE Review

Congrats!

And I really liked your review.
CISSP ISSAP, CISM/A, GWAPT, GCIH, GREM, GMOB, OSWP
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Tue May 03, 2011 4:55 pm

Re: OSCE Review

Gratz and nice review :)
GSEC, eCPPT, Sec+
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue May 03, 2011 7:55 pm

Re: OSCE Review

Congratz cd1zz!!!

I took the CPT course too and I have yet to challenge the OSCE exam. I have to say the course indeed opened my eyes big time!

After doing the exercises, I took a pause and wrote the CISSP exam (because every contract requires it...). I basicaly went from one extreme to another! Passing from "dreaming about Hex" to learning about "Business Continuity Planning" was like eating vanilla ice cream after drink whiskey. It didn't taste good...

I am going to Dallas in a bit more than a week to take "Advanced Penetration Testing Course" by Joe McCray. Then, after a little break, I will start playing in exploitdb to recreate exploits.

After I completed the course modules I jumped on exploit-db and started recreating all of the buffer overflow exploits I could find. I would take one, strip out everything in the middle and try to get the same results. I probably recreated 50 exploits. The point of this was to get very familiar inside a debugger and to see first hand some of the obstacles you encounter when writing exploits.


BTW cd1zz, would you say this tactic paid off? Would you change anything in your preparation?

Thanks and congratulations again!!!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Tue May 03, 2011 8:25 pm

Re: OSCE Review

I've been putting off the CISSP but unfortunately I think its next for me. Nice work on getting through that.

For me, recreating exploits was key because I only knew basic assembly and had basic debugger skills. It forced me to become comfortable in a debugger and learn much more about assembly. For example, if the original author of an exploit wrote it as an EIP overwrite, I'd look for the SEH overwrite and rewrite it. If they didn't use an egghunter, I would add an egghunter. If the original author only wrote it for XP, I'd write it for Vista or 7. Using this method I managed to run into all kinds of issues I had to sort out.

My biggest weakness going into this course was on the web side. I wish I would have spent more time on this. I would recommend not only focusing on the exploit dev but understand exploiting all kinds of web apps.
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Wed May 04, 2011 5:24 am

Re: OSCE Review

Thanks cd1zz for your comments.

If the original author only wrote it for XP, I'd write it for Vista or 7

All my machines at home are 64 bits OS... I wanted to do the same as you and rewrite exploits at home, but I am a bit stock because of that...

Thanks for the advice on the web apps. It's true, we tend to focus more on the exploit development side...

Good luck for CISSP! PM me if you need some advice.
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

mambru

Jr. Member
Jr. Member

Posts: 98

Joined: Wed Jun 03, 2009 3:11 pm

Post Thu May 05, 2011 9:44 am

Re: OSCE Review

Congrats cd1zz! I know the pain of going through the CTP training and the challenge, and my time has come to suffer it again. Hopefully I'll be able to get my life back once I knock it off, unless I get hooked on with a new course.
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Sun May 08, 2011 8:40 am

Re: OSCE Review

KillJ0y wrote:Great review.  I will be signing up soon, definitely.  I promised my wife I would take a break after the OSCP.  ;D  Of course I did the FC4 already just to see if I could do it.  Thanks for the review.  You and MaXe had a great experience even with the pain. LOL.  I have to take this course.  I am really excited now.  Will it matter if someone uses BackTrack 5 instead of BackTrack 4 when taking the course??


It was fun, but all the glamour has almost worn off for me now lol ;D It won't matter which version of BackTrack you use, but different versions of Metasploit has different payloads, so you may want to grab an older version of Metasploit as well just in case if it doesn't work out. (There's more info on the student forums about this as well.)

There's a few other tools that requires different args as well, and some that works a little bit differently but this is just a part of the challenge in my opinion, so it shouldn't matter a lot since I didn't use BackTrack  ;)
I'm an InterN0T'er
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Wed May 11, 2011 12:26 pm

Re: OSCE Review

H1t M0nk3y wrote:All my machines at home are 64 bits OS... I wanted to do the same as you and rewrite exploits at home, but I am a bit stock because of that...


Why can't you load up 32 bit VMs on your 64 bit host?
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org
<<

Darktaurus

User avatar

Full Member
Full Member

Posts: 181

Joined: Thu Sep 03, 2009 8:48 am

Post Tue May 24, 2011 2:53 pm

Re: OSCE Review

Just wondering, is the book, "Fuzzing: Brute Force Vulnerability Discovery" by
Michael Sutton, et al a good book to pick up before taking the OSCE course? 
OSCE, OSCP, OSWP, CISSP, GPEN

www.agoonie.com
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Tue May 24, 2011 2:59 pm

Re: OSCE Review

I bought that book and found it to be useful at times during the course. I think its good to have in the arsenal regardless... I find myself referring to it more and more after I finished OSCE.
Next

Return to OSCP - Offensive Security Certified Professional

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software