.

interception proxy allow (eg. free version burp or paros) in exam?

interception proxy allow (eg. free version burp or paros) in exam?

yes
3
100%
no
0
No votes
 
Total votes : 3
<<

stock99

User avatar

Newbie
Newbie

Posts: 3

Joined: Wed Feb 08, 2012 10:32 pm

Post Sat Feb 25, 2012 1:36 am

interception proxy allow (eg. free version burp or paros) in exam?

HI,

I understand that the oscp is designed to make us do the pentest without automated tool.  But is interception proxy (free version burp) or paros allow to be used in the challenges exam?  Or are we expected to manually test web application vulnerability via browser?  


Also, another question for the exam, do we get a similar set up like in the lap (where we get access to an xp machine) or more like actual blackbox pentest that we start with an ip address?
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Sat Feb 25, 2012 8:16 am

Re: interception proxy allow (eg. free version burp or paros) in exam?

I don't see why your poll has the same question twice (would've been better with a yes or no poll), but yes, you can use burp or paros, as they won't automatically give you root like Metasploit with e.g., Armitage can do  :)

Sometimes, you have to use an intercepting proxy to perform specific types of web application attacks, and the spider function is just to help you find available files to perhaps play with.
(You still have to use other tools or do it manually afterward, and don't rely 100% on the tools in case they fail, because they can do that a lot when it comes to filters and e.g., unusual SQL Injection.)

Tamper Data in FireFox, is much like an intercepting proxy too except that it doesn't have a spider function as far as I know, but you can definitely use that.

An intercepting proxy is not really cheating, as it allows you to intercept and modify requests, before they're sent, which is useful for e.g., modifying headers. If you didn't use an intercepting proxy of some sort, you would have to e.g., capture the traffic in Wireshark and write scripts in perhaps Python with custom headers, in case a header was an injection point.

About the actual exam, it'll most likely be like a blackbox pentest just as described on the website. You will get more info about this, when you do the actual exam.
Last edited by MaXe on Sat Feb 25, 2012 8:18 am, edited 1 time in total.
I'm an InterN0T'er
<<

stock99

User avatar

Newbie
Newbie

Posts: 3

Joined: Wed Feb 08, 2012 10:32 pm

Post Sun Feb 26, 2012 12:06 am

Re: interception proxy allow (eg. free version burp or paros) in exam?

sorry for the poll, I must have clicked on the wrong option when posting the thread. So i simply put something there in order to post it.  Any way I can remove it?

Thanks for the thorough response.  I guess I can assume the bottom line for the exam preparation is to focus to own the target within the given constraint(things like using metasploit once , ips in place and absence of access to certain tools, etc).  

By the way, I am just wondering, if there is a value to sit for the exam to see those constraints used in exam? I am not aim to pass it the first time but hopefully pass it sometime this year or next year.  For me I need to get this certificate to get my pentest career started(as per my last interviewer).
Last edited by stock99 on Sun Feb 26, 2012 12:11 am, edited 1 time in total.
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Sun Feb 26, 2012 10:39 am

Re: interception proxy allow (eg. free version burp or paros) in exam?

Yes there's a huge value in doing the exam, whether you pass it or not. If you don't pass, you will (hopefully) know where to improve (as I did with OSCE), and become even better. You will also learn how to work under stress during a pentest, and to manage your time the best you're able to.  :)
I'm an InterN0T'er
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Sun Feb 26, 2012 10:52 am

Re: interception proxy allow (eg. free version burp or paros) in exam?

+ 1 to your last interviewer for recommending OSCP!

Don't over think the OSCP, just dive in and see how it goes. There are too many things going on to try and pin it down for the exam. It's more about the experience, and if you enjoy the experience, you'll likely do fine on the exam.
<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Thu Mar 01, 2012 3:26 am

Re: interception proxy allow (eg. free version burp or paros) in exam?

yes, it is allowed...the only restrictions are on metasploit and other (automated) pwntools like canvas...good luck!
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net

Return to OSCP - Offensive Security Certified Professional

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software