sternone wrote:I will tonight also look on amazon what good beginners books I could buy for some more Assembly information. Any advise ?
As mentioned, Security Tube has a good Linux assembly primer available. I'm not of the fan of the AT&T-style syntax, so make it a homework lessen to convert the examples to Intel-style and use nasm instead http://www.securitytube.net/groups?oper ... &groupId=5
http://www.amazon.com/Assembly-Language ... s=assembly is the best written resource I've found for getting started in assembly. Some of the reviews bash it over a chapter where he uses a weird analogy to explain counting in bases other than 10. I agree, it's weird. However, you should already know how to convert between hex, binary, and decimal, so just skip it. The other problem is that the debugger he used was unfortunately dropped from the Ubuntu repo shortly after the book was published. Just use Evan's Debugger or grab an old version of Ubuntu (8.10 works, I believe). This is another Linux resource. You'll probably be working mostly on Windows, but aside from the system calls, it's going to be nearly identical because it's the same hardware. This book uses the Intel-style syntax.
http://www.amazon.com/Professional-Asse ... s=assembly goes beyond the book I referenced above (and is actually mentioned as a next-step at the end). This probably goes above-and-beyond what you're looking for at the moment. It covers floating-point arithmetic and various extensions to the instruction set over the years (at least up until 2005 when it was published). It's an interesting read, but like I said, probably not entirely relevant. This book unfortunately uses the AT&T-style syntax, but it's another opportunity to practice converting the examples to Intel-style (granted, you'll probably find a lot of AT&T-style examples in the Linux world, so it's good to be acquainted with both)
As awesec mentioned, the Intel developer docs are going to be your end-goal. You're not going to find a more complete and comprehensive resource.
sternone wrote:Unicorn doesn't allow you to give 200-254 as an option for hosts, you need Unicorn to give 192/26 or 0/24, that's why I ran into trouble...
Not the best use of unicorn scan, but:
for i in `seq 200 254`; do unicornscan -p p 192.168.1.$i; done
You could also use the largest range within the limit and use the above for the stragglers.
sh4d0wmanPP wrote:Hmm, I really wanna do this course but lack the time right now. I can recommend Smashthestack.org IO challenges for anybody that wants to improve their exploitation skills before opting for OSCP. I found it beneficial as it improved my gdb knowledge and general Linux exploitation skills.
Currently contemplating if I should do eCPPT in the mean time (since they have flexible labtime) but a bit scared I know most of it already.
If you need custom shellcode and have no access to metasploit, this is a good resource: http://www.shell-storm.org/
Yes, nice links. Remember that exploit-db.com has a lot of custom shellcode as well.