-
apollo replied to the topic Help needed understanding memory locations in gdb in the forum Programming 6 years, 1 month ago
However if I do the same and show 5 words i get this:
Ex: 4
Code:
(gdb) x/5xw 0xbffff834
0xbffff834: 0x00000005 0xbffff898 0xb7eafebc 0x00000001
0xbffff844: 0xbffff8c4
Here is what is going on. 4 words = 16 bytes. What you are seeing here is the 5 words, printing out 16 bytes at a time for readability. The first grouping of…[Read more]
-
apollo replied to the topic Plaintext passwords emailed? For shame in the forum News Items and General Discussion About EH-Net 8 years, 7 months ago
@DragonGorge wrote:
I think we all agree that plain text passwords are not a good idea. And while this is “just a forum”, to me it’s a matter of practicing what you preach. However, in saying that, I don’t really know how much extra effort is required to go from plain text to hashed/encrypted so maybe this is a case where the cost isn’t worth the…
-
apollo replied to the topic a word list of numbers in the forum Network Pen Testing 8 years, 8 months ago
If you’re doing this freqeutnly, I’d tke a look at hashcat (http://www.hashcat.net). It has the ability to do a mask attack, and you can easily setup brute lists with just numbers using the masks. This saves disk space when you want to enumerate over large groups in a static pattern.
-
apollo replied to the topic [Article]-Video Review: Cobalt Strike Penetration Testing Software in the forum Linn 8 years, 8 months ago
Just to be clear, Cobalt Strike leverages Metasploit for a lot of it’s attacks. It’s a further development for the Armitage front end that acts as a Java based front end for Metasploit, but Cobalt Strike has addressed a lot of the workflow, reporting, and other automation that isn’t easy from within Armitage, Metasploit base install or other…[Read more]
-
apollo replied to the topic [Article]-Book Review: Coding for Penetration Testers in the forum Book Reviews 8 years, 9 months ago
@chrisj wrote:
I’ve still got to read that. I’m a little disappointed there was no C/C++ or Assembler primer. Since I need help on those for the ElearnSec class. But still happy I have a copy. Maybe I’ll get to read it soon, like around October.
What sort of things would you like to see with c/c++/asm ? I’m pretty sure we can build a whole…[Read more]
-
apollo replied to the topic Help writing exploit in the forum Network Pen Testing 9 years, 12 months ago
It does have a Metasploit module. Have you tried reading the source to figure out what’s going on?
Theres a whole set of info on bypassing NX protection in the comments, as well as information about the handle you have to bind to as well as the type of dceprc call that triggers the vulnerability. I was currious what additional info was in th…[Read more]
-
apollo replied to the topic OSCE vs OSCP in the forum OSCP – Offensive Security Certified Professional 10 years ago
The thing that will help you most in OSCE is to verify you really understand each lesson as it is presented. For instance, you will be walked through an exercise, then you will have to complete it on your own. You should try this:
1) Do the exercise with the video
2) At end of chapter, re-create the exercise referencing the manual
3) Rinse a…[Read more] -
apollo replied to the topic [Article]-Course Review: Cracking the Perimeter by Offensive Security in the forum Linn 10 years, 2 months ago
Hehe.. NOP is a funny little cert. Immunity is still offering it it seems based on their site, but I think it started out as a marketing tool. The deal was, get a random vulnerable binary, and see if you can write a working sploit in 45 mins using immunity debugger and their drag and drop sploit creation tool. You end up having to understand ho…[Read more]
-
apollo replied to the topic [Article]-Course Review: Cracking the Perimeter by Offensive Security in the forum Linn 10 years, 2 months ago
MaXe is spot on. You don’t have to be able to write assembly, but you generally need to get binary math (bit shifting, OR, AND, XOR etc) and you should have a base understanding of registers from PWB. From there, if you have a good assembly reference you can look stuff up, but the more you’ve dealt with looking at assembly the faster you wi…[Read more]
-
apollo replied to the topic PHP: Remote Code Execution and File Transfer in the forum Programming 10 years, 3 months ago
Check out http://sourceforge.net/projects/laudanum/ . They have some things that will do what you want. There are also some cleansed versions of what the evil folks out there are using. They have some advanced functionality such as ability to escalate privileges, deal with databases, etc.
Then, there’s a fun one. If you can turn it into a re…[Read more]
-
apollo replied to the topic CCNA info in the forum General Certification 10 years, 3 months ago
For the CCNA, you can use y200emu emulator. Unless they have changed it substantially since i took it, most of the links required are serial, and most of the things you will have to do should work within the emulator, and most of all, no hardware required.
http://7200emu.hacki.at/index.php
They even have sample virtual lab setups for CCNA.
-
apollo replied to the topic Nmap Scripting Engine Tutorial in the forum Tutorials 10 years, 3 months ago
NSE’s are written in LUA. The biggest challenge when I was working on NSE devel is that LUA is missing some things I really wanted. Read a basic LUA tutorial, and then on the Nmap site in the docs there’s a section dedicated to working with NSEs. Once you understand the basics, you can look at the stock stuff to figure out more. The big thi…[Read more]
-
apollo replied to the topic Convincing upper management in the forum Other 10 years, 3 months ago
So, their response isn’t business related it’s emotional. So, in my opinion, you need to make an emotional case as well as a business case.
For instance, knowing that during an outage, it cost you X, but it may have also meant that a manager had to explain him/herself to someone. Nobody wants to be at the helm when the ship hits the ic…[Read more]
-
apollo replied to the topic Exam soon! in the forum OSCP – Offensive Security Certified Professional 10 years, 3 months ago
Good luck! OSCE was extremely challenging. Knowing what you do now, I’m sure it will help a lot on the next attempt. Let us know how you do!
H1t M0nk3y, that wasn’t my understanding, so thanks for sharing your experience.
-
apollo replied to the topic Exam soon! in the forum OSCP – Offensive Security Certified Professional 10 years, 3 months ago
There is another aspect to remember here in addition to the time management. Your bonus points from the class (I assume you did them, if you didn’t get started now) apply to your final score. So, you don’t have to get everything, you just have to get enough points to add up with your bonus points to pass. I would say don’t shoot for 100%, in…[Read more]
-
apollo replied to the topic metasploit php in the forum Web Applications 10 years, 4 months ago
exploit-db and search for Lan Party:
http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=lan+partyThat will get you a pretty easy to configure app with mysql that it works great with. That’s what I’ve done demos on, it was very easy. If you have an up to date securely configured PHP, you will have to undo things t…[Read more]
-
apollo replied to the topic SecTor 2010 in the forum Calendar Of Events 10 years, 4 months ago
Just wanted to bump this up. I’m going to be speaking again this year and they have a good lineup. If you have the opportunity, you should really try to make it. There are a number of things which differentiate SecTor from other conferences. First of all, you can expect the same quality of speakers you see at other large security con…[Read more]
-
apollo replied to the topic OSCP Walkthrough in the forum OSCP – Offensive Security Certified Professional 10 years, 5 months ago
I did v2. I haven’t seen the content for v3 so no idea on the comparison.
I will look back at my leo files, but I don’t think I used any sploits off the web. I think everything I used was milw0rm or exploitdb.
-
apollo replied to the topic OSCP Walkthrough in the forum OSCP – Offensive Security Certified Professional 10 years, 5 months ago
I’m working on the OSCE writeup right now. I hope to have it done within the next week or so. It was a heck of a course.
I got all the boxes on the OSCP. To get a perfect score, from my experience, you need to understand everything you did from the course well enough that you are only going back to reference commands and not techniques. I did…[Read more]
-
apollo replied to the topic OSCP Walkthrough in the forum OSCP – Offensive Security Certified Professional 10 years, 5 months ago
j0rDy, I can relate to your feelings on doing the “humane” thing. Based off of my experience, if you have gotten all of the boxes in the lab, then you probably can get a passing score on the exam.
I figured out something interesting about offsec courses doing the “Cracking the Perimeter”/OSCE content over the past month. While they certainly d…[Read more]
- Load More