Dark_Knight

For the 542 just go with WAHH2.

The GPEN really isn’t all that bad. In fact it’s a great compliment to the OSCP as in addition to the technical stuff it also covers some of the business aspects of a pentest.

The material itself is good. What will make the difference is the labs. The OSCP lab environment is second to none. However, if you do a comparison of the material you will…[Read more]

hmmm I had no issues running this as is on KALI. Adding to from scapy import * did generate an error.

tsgrinder maybe….ncrack also now supports terminal services cracking…….anybody use these with success ?

Well we are not allowed to discuss the details of the exam. However, what I will say is this. Make sure you understand the course material.

Yeah so….I actually used the reverse_tcp meterpreter payload and not https. Also I didn’t stop the Smc.exe process. That is still running.

Stopping the Smc.exe process is smc -stop

As opposed to a smc -disable -ntp that targets the ntp. And ntp doesnt stay dead for very long. It comes back online in 5 minutes. I timed it 🙂

However even when…[Read more]

@dark_knight_baby wrote:

@Dark_Knight wrote:

Interesting name…….

coool we almost got the same name…hehehe dont tell me your a “batman” fan as well?  😀

Pretty much…my lab machines are called JOKER/BANE/GOTHAM…lol

Interesting name…….

@Agoonie wrote:

Great review! Could you get the kindle version of this or is it better to have the hardcover?

I have the kindle version and its not really an issue. It wraps sometimes but its ok…

@cd1zz wrote:

You know pentesting firms that don’t know what the OSCP is?

Ok…..but the real question is do they know what the CEH is ::) ::)
;D ;D

@MaXe wrote:

The course I recommended from BackTrack, is not that expensive:
http://www.offensive-security.com/information-security-training/penetration-testing-with-backtrack/ (750$, I recommend 60 days lab time)
and this: http://www.offensive-security.com/information-security-training/cracking-the-perimeter/ (1200$)

Don’t do OSCE without…

[Read more]

@cd1zz wrote:

I literally just had this last problem on the latest bug I posted. Just slapped together a blog post last night: http://www.pwnag3.com/2013/02/actfax-raw-server-exploit.html

Bottom line, you can cut up the payload easily. However, if you mess with the payload being sent sometimes the memory layout/registers will be completely…

[Read more]

This has been discussed several times on this site. A quick search should return useful results.

Welcome to EH.net

The new GXPN from what I have read is pretty solid. Seems to compliment the OSCE….

None of it makes sense………

Based on this http://blog.exploitlab.net/2013/02/defending-our-work-part-2-exploit-lab.html he did a whole lot more than just use the VM’s

This has got to be a MISTAKE!!!!! Given the likes of attrition.org and the infosec community at large, why would any sane individual in the community so BLATANTLY rip off some else’s work? And then go on to charge for it? Seriously??

Why would someone go to such great lengths at advertising a course that they STOLE? How could someone be so…[Read more]

WOW….it was him???? I saw the tweets but thought oh well…..interesting

If you haven’t done so already grab a copy of WAHH2(Web Application Hackers Handbook).

What they ^^^^^ said  🙂