Forum Replies Created
December 11, 2013 at 2:07 am #53691
For the 542 just go with WAHH2.
November 29, 2013 at 5:26 am #53638
The GPEN really isn’t all that bad. In fact it’s a great compliment to the OSCP as in addition to the technical stuff it also covers some of the business aspects of a pentest.
The material itself is good. What will make the difference is the labs. The OSCP lab environment is second to none. However, if you do a comparison of the material you will see they are pretty similar. In fact there some sections that are better covered in the GPEN….but the labs are what will get yah..
I have not done the eCPPT, but if your company is paying for the GPEN then go for it. If it’s out of pocket that’s a different ballgame.
May 10, 2013 at 6:18 pm #52942
hmmm I had no issues running this as is on KALI. Adding to from scapy import * did generate an error.
March 17, 2013 at 3:18 am #52312
tsgrinder maybe….ncrack also now supports terminal services cracking…….anybody use these with success ?
March 12, 2013 at 11:26 pm #52221
Well we are not allowed to discuss the details of the exam. However, what I will say is this. Make sure you understand the course material.
March 12, 2013 at 8:21 pm #52209
Yeah so….I actually used the reverse_tcp meterpreter payload and not https. Also I didn’t stop the Smc.exe process. That is still running.
Stopping the Smc.exe process is smc -stop
As opposed to a smc -disable -ntp that targets the ntp. And ntp doesnt stay dead for very long. It comes back online in 5 minutes. I timed it 🙂
However even when it does it won’t kill your meterpreter session 🙂
I tell you though I havn’t looked at c++ in a while though……
March 10, 2013 at 3:50 am #52193
March 8, 2013 at 7:41 pm #52191
March 1, 2013 at 6:40 pm #52135
Great review! Could you get the kindle version of this or is it better to have the hardcover?
I have the kindle version and its not really an issue. It wraps sometimes but its ok…
March 1, 2013 at 4:09 pm #52152
February 25, 2013 at 5:41 am #52094
The course I recommended from BackTrack, is not that expensive:
http://www.offensive-security.com/information-security-training/penetration-testing-with-backtrack/ (750$, I recommend 60 days lab time)
and this: http://www.offensive-security.com/information-security-training/cracking-the-perimeter/ (1200$)
Don’t do OSCE without knowing quite a bit about hacking first, as it’s really a killer if you don’t know a sufficient amount of hacking.
It’s a killer period 🙂
February 25, 2013 at 4:15 am #51905
I literally just had this last problem on the latest bug I posted. Just slapped together a blog post last night: http://www.pwnag3.com/2013/02/actfax-raw-server-exploit.html
Bottom line, you can cut up the payload easily. However, if you mess with the payload being sent sometimes the memory layout/registers will be completely different and show you something better or worse. In my case, 4 bytes literally changed the entire structure…
I decided to throw my hat in the ring as well. Of course cd1zz has already done the heavy lifting and its not as sexy 🙂
February 21, 2013 at 5:21 pm #52055
This has been discussed several times on this site. A quick search should return useful results.
Welcome to EH.net
February 13, 2013 at 4:40 pm #49311
The new GXPN from what I have read is pretty solid. Seems to compliment the OSCE….
February 12, 2013 at 3:35 am #51489
None of it makes sense………