Phillip Wylie

Forum Replies Created

Viewing 15 posts - 31 through 45 (of 102 total)
  • Author
    Posts
  • #52018
     Phillip Wylie 
    Participant

    @hayabusa wrote:

    @hanyhasan – The videos and PDF’s cover a lot, but because of the ‘adaptive’ nature of pentesting, there is expectation that not everything in the exam is going to be a ‘cut and dry’ example of something that was directly covered by the courseware, leaving the student to use their intuition and research skills to find answers, much like a live, real-world pentest would.

    @r0ckm4n – keep trying, keep studying, keep working at it.  Pass or fail, as impelse noted, you’re learning.  Experience, in this field, comes painfully, sometimes, but it’s well worth the effort, and shows your determination and dedication.

    Wishing you luck on the next (and hopefully final) attempt!  🙂

    Thanks, hyabusa! I learn more with each exam attempt. I was close on my last two exam attempts and I believe I will pass it next time.

  • #52017
     Phillip Wylie 
    Participant

    @hanyhasan wrote:

    @r0ckm4n wrote:

    I failed again, but I was so close. I rooted 3 servers giving me 55 points and I had low level access to 2 other servers, but time ran out before I could get root. I will be retaking the exam on June 22 at the latest.

    Hard luck , never give up and i was only scared from taking CCIE ” from Cisco ”  ???. I read the subject from the beginning and let me asking you why there is no support from the trainer or does the material ” Videos & PDF ” not covering those attacks . The CCIE exam is about troubleshoot the network and more you practice to solve the network issues the faster you can solve the exam and pass but the material does cover the exam objective . Hard luck again & sorry i talked about Cisco here  ;D. Forget about my English every 1  ::)

    Thanks and I won’t give up. I am more determined.

    There is a lot of missing instruction from the course materials, but I have learned a lot. It seems to be there teaching approach and it is working, but if it was covered more in depth it would take as long.

  • #52016
     Phillip Wylie 
    Participant

    @impelse wrote:

    If you see you are becoming a serius pentester, you keep rooting those boxes in the lab, you attempt to hack 5 servers in 24 hours, with a lot of pressure specially coming from the time frame of the exam and from yourself, normally in a pentest you do not have those shorts time (5 servers in 24 hours, LOL).

    So if you can hack in those circumstances in the exam how is the real pentest?, sure you will be able to hack them and outside the box, without automatic expensive tools (I am not saying you will not use them).

    At the end you are wining and wining every time to attempt the exam, it is not lost, it will pay off.

    Actually I am a pentester and you are correct about getting more time. I needed to improve my hacking skills and that’s why I took this course. I had experience with vulnerability assessments and automated tools.

  • #52970
     Phillip Wylie 
    Participant

    Some good advice from the others. I have taken courses from eLearnSecurity, Offensive Security, Hacking Dojo (before it was called Hacking Dojo), and a CEH course. I learned the least from the CEH course. The CEH course taught me how to use individual tools, but not putting it together using a methodology. These other courses go beyond just teaching you the tools. I would recommend starting with eLearnSecurity or Hacking Dojo and Offensive Security after you have a better understanding of pentesting.

  • #52012
     Phillip Wylie 
    Participant

    @impelse wrote:

    Every book about hacking I read always tell you patience will always pay off, you try hard and harder, you will get it and it will pay off, why because you really are learning the stuff, keep drilling, you will get it.

    Also you inspire us, good.

    Thank you for the encouragement, impelse!

    I am even more determined and once I pass, it will mean even more to me. When I think of where my skills and knowledge was at a little over a year ago, I am amazed at what I have learned. Since I started really hitting this course hard back around the holidays, it has paid off even more. At first it was forcing myself to study and now I have to force myself to do other things outside of this.

  • #52010
     Phillip Wylie 
    Participant

    I failed again, but I was so close. I rooted 3 servers giving me 55 points and I had low level access to 2 other servers, but time ran out before I could get root. I will be retaking the exam on June 22 at the latest.

  • #52921
     Phillip Wylie 
    Participant

    Good luck!

  • #52934
     Phillip Wylie 
    Participant

    Good luck!

  • #52919
     Phillip Wylie 
    Participant

    Good luck!

  • #52775
     Phillip Wylie 
    Participant

    @m0wgli wrote:

    @r0ckm4n wrote:

    @armando wrote:

    Wow, we seriously had the most busy days of our company’s history!
    Anyway, let’s answer some questions from current students:
    1) 50% OFF for the eCPPT Gold voucher expired yesterday
    2) 50% OFF for the WAPT course will expire on May 31st

    I wished I would have waited longer to sign up. I figured the 30% offered during the WAPT launch event would have been the best offer I could get.

    The 50% off offer is for existing eLearnSecurity students.

    Oops, I missed that. Thanks for pointing that out, m0wgli.

  • #52773
     Phillip Wylie 
    Participant

    @armando wrote:

    Wow, we seriously had the most busy days of our company’s history!
    Anyway, let’s answer some questions from current students:
    1) 50% OFF for the eCPPT Gold voucher expired yesterday
    2) 50% OFF for the WAPT course will expire on May 31st

    I wished I would have waited longer to sign up. I figured the 30% offered during the WAPT launch event would have been the best offer I could get.

  • #52892
     Phillip Wylie 
    Participant

    Congrats, that’s awesome!

  • #52007
     Phillip Wylie 
    Participant

    My root count is up to 34 servers. I had a social engineering assignment last week and it allow for as much lab time.

  • #52006
     Phillip Wylie 
    Participant

    @ajohnson wrote:

    Along those lines, try just launching MMC and then adding the snap-in(s) you need.

    Awesome idea, thanks!

    If you have other ideas I would like to hear them. I know I may not be doing things the optimal way and would like to have more options.

  • #52004
     Phillip Wylie 
    Participant

    @azmatt wrote:

    Great job man, you’re knocking them down by the half dozen.

    Any new revelations or skills this past week?

    Thanks, azmatt! My RFI skills have improved a lot since the exam. I am starting to think like a hacker, for a lack of better terms. I was making some big mistakes on my last exam attempt and prior to that. One example was not scanning all 65,535 ports. There were ports and services I wasn’t detecting. I figured out something yesterday that was a big help. I ran an exploit that gave me system level access to cmd.exe, but it limited me to on that command prompt. So I tried adding another account to the local administrators group, but I got an error and could not add the account. So I discovered if I launched programs or admin tools from the command prompt, they ran with system level access. So I did some Googling and found a solution. You run this from the command line “control userpasswords2” and it launched the user manager utility. The control part of that syntax refers to the control panel. So if you know the other names for the other control panel apps/utilities, you can launch them from the command line. My Windows local privilege escalation skills have improved over the past two weeks. I learned another cool tick, which is how to turnoff the Windows firewall from the command line, which is “netsh firewall set opmode disable”. That comes in handing when you only have shell access to a Windows box. Then you can connect with remote desktop. More lab time was my key to improvement. I am doing the things you hear everyone say, like sticking to one server at a time and enumeration, enumeration. I am confident I will do a lot better on my exam retake.

Viewing 15 posts - 31 through 45 (of 102 total)

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?