superkojiman

Forum Replies Created

Viewing 15 posts - 1 through 15 (of 80 total)
  • Author
    Posts
  • #53579
     superkojiman 
    Participant

    Got around to finishing this finally. Thanks for a good challenge!

  • #53359
     superkojiman 
    Participant

    @caissyd wrote:

    Penetration Testing with Kali Linux will be available for purchase starting on 05 January, 2014. Offensive Security students and alumni will be receiving an email from us within the next week with information regarding discounted upgrades.

    I wonder how much the upgrade will be for those who already have PWB version 3.

    Also, I initially purchased PWB version 2 than upgraded to version 3. Although they have made many little improvements here and there, it wasn’t a complete re-write (obviously). So I wonder what would actually be different in this new version of the course, other than the Backtrack vs Kali differences…

    You should have received an email with information about the upgrade. Depending on when you took it, you’re eligible to upgrade at a discounted rate. Also, the Offsec Student forums have a bit more information about what’s new in the upgrade.

  • #53694
     superkojiman 
    Participant

    Once you hop on the IRC channel you should be able to find other students taking the course at approximately the same time as you. Freenode, #offsec

  • #53607
     superkojiman 
    Participant

    OSCE was the goal for 2013 and I accomplished it. For 2014, not sure yet. I might consider taking an advanced Windows exploitation course, either from Offsec or Corelan. Will have to see.

  • #53575
     superkojiman 
    Participant

    I started on it a few days ago. Got quite a bit of enumeration done, but hit a wall afters. I put it aside for a bit to focus on other things, but I’ll probably pick up on it again later this week.

  • #53266
     superkojiman 
    Participant

    Mac OS and Linux are actually not the same. OS X is more BSD than it is Linux. See https://en.wikipedia.org/wiki/OS_X and http://en.wikipedia.org/wiki/Linux

    Hacking isn’t something you learn over the weekend, it can take months of studying before you get to the good stuff. Here are some tips:

    1. Solid understanding of at least one or two operating systems. Preferably one that’s Unix based. Linux is a good pick. Can’t hack something if you don’t know how it works.

    2. At least one programming language, C, Python, Perl, and Ruby are popular. Assembly if you want to write exploits.

    3. Good grasp of networking. Learn how different networking protocols work, how to use tcpdump and Wireshark.

    4. Read and watch security related blogs and videos. Here are a few to start off with:
    http://carnal0wnage.attackresearch.com/
    http://www.irongeek.com/
    http://www.room362.com/blog/
    http://www.securitytube.net/
    http://opensecuritytraining.info/Training.html

    If it goes over your head, that just means you need to build up your foundation some more.

    5. Practice! Reading only gets you so far. http://www.vulnhub.com has numerous vulnerable virtual machines that you can hack to test your newfound knowledge. There are also online challenges at http://smashthestack.org/ and http://www.overthewire.org/wargames/ that cover both beginner and advanced materials.

  • #52597
     superkojiman 
    Participant

    @m0wgli wrote:

    @superkojiman wrote:

    I wouldn’t mind doing an eLearnSecurity course. Which ones are up for the taking?..

    Unless it’s changed:
    https://www.ethicalhacker.net/vitals/news/april-2013-free-giveaway-sponsor-elearnsecurity

    @don I’m already doing the eWPT, otherwise I’d have jumped at the chance.

    Cool. Well my web-app-hacking-fu is a bit weak, so I wouldn’t mind doing that one.

  • #52595
     superkojiman 
    Participant

    @don wrote:

    Hey All,

    For helping me during the transition, I need another thing from you. I need for you to accept some prizes. I know, this is a hard task. 😉

    I have Mile2 and eLearnSecurity courses to offer up. A few have accepted, but I have a few more slots to fill. Who’s interested?

    Don

    I wouldn’t mind doing an eLearnSecurity course. Which ones are up for the taking?

    Also, thanks for fixing the issue with Chrome browsers not showing checkboxes. Much appreciated.

  • #51845
     superkojiman 
    Participant

    @lepke wrote:

    It appears I am a little late to the party however, as an aspiring OSCE I just wanted to say thanks for the wealth of great information. I begin the course on 7/27, so this information will undoubtedly come in handy!

    I just finished the course a couple of weeks ago and I’m waiting to take the exam now. You’ll definitely have lots of fun. As with OSCP, be prepared to do your own research.

  • #53224
     superkojiman 
    Participant
  • #53202
     superkojiman 
    Participant

    Welcome!

  • #53196
     superkojiman 
    Participant

    Easy way to check if it’s something else blocking the exploit – setup a netcat listener on port 4444 on your victim machine. Then try connecting to it with netcat on your attacking machine. If it gets dropped, then there’s something sitting in between preventing it from connecting.

    If that works, then you need to examine the debugger closer. Do you know what’s causing it to crash? Maybe one of the functions being called when you attempt to connect is returning an error?

  • #53099
     superkojiman 
    Participant

    Wow that’s great. 🙂 I’m sure a lot of us here would appreciate it.

  • #53151
     superkojiman 
    Participant

    From the webpage:

    So, how do you get a poster? Well, you can click on the links above to download them. For a printed copy, if you are at SANSFIRE this week in Washington DC, we have passed them out in each of the penetration testing courses. If you are at SANS FIRE and didn’t get one, ask me or another pen test instructor for one, and we’ll gladly hand one to you. Also, tonight at the SANS NetWars event at SANSFIRE, we’ll have some posters for you.

    Furthermore, the posters are being included in the SANS postal mailing of upcoming big brochures. If you receive SANS brochures in the mail, be on the lookout for one with the Pen Test Poster. I’ve heard some people started receiving them this week already. It’ll be bundled with the brochure, so look carefully, and don’t throw it away.

  • #53047
     superkojiman 
    Participant

    On Backtrack, look at /pentest/enumeration. Lots of tools in there.

Viewing 15 posts - 1 through 15 (of 80 total)

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?