Forum Replies Created
December 29, 2013 at 7:55 am #53579
Got around to finishing this finally. Thanks for a good challenge!
December 21, 2013 at 5:37 pm #53359
Penetration Testing with Kali Linux will be available for purchase starting on 05 January, 2014. Offensive Security students and alumni will be receiving an email from us within the next week with information regarding discounted upgrades.
I wonder how much the upgrade will be for those who already have PWB version 3.
Also, I initially purchased PWB version 2 than upgraded to version 3. Although they have made many little improvements here and there, it wasn’t a complete re-write (obviously). So I wonder what would actually be different in this new version of the course, other than the Backtrack vs Kali differences…
You should have received an email with information about the upgrade. Depending on when you took it, you’re eligible to upgrade at a discounted rate. Also, the Offsec Student forums have a bit more information about what’s new in the upgrade.
December 9, 2013 at 6:42 pm #53694
Once you hop on the IRC channel you should be able to find other students taking the course at approximately the same time as you. Freenode, #offsec
October 28, 2013 at 5:12 pm #53607
OSCE was the goal for 2013 and I accomplished it. For 2014, not sure yet. I might consider taking an advanced Windows exploitation course, either from Offsec or Corelan. Will have to see.
October 28, 2013 at 3:28 am #53575
I started on it a few days ago. Got quite a bit of enumeration done, but hit a wall afters. I put it aside for a bit to focus on other things, but I’ll probably pick up on it again later this week.
July 25, 2013 at 6:32 am #53266
Hacking isn’t something you learn over the weekend, it can take months of studying before you get to the good stuff. Here are some tips:
1. Solid understanding of at least one or two operating systems. Preferably one that’s Unix based. Linux is a good pick. Can’t hack something if you don’t know how it works.
2. At least one programming language, C, Python, Perl, and Ruby are popular. Assembly if you want to write exploits.
3. Good grasp of networking. Learn how different networking protocols work, how to use tcpdump and Wireshark.
4. Read and watch security related blogs and videos. Here are a few to start off with:
If it goes over your head, that just means you need to build up your foundation some more.
5. Practice! Reading only gets you so far. http://www.vulnhub.com has numerous vulnerable virtual machines that you can hack to test your newfound knowledge. There are also online challenges at http://smashthestack.org/ and http://www.overthewire.org/wargames/ that cover both beginner and advanced materials.
July 12, 2013 at 10:19 pm #52597
I wouldn’t mind doing an eLearnSecurity course. Which ones are up for the taking?..
@don I’m already doing the eWPT, otherwise I’d have jumped at the chance.
Cool. Well my web-app-hacking-fu is a bit weak, so I wouldn’t mind doing that one.
July 12, 2013 at 6:44 pm #52595
For helping me during the transition, I need another thing from you. I need for you to accept some prizes. I know, this is a hard task. 😉
I have Mile2 and eLearnSecurity courses to offer up. A few have accepted, but I have a few more slots to fill. Who’s interested?
I wouldn’t mind doing an eLearnSecurity course. Which ones are up for the taking?
Also, thanks for fixing the issue with Chrome browsers not showing checkboxes. Much appreciated.
July 11, 2013 at 5:49 pm #51845
It appears I am a little late to the party however, as an aspiring OSCE I just wanted to say thanks for the wealth of great information. I begin the course on 7/27, so this information will undoubtedly come in handy!
I just finished the course a couple of weeks ago and I’m waiting to take the exam now. You’ll definitely have lots of fun. As with OSCP, be prepared to do your own research.
July 3, 2013 at 11:22 pm #53224
The Alfa AWUS036H is a pretty safe bet.
July 2, 2013 at 12:12 am #53202
July 1, 2013 at 9:13 pm #53196
Easy way to check if it’s something else blocking the exploit – setup a netcat listener on port 4444 on your victim machine. Then try connecting to it with netcat on your attacking machine. If it gets dropped, then there’s something sitting in between preventing it from connecting.
If that works, then you need to examine the debugger closer. Do you know what’s causing it to crash? Maybe one of the functions being called when you attempt to connect is returning an error?
June 22, 2013 at 4:13 am #53099
Wow that’s great. 🙂 I’m sure a lot of us here would appreciate it.
June 21, 2013 at 2:08 pm #53151
From the webpage:
So, how do you get a poster? Well, you can click on the links above to download them. For a printed copy, if you are at SANSFIRE this week in Washington DC, we have passed them out in each of the penetration testing courses. If you are at SANS FIRE and didn’t get one, ask me or another pen test instructor for one, and we’ll gladly hand one to you. Also, tonight at the SANS NetWars event at SANSFIRE, we’ll have some posters for you.
Furthermore, the posters are being included in the SANS postal mailing of upcoming big brochures. If you receive SANS brochures in the mail, be on the lookout for one with the Pen Test Poster. I’ve heard some people started receiving them this week already. It’ll be bundled with the brochure, so look carefully, and don’t throw it away.
June 19, 2013 at 10:57 am #53047
On Backtrack, look at /pentest/enumeration. Lots of tools in there.