ECSA review

1246

Comments

  • dkorzhevindkorzhevin Member Posts: 51 ■■■□□□□□□□
    minhnt wrote: »
    have you finished challenge 5. Bruteforce not effect icon_sad.gif

    Follow EC-Council methodology and check everything you can about target host.
  • xxxkaliboyxxxxxxkaliboyxxx Member Posts: 466
    dkorzhevin wrote: »
    1. You should use something more than -pn and -T flags to scan faster. I found many useful options in official docs (man page)
    2. I believe, that all servers reply to ICMP queries.
    3. MassScan - cool thing, but nmap should be more than enough :) Regarding Angry IP - I'd suggest not look at windows tools at all, not waste time and stick with Kali toolset only.

    Hey man/women, whatever helps. I'm by no means a expert, just trying help and a few of those things should speed up the scan. With that said, thanks for the clarification, hopefully it helps someone who is having trouble with scanning.
    Studying: GPEN
    Reading
    : SANS SEC560
    Upcoming Exam: GPEN
  • ElegyxElegyx Member Posts: 66 ■■□□□□□□□□
    Hey man/women, whatever helps. I'm by no means a expert, just trying help and a few of those things should speed up the scan. With that said, thanks for the clarification, hopefully it helps someone who is having trouble with scanning.

    SuperScan is my friend :). Appreciate the tip to look at other options besides NMap. Spot on.
  • faiz1977faiz1977 Member Posts: 7 ■□□□□□□□□□
    Got my exam voucher... Coming thurday will be certified or retake....
  • faiz1977faiz1977 Member Posts: 7 ■□□□□□□□□□
    masscan can be done for 10.0.0.0/8 ...used -T5 should take u 6 hours for 172
  • faiz1977faiz1977 Member Posts: 7 ■□□□□□□□□□
    masscan is good but the sad new if ur using it. u need to all the port and operating system, masscan wont give you that kinda stuff at the end you need nmap. I dont know to what extend can we help here before getting kickout :)...so just want to stick to minimum support..
    always follow..for any professional work u need to follow
    nmap..check ports and service running
    nessus or openvas for vulnerabilities
    rapid7 for exploits available
    kali 1 or 2 for exploiting....
  • [Deleted User][Deleted User] Senior Member Posts: 0 ■■□□□□□□□□
    Well taking the MCQ part of ECSA today! Just doing some final review! Hope all goes well. Will post how I do after.
  • [Deleted User][Deleted User] Senior Member Posts: 0 ■■□□□□□□□□
    Well passed the ECSA MCQ exam!! I was shocked to see that it actually was a hard exam! Glad to have this finished to top off 2017 with a bang!! Next year will be even more intense!! :D
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
  • faiz1977faiz1977 Member Posts: 7 ■□□□□□□□□□
  • higherhohigherho Member Posts: 882
    Remember all. These boxes are easy to crack and you have multiple ways to crack them because of that. Most of the challenges allows you to do whatever way you wish as long as you get the answer they are asking for. Two of the challenges ask you do to something specific and that's about it. Think outside the box, do not fall into the tool trap and think it will give you your answer all the time.
  • imnotyourhero777imnotyourhero777 Registered Users Posts: 1 ■□□□□□□□□□
    All the bruit force is driving me batty. To may word lists on multiple servers in multiple directories and tools they never go over. I have only gotten metasploit to work for one server but the rest dont seem to have remote exploits. I have figured out a few things so I'm willing to help with some challenges if you can help with others. These labs are so slow!
  • rgsurfsrgsurfs Registered Users Posts: 1 ■□□□□□□□□□
    Any hints on Challenge #4 ??? port 21,22 or 23 ???? I'm stuck at the moment.
  • ElegyxElegyx Member Posts: 66 ■■□□□□□□□□
    Challenge #7 has been absolutely killing me. There's a whole stack of PHP vulnerabilities but none of the modules in metasploit are working whatsoever.
  • [Deleted User][Deleted User] Senior Member Posts: 0 ■■□□□□□□□□
    This really isn't that hard of an exam!! You shouldn't be coming to a forum and asking for help. It's a certification that you need to do on your own. Follow the methodology and read your ECSA manual. Also, you only need 70 points to pass the lab. You don't need to complete all the challenges.
  • truepentesttruepentest Member Posts: 7 ■□□□□□□□□□
    Hello Walter,
    Did you get any tip for the challenge 3 ? Port 21 is wrapped and I don't see any interesting hidden directory on the webserver... I am clueless !
    Thanks
    TP
  • SaSkillerSaSkiller Member Posts: 337 ■■■□□□□□□□
    Wait, ECSA requires a lab now?
    OSWP, GPEN, GWAPT, GCIH, CPT, CCENT, CompTIA Trio.
  • truepentesttruepentest Member Posts: 7 ■□□□□□□□□□
    Hello Mike,
    Can you tell us more about your eCPPT studies please ? I didn't know about it, I checked on their website and it looks quite interesting. Prices are affordable, course are available for lifetime which is very different from EC Council.
    I am myself CEH from EC Council and I am working now on the ECSA.
    Thanks
    TP
  • truepentesttruepentest Member Posts: 7 ■□□□□□□□□□
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    Can you tell us more about your eCPPT studies please ?
    The eCPPT certification is not that well recognized but I like the material as they are more up to date and advanced.
    You can request for a sampler trial at https://www.elearnsecurity.com/course/penetration_testing/

    If you are really keen on pen testing, I suggest you explore OSCP.
  • truepentesttruepentest Member Posts: 7 ■□□□□□□□□□
    Thank you Mike for your reply. I have the feeling OSCP focus more on rooting and exploiting the machine than writing reports in the context of a professional approach. I need to pass OSCP but I think I am not ready yet. Not fast enough for OSCP.
    About the challenge n. 5, I was able to find the service on a different port where it used to be but it doesn't look like that vulnerable... Enum user (using time response) doesn't even throw any good info... It's been 2 days I am on n.5... When I say I am not fast enough. Got the password of arnold though..
  • truepentesttruepentest Member Posts: 7 ■□□□□□□□□□
    I gave up with challenge 5. I think the unusual port which runs the well known service is a rabbit hole.
  • RSMCT2011RSMCT2011 Member Posts: 6 ■■□□□□□□□□
    I have completed challenges 1,2,4,6,9,10 ; anyone wants to join for study group/private discussion, please PM me. Thank you
  • RSMCT2011RSMCT2011 Member Posts: 6 ■■□□□□□□□□
    Are you still doing this? we can share. Please PM me. Thank you
  • RSMCT2011RSMCT2011 Member Posts: 6 ■■□□□□□□□□
    RSMCT2011 wrote: »
    I have completed challenges 1,2,4,6,9,10 ; anyone wants to join for study group/private discussion, please PM me. Thank you

    Guys, today is fruitful for me, I managed to complete Challenge 5, & 8 ; and lab 3 is half way done.
    so now only left 7 & 11. all of them are web applications. I plan to complete those 2 challenges this weekend.
    If you have some advises, please PM me. also if you are still doing it, please join me and I can share what I did with you.

    Cheers
  • RSMCT2011RSMCT2011 Member Posts: 6 ■■□□□□□□□□
    I gave up with challenge 5. I think the unusual port which runs the well known service is a rabbit hole.

    You got Arnold's password ? If yes then
    It's just two clicks away from getting the excel file.

    Don't give up mate.
  • RSMCT2011RSMCT2011 Member Posts: 6 ■■□□□□□□□□
    rgsurfs wrote: »
    Any hints on Challenge #4 ??? port 21,22 or 23 ???? I'm stuck at the moment.

    It's port 22 ; standard SSH Attack
  • RSMCT2011RSMCT2011 Member Posts: 6 ■■□□□□□□□□
    Hello Walter,
    Did you get any tip for the challenge 3 ? Port 21 is wrapped and I don't see any interesting hidden directory on the webserver... I am clueless !
    Thanks
    TP

    I managed to get ubuntu's root password and still figuring out how to use it to logon as SSH is disabled. I saw port 80 is open and running apache
  • WiSiPiWiSiPi Member Posts: 9 ■□□□□□□□□□
    Just started,

    Completed Challenges: 1, 2, 3, 4, 5, 6, 7
    Not yet Completed 8, 9, 10, 11
  • truepentesttruepentest Member Posts: 7 ■□□□□□□□□□
    Thanks ! That's what I thought but for some reason Kali rolling didn't make it. I had to use the old version of Kali which works perfectly !
Sign In or Register to comment.