ECSA review

manishani

moudane wrote: »

I am currently polishing the report, I just finshed writing it a couple hours ago maybe tomorrow or the day after I will send it.



Through the challenges you'll have to use different wordlists sometimes the default one launched with metasploit modules will work.

What is your report status?

v3n0m

can someone please help me with challenge 3,5,8,11 i have only 1 and half day left for my labs to expire. just give me some startup tips so that i can get going. PM me if you not willing to post in public. i was down with jaundice that's the reason i am lagging behind

manishani

v3n0m wrote: »

can someone please help me with challenge 3,5,8,11 i have only 1 and half day left for my labs to expire. just give me some startup tips so that i can get going. PM me if you not willing to post in public. i was down with jaundice that's the reason i am lagging behind

do you still have access to the ilab ?

v3n0m

No, but i can arrange those screenshots if i know the solution of 5, 8, 10, 11 i need only 2 to pass

Asonger

Do you want to see one as a reference?

v3n0m

absolutely. Can you pm me? I cant because i just created this account.

quietstorm_

hello,
I managed the get through th first two challenges , but then Im stuck with the others, for the sake of learning I propose to get together as a team to exchange and learn.
PM me if you want.

serigne

JamesB67 wrote: »

Hi serigne,
I sent My report friday and it was validated this morning
You just need to write the challenge part. I only changed my name in the first parts of the report.

Hi dude, my report has been approved, I am currently preparing for the final exam.
If anyone has some tips let me know.

wrickaz

Same here i heard it is pretty hard

Asonger

v3n0m wrote: »

absolutely. Can you pm me? I cant because i just created this account.

Message me on Reddit. https://www.reddit.com/user/austinsonger

hack07

can you please help me with challenge 4 ?? I am not able to get the IP.

hack07

can you help me with challenge 3 and challenge 4 ??

WiSiPi

Take a good look at the Network Diagram in the assignment.

hack07

thanks it worked

absentnighthawk

Hi, I have found the hidden directories on the ubuntu machine but have no clue how to go forward and have only 1 hour for my labs to complete..can anyone help??

Luc3nc3

padsmith wrote: »

Completed challenge 1 so I thought but, challenge 2/3/4 refers to Linux hosts, the hosts/port/services are all windows ....I am doing an ARP discovery of the whole 3 subnets taking an age any chance I can assume they are in the same subnets as the machines I have found ?

May be you shoud run nbtscan to get the hostnames.

padsmith

I am stuck on 7 and 11 I have run hydra and metaspolit against both hosts using all the files under wordlists and the folder john to no avail. Appreciate any help on these

0x18

For challenges 7 & 11, I compromised the web applications. Use a web vulnerability scanner on the hosts.
Note, two helpful web scanner tools were only found installed on the older Kali box.

If run you into issues email ECSAEXAM CERT <ecsaexam@eccouncil.org>, they are very responsive and provide assistance.

padsmith

HI,
I have the 2 vulnerabilities for both , but I do not seem to be able to exploit them specifically I ran joomscan which reports vulnerbailities bit unabale to exploit

0x18

padsmith wrote: »

HI,
I have the 2 vulnerabilities for both , but I do not seem to be able to exploit them specifically I ran joomscan which reports vulnerabilities bit unable to exploit

@padsmith: Search exploitdb/searchsploit for vulnerabilities, pay attention to versions and plugins. When you get the results run every exploit until one gets you access.

padsmith

HI,
Thanks for that, I think I ran about 3 joomla based exploits in Metaspolit did not find or get in , problem is now my lab time ran out so I dont have access to the labs any more.
I ran wpscan for challenge 7 from the second kali box which, although says website is up did not report any vulnerabilities I have found these the hardest and longest to complete apart from 3 alas I have run out of time on my lab

garnettk

For Challenge 5, got shell of admin01
But the UAC is killing me
Any hints?