Compare cert salaries and plan your next career move
m4v3r1ck wrote: » I made it my goal to push through the lab materials as quickly as possible as I wanted as much time in the labs as I could have. I believe I was able to work through the material so fast because I had studying up a little bit on coding, ethical hacking, and knew some tools from the CEH course. The buffer overflow section is a beast, but just keeping pushing through it. I'm on Slack all the time if you ever have questions pertaining to the exercise. My understanding is one of the exam boxes is pretty much like the exercise, but I haven't taken the exam, so take that with a grain of salt. When I started the labs, I did not do any vulnerability scanning outside of what was required in the exercises. I kind of picked what looked "easy" (i.e. had only a service or two running), but even then, that's not always accurate. Some of the boxes with a lot of services open are much easier. I just like the narrow focus of having a single port or two to enumerate. I definitely shied away from attacking any web services as I feared that these were going to be full of SQL injections and other shenanigans that I was not comfortable with. It turns out, most of the web boxes have been pretty easy. You run Nikto or Dirbuster on them and enumerate what services are running. There generally tends to be some sort of vulnerability there. You'll start to notice the easy targets as you go. My advice is to avoid using any vulnerability scanner outside of maybe NSE. MSF auxiliary isn't really allowed outside of one box on the exam and the other scanners (i.e. Nessus, OpenVAS) are prohibited. I also highly advise using Metasploit where you can. This may be against what others say, but it'll help you pin point you exploit and execute it. You can always read the code later and rewrite the exploit to work manually. I've heard the exam has the BoF box and a super easy MSF rooted box. Again, grain of salt. However, if true, you could knock out 2/5 boxes in an hour or two then focus on the other 3.
m4v3r1ck wrote: » I spent most of the morning/early afternoon working on my lab report. Now that my formatting is done, it seems to be coming together a lot faster. I have reports written for 3/10 machines. I hope to wrap up the other 7 tomorrow.
CyberCop123 wrote: » Can you explain what you mean by this? I understand that many get a report prepared in advance, but what machines are you referring to as obviously you haven't had any access to the exam machines yet. Is there lab machines that are also supposed to be documented in the report or something?
m4v3r1ck wrote: » Trying to end this madness as quickly as possible :P
m4v3r1ck wrote: » Very quick update again. I'll be writing a detailed post in the next coming days. I'm about 17 hours into my exam right now. I was able to root 4 boxes in the first 14 hours or so for 80 points. I've decided that I would rather write my report now and perfect it than try another box. Fingers crossed, but it's looking like a pass.
m4v3r1ck wrote: » Hi, Thank you for the kind words! 1. BoF means buffer overflow 2. $1 means a variable in bash. So it calls the first argument you give. i.e. ./script.sh 192.168.1.2 would scan 192.168.1.2 in place of $1 3. netsecfocus.slack.com
m4v3r1ck wrote: » Sherlock was a tad bit annoying because you only get one crack at your exploit. If it misses, you're reverting your box and starting over. I used probably 10 reverts today on Sherlock alone.
Compare salaries for top cybersecurity certifications. Free download for TechExams community.
