I need guidance & study material

**marc_kriss** · 07-01-2012, 02:59 PM

hello everyone.
My first post here. And i joined G4H in hope that i'll get some cool advices and tuts and study material. May be frowning to some people, but I don't like the idea of Hacking! Hacking! Hacking! and just Hacking!!! My aim is to clear OSCP or any other one highly recognized pentesting cert (for deep knowledge sake), and then do Forensics. I know pentesting is not mandatory for Forensics, but still...
What i studied till now?? :- I have studied CCNA, C, C++ as of now. Presently learning CEH, RHCE, Python to cope up with OSCP course. I dont want to struggle during OSCP , because of its short duration(because i cant afford to sign up again and spend money, frankly speaking I cant spend huge money). So i want to already cover as much as possible, that is taught in there. Should I run run for assembly programming also? I am not sure when I'll be ready to take up the course. I don't have any mates, any help from anywhere. Everything is based on self-study. Can somebody provide me some material and guidance??? Will be very thankful.

**Anant Shrivastava** · 07-01-2012, 07:30 PM

welcome marc,

there are few OSCP in here so they might be able to help you with it.

however i would suggest one thing. don't work on all 3 in parellel. CEH is more of theorotical, RHCE is heavy on practical's but it goes on a different direction.

OSCP requires a lot more efforts in single direction.
even before you start i would suggest you to try some VPN style challenges like hacking-lab : https://www.hacking-lab.com

Note : OSCP is still in my to-do list but still i am yet to sit and start working towards it.

**marc_kriss** · 07-01-2012, 11:18 PM

Thanks alot Anant. And nice that you gave me a link of Hacking-lab. I was searching for something like this. U know, i was planning to do hacking practicals live. But you saved it.
I have created an account in hacking-lab. I am abit confused on how to use it. Do i have to use the server name /IP, map it,try to hack it and try to find vulnerability on the website hosting server?? Then where would i use my account over there? Plz throw abit light on it.
Well, CEH i have gone through once or twice and RHCE I am studying just for getting hands on over LINUX (nothing in deep).
And thanks alot for the guide...
Anyways, any study material anybody has? Specially on backtrack and the fundamentals?

**Anant Shrivastava** · 07-01-2012, 11:40 PM

for backtrack starting could be backtrack wiki Basic Usage - BackTrack Linux

hacking-lab is basically a vpn based lab so you cna either download the hacking-lab vm for vpn connectivity and use it as starting point.

basically its allows you to connect to vpn and then inside vpn you have lab i am also exploring that right now

once i get more info will share.

besides this you also refer security-tube.net

**marc_kriss** · 07-02-2012, 12:46 AM

Thanks Ananth & please keep guiding

**marc_kriss** · 07-02-2012, 11:09 AM

Can i hear something from any OSCP holder? Any guidance about how to be prepared for it? I know it is tough course, so some light plz...

**Anant Shrivastava** · 07-02-2012, 02:50 PM

give it some time wait for day or a two to give a bump.
people will respond back.

BTW you can join irc if you are looking at live chat irc link is on forum home page.

mean time check
My OSCP Venture
My OSCP experience

to get started

**marc_kriss** · 07-02-2012, 09:24 PM

Hey anant!!! I am trying to get VPN eastiblished in Windows for Hacking-lab. I feel that i am making some mistakes in getting .ovpn file and also supporting files. I got the VPN software from sourceforge.net. But VPN fails after getting login & Passwd. Could you provide steps if you get time???

**b0nd** · 07-03-2012, 11:25 AM

Originally Posted by marc_kriss

Hey anant!!! I am trying to get VPN eastiblished in Windows for Hacking-lab. I feel that i am making some mistakes in getting .ovpn file and also supporting files. I got the VPN software from sourceforge.net. But VPN fails after getting login & Passwd. Could you provide steps if you get time???

Hi marc,

OSCP is totally hacking based practical exam. So the preparation is hack, hack and hack more. Emphasize is on manual penetration testing rather than using automated tools like nessus, metasploit etc.
So practice a lot in free labs like what Anant has already suggested you.
You shall be good at:
1. reconnaissance - mapping and finding what ever info you could in a LAN (null sessions, zone transfer, snmp public/private, smtp enumeration etc)
2. port scanning (tcp and udp both) with different attack vectors
3. banner grabbing / version determination of services
4. hunting exploits specific to services running on vulnerable server
5. amending exploits to work in particular environment (exploit could be for, let's say win XP SP2 polish, you shall be able to make it work for XP SP2 english or may be for XP SP3 etc.)
6. basic web based vulnerabilities like sql injection, iframe injection etc.
7. compiling various windows based exploits using relevant compilers
etc.

So the crux is - more you hack, more you would get prepared for OSCP.

Cheers!

**marc_kriss** · 07-03-2012, 02:56 PM

Thanks alot bond. And i have started following into Hacking-lab. BTW i am using tutorials for learning various prerequisites. Like- learning & practicing Python for getting habitual in coding for scripts. RedHat for Linux basics and highers. So what is next which you would like to add in my tutorials cart? Should I invest my time in Assembly Programming too? I am not an IT*geek, as i started it all just 1 year back. So appearing for certification now will be like fighting a war without sword. When should i consider myself ready for challenge? I mean I will be prcticing a hell in Lab but after what all courses and learnings?
Thanks...

Thread: I need guidance & study material

LinkBack

Thread Tools

Search Thread

Display