+ Reply to Thread
Page 5 of 5 First 12345
Results 101 to 119 of 119

Thread: ECSA review

  1. Junior Member Registered Member
    Join Date
    Nov 2017
    Posts
    5
    #101
    congrats...
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Oct 2010
    Posts
    863

    Certifications
    CISSP, CEH
    #102
    Remember all. These boxes are easy to crack and you have multiple ways to crack them because of that. Most of the challenges allows you to do whatever way you wish as long as you get the answer they are asking for. Two of the challenges ask you do to something specific and that's about it. Think outside the box, do not fall into the tool trap and think it will give you your answer all the time.
    Reply With Quote Quote  

  4. Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    1
    #103

    Default Anyone still doing this

    All the bruit force is driving me batty. To may word lists on multiple servers in multiple directories and tools they never go over. I have only gotten metasploit to work for one server but the rest dont seem to have remote exploits. I have figured out a few things so I'm willing to help with some challenges if you can help with others. These labs are so slow!
    Reply With Quote Quote  

  5. Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    1
    #104
    Any hints on Challenge #4 ??? port 21,22 or 23 ???? I'm stuck at the moment.
    Reply With Quote Quote  

  6. Member
    Join Date
    Dec 2011
    Posts
    65

    Certifications
    Project+, A+ CE, Net+ CE, Sec+ CE, C|EH, CCENT
    #105
    Challenge #7 has been absolutely killing me. There's a whole stack of PHP vulnerabilities but none of the modules in metasploit are working whatsoever.
    Reply With Quote Quote  

  7. Senior Member kMastaFlash's Avatar
    Join Date
    Aug 2012
    Posts
    930

    Certifications
    A+, Network+,Security+, DECA-ISM v2, MCP, MTAx2 , CCENT, CCNA R&S,C|EH,C|HFI,Linux+,LPIC-1,E|CSS,E|CES,GPEN,OSWP,Server+,LPT,GCIH,E|CIH,E|CSA
    #106
    This really isn't that hard of an exam!! You shouldn't be coming to a forum and asking for help. It's a certification that you need to do on your own. Follow the methodology and read your ECSA manual. Also, you only need 70 points to pass the lab. You don't need to complete all the challenges.
    2018: ICND2,E|CSP,CISSP,CCNA-Security,CSA+,eCRE.CAST 611,CWNA, Start SANS Graduate Certificate PenTesting
    2019: CCSK, JNCIA,CompTIA PenTest+,SANS Graduate Certificate PenTesting,eLearnSecurity courses
    2020:LPIC-2,SANS Graduate Certificate PenTesting
    Reply With Quote Quote  

  8. Junior Member Registered Member
    Join Date
    Feb 2018
    Posts
    5
    #107
    Hello Walter,
    Did you get any tip for the challenge 3 ? Port 21 is wrapped and I don't see any interesting hidden directory on the webserver... I am clueless !
    Thanks
    TP
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Feb 2015
    Location
    Tampa, FL
    Posts
    296

    Certifications
    GPEN/GCIH/OSWP,CEH
    #108
    Wait, ECSA requires a lab now?
    Reply With Quote Quote  

  10. Junior Member Registered Member
    Join Date
    Feb 2018
    Posts
    5
    #109
    Hello Mike,
    Can you tell us more about your eCPPT studies please ? I didn't know about it, I checked on their website and it looks quite interesting. Prices are affordable, course are available for lifetime which is very different from EC Council.
    I am myself CEH from EC Council and I am working now on the ECSA.
    Thanks
    TP
    Reply With Quote Quote  

  11. Junior Member Registered Member
    Join Date
    Feb 2018
    Posts
    5
    #110
    Indeed !
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    977

    Certifications
    C****, C***, C**
    #111
    Quote Originally Posted by truepentest View Post
    Can you tell us more about your eCPPT studies please ?
    The eCPPT certification is not that well recognized but I like the material as they are more up to date and advanced.
    You can request for a sampler trial at https://www.elearnsecurity.com/cours...ation_testing/

    If you are really keen on pen testing, I suggest you explore OSCP.
    Reply With Quote Quote  

  13. Junior Member Registered Member
    Join Date
    Feb 2018
    Posts
    5
    #112
    Thank you Mike for your reply. I have the feeling OSCP focus more on rooting and exploiting the machine than writing reports in the context of a professional approach. I need to pass OSCP but I think I am not ready yet. Not fast enough for OSCP.
    About the challenge n. 5, I was able to find the service on a different port where it used to be but it doesn't look like that vulnerable... Enum user (using time response) doesn't even throw any good info... It's been 2 days I am on n.5... When I say I am not fast enough. Got the password of arnold though..
    Reply With Quote Quote  

  14. Junior Member Registered Member
    Join Date
    Feb 2018
    Posts
    5
    #113
    I gave up with challenge 5. I think the unusual port which runs the well known service is a rabbit hole.
    Reply With Quote Quote  

  15. Junior Member Registered Member
    Join Date
    Feb 2018
    Posts
    6

    Certifications
    CEHv9
    #114
    I have completed challenges 1,2,4,6,9,10 ; anyone wants to join for study group/private discussion, please PM me. Thank you
    Reply With Quote Quote  

  16. Junior Member Registered Member
    Join Date
    Feb 2018
    Posts
    6

    Certifications
    CEHv9
    #115
    Are you still doing this? we can share. Please PM me. Thank you
    Reply With Quote Quote  

  17. Junior Member Registered Member
    Join Date
    Feb 2018
    Posts
    6

    Certifications
    CEHv9
    #116
    Quote Originally Posted by RSMCT2011 View Post
    I have completed challenges 1,2,4,6,9,10 ; anyone wants to join for study group/private discussion, please PM me. Thank you
    Guys, today is fruitful for me, I managed to complete Challenge 5, & 8 ; and lab 3 is half way done.
    so now only left 7 & 11. all of them are web applications. I plan to complete those 2 challenges this weekend.
    If you have some advises, please PM me. also if you are still doing it, please join me and I can share what I did with you.

    Cheers
    Reply With Quote Quote  

  18. Junior Member Registered Member
    Join Date
    Feb 2018
    Posts
    6

    Certifications
    CEHv9
    #117
    Quote Originally Posted by truepentest View Post
    I gave up with challenge 5. I think the unusual port which runs the well known service is a rabbit hole.
    You got Arnold's password ? If yes then
    It's just two clicks away from getting the excel file.

    Don't give up mate.
    Reply With Quote Quote  

  19. Junior Member Registered Member
    Join Date
    Feb 2018
    Posts
    6

    Certifications
    CEHv9
    #118
    Quote Originally Posted by rgsurfs View Post
    Any hints on Challenge #4 ??? port 21,22 or 23 ???? I'm stuck at the moment.
    It's port 22 ; standard SSH Attack
    Reply With Quote Quote  

  20. Junior Member Registered Member
    Join Date
    Feb 2018
    Posts
    6

    Certifications
    CEHv9
    #119
    Quote Originally Posted by truepentest View Post
    Hello Walter,
    Did you get any tip for the challenge 3 ? Port 21 is wrapped and I don't see any interesting hidden directory on the webserver... I am clueless !
    Thanks
    TP
    I managed to get ubuntu's root password and still figuring out how to use it to logon as SSH is disabled. I saw port 80 is open and running apache
    Reply With Quote Quote  

+ Reply to Thread
Page 5 of 5 First 12345

Social Networking & Bookmarks