Thursday, August 11, 2011

Offensive Security Wireless Professional: OSWP (Post 1)

I am not posting as much as I want on this blog, but I am still giving it a shot.  I just want to recap the past few weeks, I have been preparing for the OSCE course by using exploits in Exploit-DB and re-writing them, from fuzzing to new python scripts to a shell prompt.  It has been fun time.  I was able to install VMware Workstation 7 on BackTrack 5 x64 Gnome.  I have two virtual machines to work on buffer overflows, windows xp sp2 and sp3.  I also have my desktop that has more virtual machines.  That will be essential for the OSCE course I am sure. 

I have also been increasing my reading.  I have been reading "Ghost in the Wires", "Fuzzing", "Shellcoder's Handbook", "Metasploit: Penetration Tester's Guide" and "KingPin".  All of these books are great reads.  I have not finished "Ghost in the Wires" yet but it definitely has my attention.  Kevin Mitnick, Dave Kennedy, HD Moore and Joe McCray are probably my favorite pentesters/hackers. 

In addition, I have started another Offensive Security course: OSWP!!  I ordered the wireless adapter, ALFA AWUS036H.  I have heard good things about the adapter from the EthicalHacker.Net forum.  On the BackTrack 5 forum, there are instructions on loading the Realtek drivers for packet injection.  I am so excited.  Also, I have a Linksys WRT54G wireless access point.  I have registered for the class but I will be paying for it tomorrow.  Hopefully, I can get the PDF's and videos over the weekend.  I will be posting reviews of the modules and the exam as I go.  Nothing too detailed of course ;-).  When I took the OSCP course, I had a great time learning and I do not expect any less from this course. At least, this time, the exam is only 4 hours. :-).  I have been reading for awhile now, but never really tried out cracking WEP or WPA.  I foresee a lot of that from now on.  People still use WEP and weak preshared keys for WPA/WPA2.  This will increase my ability to choose a different attack vector during a penetration test.

BackTrack WiFu Online


  1. Good read here xP. I also would like to to take the coarse, feeling like i could take it on the fly and pass it i am curious of what the exam consist of and if it utilizes the use of the reaver WPS attack.

  2. Hey LuckyPCsolutions,
    It has been updated since the last time I have taken it. I cannot reveal what is in the exam anyway. I would suggest taking the course tho. It is worth it.