Journey into eWPTX

eWPTX

On the request of some people I thought of writing a small review for this course and certificate. The course is WAPTx – Web Application Penetration Tesing eXtreme. The certificate is eWPTX – eLearnSecurity Web application Penetration Tester eXtreme. Last year I completed eWPT you check that post from here.
This course is very up to date compared to other web application penetration testing courses. I learned many things that I didn’t know in different web application technologies. There are many languages, technologies in the world of web applications. It’s very hard to master them all. This course however covers many advanced attack methodologies.

The exam is however “hard”, not matter you are a web developer or a networking guy, you need to make sure you understand how each vulnerability is exploited and also how to bypass filters. You cannot just fire up a tool and expect results. Make sure you understand manual exploitation and exploitation is always not straight forward in real world applications.

I actually loved the exam, it was a very small web app but lots of unseen holes. My experience with SQL injections came in handy in the exam 😉

If you are seeking for a next level certification in web application hacking I would recommend this course.

It was a very fast year! 2016 ended nicely as I planned. By October completed eCPPT, by November completed eCRE, by December completed eWPTX 🙂 Nothing is impossible if you try hard 😉

Thank you everyone for your feedback and messages!

cert

[tweet https://twitter.com/eLearnSecurity/status/814775586640068608]

Data Packing

I was doing some random experiments using assembly and C. This is a simple example in packing 2 numbers inside a register in assembly. Let’s assume

$latex al < 2^{5}&bg=232225&fg=bbbbbb&s=4$
$latex bl < 2^{3}&bg=232225&fg=bbbbbb&s=4$

We want to store these 2 values inside the dl register. The dl register is of 8 bits, so 5 + 3 = 8 bits

Packing

Unpacking

(more…)

PHP Feature or 0day?

Today one of my friends @RakeshMane10 gave me a challenge which I found pretty interesting.

[code language=”php”]
<?php
ini_set(‘error_displays’, 0);
$ip = htmlspecialchars($_GET[‘url’], ENT_QUOTES);
$f = fsockopen($ip, 80, $errno, $errstr, 5);
if($f) {
$result = shell_exec(‘ping -c 1 ‘ . $ip);
echo ‘<div class="alert alert-success">’ . nl2br($result) . ‘</div>’;
} else {
echo ‘<div class="alert alert-danger">’ .$errstr . ‘</div>’;
}
?>
[/code]
(more…)

Passed eCRE!

ecre_certificate_sm
I don’t know how to begin with, I’m not a expert experienced reverse engineer. I actually entered this field recently. Before that I had experience with basic exploit development and solving crackmes. But reverse engineering is not about solving a hard crackme, anyone can code a hard algorithm. However at the beginning some people said that this course is hard for me and not suitable for me. As the course title suggests “Advanced Reverse Engineering of Software” it is surely advanced to a level. I haven’t spent years in this field but I dedicated the last few months in this area and I really learned a lot from this course. If you ask the existing people in this field how to enter this area 9/10 people would recommend the tutorial series of “Lena151”. Actually those tutorials do not give a complete idea and is a bad choice. I’m not the only person who says this.

I have been thinking about why this happens. Thinking back to myself, I started learning reverse engineering by reading the Lena151 tutorials. I thought they were awesome until Daeken told me that was an awful approach to learn reverse engineering.
At first I didn’t understand why they were so bad. After all, Lena’s tutorials had taught me how to crack my first software.

You can check his post from here.

The things I learned in here really helped me to take my C/C++/ASM skills to the next level. Each topic I learned helped me research more and more into the subject.
(more…)

My Journey into eCPPT

This course covers lots of areas in the field of penetration testing. I like the content since it covers good theory as well. They have included new sections such as Ruby and Wi-Fi. The content is very up to date. The exam was more realistic and not CTF based. I’m not going to write a complete review, but I would recommend this course for anyone who wants to enter the field of penetration testing or existing people. Always there’s something to new to learn from any course 😉

ecppt