Live Writer + Visual Studio + Python Module + Blogger == win

print "hello this module is working"

print "hello this module is working"

Dragging myself kicking and screaming through OSCP

So hi, I am one of those that have signed up for the Penetration Testing with Backtrack Course, which allows one to attempt to pass and exam in the hopes of gaining the OSCP certification…

 

Many try, many fail, many more fail I think… But don’t let that scare you off, I am sure you can Google enough information to defer your enrolment that bit longer.

Putting off and putting off

So I can put my hand up and say I was one of those people. I have put off OSCP for about 6months. I have read so much on what I need to do in order to prepare/be ready/be able to pass OSCP.

I had a massive list:

• Python scripting
• Bash scripting (fluent)
• exploitation knowledge
• metasploitable unleashed tutorials
• web app experience
• network experience
• Everything theory…

I even looked at other cheaper courses, a cert to help me get  a cert >.<

 

How did I drop the cash and sign up

I had many an excuse to keep putting off the course. The biggest one being that my work had not given approval for it, so I had to pay for it. I did a little chasing for approval, but inside I didn’t push it as much as I could have.

I was lucky enough to attend the only security conference in Australia that deals with ‘hacking’. Yay me!

There i met some cool dudes that are slightly skilled. @troyhunt @TheColonial @justinsteven @radac_ . I have probably missed others, if so and you are reading.. my bad!

2 of those people have the OSCP cert and 1 has done the labs but too lazy to sit the exam.

Any how, the important point is that these guys all give everything a shot, whether it be OSCP, web development, work or running. They eventually convinced me that I will keep putting it off and never actually sign up, unless I actually sign up. They gave tips and tricks while I was at Ruxcon and basically said OSCP is not impossible it just requires the time and attention it deserves, aka not f@cking easy.

If I can  sign up, so can you!

Finally Enrolled

So I enrolled and am starting 1st December, very very soon. I am crapping my pants scared that I will not be able to do it, I guess that means not putting in the time to do it… Oh why can’t I just have the information downloaded into my brain like they did in the Matrix.

I will keep this blog updated with my learning, frustration and love hate relationship with OSCP.

 

Check this blog out to be further scared of OSCP.

http://needsec.com/offensive-security-pwb-oscp-the-offsec-labs-are-no-joke/

 

:) happy hunting

Nmap && Testing syntax Highlighter

Hi All,

A friend of mine wrote  a bash script for nmap. I stole it and modified it.

 

So here they are, will explain what they do and hopefully

the syntax works.

#!/bin/bash

#add IPs
#discovery script

IPs=('x.x.x.x')

totalIPs=${#IPs[@]}



for (( i=0; i < totalIPs; i++)); do

    echo "[+] Testing $(($i+1)) / $totalIPs"

    nmap  -p1-65535 -vv --max-rate 1000 -Pn -oA –-script discovery ${IPs[$i]} ${IPs[$i]}

    #nmap -T2 -F -vv -Pn -oA ${IPs[$i]} ${IPs[$i]}

done

echo "[+] Scan complete"

Tested: and it works. really annoying to have to go to source add the tags :(.

Any how: explanation of the syntax:

Effectively it takes IP addresses and places them into nmap. It creates nmap output individually for each IP.

 

It searches all ports, assumes they are up (-Pn), ouputs to all formats and runs the script discovery.

 

I have more but for now its to test the syntax Highlighting.

 

Am currently downloading Visual Studio express as  @troyhunt linked http://plugins.live.com/writer/detail/paste-from-visual-studio. This allows copy paste direct from VS.

 

Hopefully it works as intended with the Blogger infrastructure underneath Live writer… eep!

Another thing, spell checker wants to spell check the code :( :(!

 

Cheers

 

Wish me luck

Trying out Microsoft Live Writer

Hey all, new post.

Its a been so long! I have been lazy, but only with posting, I have still been up to stuff!

This post is to test out live writer.

I am already noticing a benefit as I did not have to go to Blogger, create page etc etc. It isn’t much I know, but if you are blogging heaps I could see it being an unnecessary waste of time.

I was informed about Live writer via Troy Hunt, who is a seriously hardcore blogger and internet security researcher. So the advice came with weight behind it aye. He can be found here @troyhunt. <- and on that not it is so much quicker to do a hyper link.

 

So if this posts, live writer is working well for me.

 

BUT BUT BUT!! To get installed was one big ass mofo.

When live writer wants to hook up to your blogger it asks for your blogger URL, username and password. Sound easy right?

 

1 Blogger URL: easy

2 username: easy

3 password: not accepting… wtf why, what am I d0o0oing wrong.

 

So after much googling I found out that the password is not your username password, as your username is your email password. It would be bad security to ask to give your email password, so it requires the Google ‘Application Specific Password”. Which in hindsight makes sense, its an application connection to blogger which uses your gmail account… *facepalm, at the time it was not making sense.

 

A quick rundown on ASP’s can be found here.

I do need to find a good python syntax highlighter for my blog.

So that is my blog so far.

Cheers

test

<?php
$example = range(0, 9);
foreach ($example as $value)
{
echo $value;
}

a = 5
b= 3
a + b = c
print c