When we last left off in Part 3 of our series of posts on Johnny’s experience at our recent PWB in the Caribbean course, he was experiencing the highs and lows of exploit development, emerging triumphantly in the end. Part 4 picks up where we left off last time so we’ll let Johnny take it from here.
“I donʼt care about eating. I want shell.” – Student
The day continued and the content became increasingly more technical and the exercises became more difficult. A demonstration of the ANI exploit involved an EIP overwrite, several NOP sleds and a couple of pointer redirects that produced a trampoline effect that eventually landed on our payload and executed a shell. I was like poetry in motion, explosive yet graceful. The class was in awe. It was as if the exploit writer had assembled a complex puzzle by expertly placing lit firecrackers into a box full of pieces.
The demonstrations were impressive, but they werenʼt designed to impress us with the allure of the magicianʼs talent. Instead, through follow-on exercises, the magician took us back-stage, taught us his secrets and put us confidently on stage in our own show.
But even though it seemed like magic, this was no illusion and these werenʼt mere parlor tricks. This was the heart and soul of what defines a hacker, the truest definition, devoid of morality and ethics. And by extension, this was the essence of our profession, a perfect example of the art that is true penetration testing. More holistic than just “hacking”, we had been taught a critical, reproducible process that eventually landed us here, perched precariously on the sharpest of edges, manipulating the system at its lowest level, one byte at time.
Through demonstration, intense hands-on exercises executed under the watchful eye of some of the finest instructors I have even encountered, each and every student, regardless of their level of experience, was empowered. Sure we learned, but more than that we were thrilled and excited; our eyes opened. Each student left changed.
This was transformative technical training at itʼs very best.
Iʼve described PWB as “transformative technical training at itʼs very best”, and I meant that.
I spoke to many students about the course and each one shared the excitement I felt. Most of them were excited to get out of class and play in the lab.
Each student gains access to the Offensive Security labs, which are stocked with dozens of virtual machines, multiple subnets, and routers all stood up with real-world configurations that simulate a wide range of challenges youʼll face in a real pen test. However, the Offsec staff have taken pride in creating several mind-bending situations within the labs that will fray even the most hardened professional. The virtual walls of the Offsec lab are spattered with the blood, sweat, and tears of more than one security expert. Just the thought of attacking these beastly machines is intimidating, but each and every student was anxious for their login so they could sharpen their skills and claim the most relevant and challenging security certifications in the industry.
I canʼt speak for every student in the class. But I can speak for my experience and I can definitely say that I left the PWB class changed in more than one way.
I left the class with a clear view of where my weaknesses lie. It was a humbling experience. So for the past few weeks, Iʼve been consumed by a hunger to learn more, to fill in those personal weaknesses I discovered. Iʼm heads down in a debugger and working my way through several books on Metasploit, Assembly and shellcode. And Iʼm learning fast. Not too shabby for an old dog who was convinced he couldnʼt learn new tricks. I left the course encouraged and excited to get to work building my knowledge. More than that, I have a clear plan, the tools I need, access to a massive virtual lab to play in, and a knowledge foundation that will propel me to the next level. I also have access to the best instructors in the business and thought-leaders in the industry as well as a solid community of past Offsec students who are just as excited as I am.
Something else has changed as well…
Stayed tuned for our next installment of “Memoirs of a Cyber Pirate”. If you want to experience Pentesting with BackTrack or Advanced Windows Exploitation yourself, we are running both courses this March in St. Kitts so Sign-up today while there are still some seats available.