Re: Immunity Certified Network Offense Professional

[Dave Aitel <dave () immunityinc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thomas Ptacek wrote:
|>  > Specifically, to obtain the certification you will need to write a
|>  > buffer overflow from scratch within a certain time period. You will
|>  > first find the buffer overflow by reverse engineering a target 
program,
|>  > and then obtain a shell from it or execute a command. This is a 
hands-on
|>  > certification, not a paper test.
|> Sounds like potentially a meaningful, if narrow, test.
|
| Some of the most effective pentesters I've met would not be able to
| pass this. This is the problem with all certifications.
Then they'd fail. There's no excuse for not being able to write a simple 
Windows stack overflow in this day and age. I don't see this part as a 
problem. Even web attackers need to know how to do that.

It is hard, of course, to isolate a hands on test from the tools you 
have to use to do that test. VisualSploit and Immunity Debugger are 
really easy to use, but if you are only capable of using WinDBG then you 
might fail as well. In that case, you'd need to learn how to pick up new 
tools faster. We'll have an instruction book available at the table. :>

- -dave

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIeQZjtehAhL0gheoRAvtcAKCGJUNoPLtsEEyKio9y5jOnuYBM2wCfQY3k
CtWVHv6SwDthKJorIEWlwg8=
=O5qQ
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave