top of page
Search

Offensive Security PWB v 3.0 Course Video Download: A Practical Approach to Hacking with BackTrack

  • magensomoza132p2e
  • Aug 17, 2023
  • 4 min read


A few months back, I took Offensive Security's online course WiFu course & exam OSWP, as I had written up a review for PWB/OSCP & CTP/OSCE, I thought I would do this too. As always, everything in this post is both personal comments and my own experience with the course.


It's not easy to create a course, especially with the amount of resources that are freely available, such as the aircrack-ng wiki and Security Tube's Wireless Megaprimer. Both are good, if not great sources of knowledge that make them a valued resource, however, there is still room for WiFu - more on this later.




offensive security pwb v 3.0 course video download




Before doing the course, I had already dabbled with 802.11 and its security, successfully cracking some WEP & WPA networks, and writing my own "wrapper" to automate the process. However, I still learnt more than a thing or two by the time I had completed the course.


As always, with an Offsec course, all the information that you need is in one place. They have done their homework including getting the author (Mister_X) of _THE_ pentesting tool for 802.11, aircrack-ng, to help write the course.


I personally was able to progress through the entire course material in a weekend. The exercises were straight forward, and I didn't run into any issues completing them (I used an old NetGear WG614 v9 & TP-Link WR104ND for access points and ALFA AWUS036H & Linksys WUSB54GC wireless cards).


Next, the course starts to teach you about how the hardware works with the software via wireless stack & drivers, which is another commonly asked about area I've seen online. They run you through the basics such as testing drivers & (manually) enabling "monitor" mode.


The rest of the course from here on out it is now practical (note: I'm guessing a lot of people's pre-course knowledge starts at this point). Most of the time, it uses the aircrack-ng suite, which is really a swift army knife. By the end of the course, I think you use all the attacks but one that aireplay-ng has to offer. There is some similarity to the aircrack-ng's wiki content for parts of the remainder of the course.


The course explains what is being shown on screen, with how it relates to what's been taught so far, followed by arguments to interface with the program as you see fit. At the end of each chapter, there is now a lab to complete. These are tasks that relate to what has just been taught as well as a troubleshooting for common issues that the student may run into at certain stages.


It then branches off into WEP attacks, with client and clientless scenarios using various different configurations & attacks. Depending on which access point has been used, will affect which attacks are successful. Offsec does recommend certain access points to be used, and the course has been fully tested with them (meaning all the attacks will work). If you wish to break away and use something different, you may find that certain attacks will not work.


Lastly, there is the "rogue access point" (aka a fake access point or the "evil twin attack") for both WEP & WPA. This is where you setup a "cloned" access point to mimic the target, and finding different ways to force targets to use it. The last practical for the course goes into "Karmetasploit" to exploit the wireless client, which I felt is a good way to finish.


The course is currently on version 3, which came out in July 2011. However, about four months later, in December 2011, (as far as I can see) there was the first public release of a PoC "tool" (and paper) to "hack" WPS. It's a bit of a shame with the timing as it didn't make it into this release of the course (may do if there is a newer release of the course.)


As I mentioned before, in the WPA/WPA2 section, the course doesn't cover enterprise. With WEP, there isn't any mention of "key index" (how to identify which key index is being used). However, "most" of the time, it is slot 1.


I felt there isn't as much of a "self-study" element, compared to the PWB, as the course material does cover a vast amount of what you need to know as and as a result, limits the possible "extra mile" exercises.


You do not need to have done any of the other Offsec courses (e.g. PWB/CTP) before, that's not an issue. There isn't any "cross over" between the courses. This could be your first (security) certificate, or simply just another course for you to do.


The industry-leading Penetration Testing with Kali Linux (PWK/PEN-200) course introduces penetration testing methodologies, tools and techniques via hands-on experience and is self-paced. Students who complete the course and pass the exam will earn the Offensive Security Certified Professional (OSCP) certification which requires holders to successfully attack and penetrate various live machines in a safe lab environment. The OSCP is considered to be more technical than other ethical hacking certifications and is one of the few that requires evidence of practical penetration testing skills.


For this, there can be only one possible explanation: Clearly, MichaelHayden, our dedicated [:DEL:]panty-sniffer-in-chief[:DEL:] NSAdirector at the time, cared so much about public safety that hetravelled back in time in a desperate bid to change the courseof history!


Any of the legacy ones maintain backward compatibility pretty well. x86, PPC, MIPS, ARM, SPARC, and microcontrollers of course. MIPS and ARM are the simplest of microprocessors that will be around for a while.


Blackberry does not seem to serious care about privacy and security (look at the Blackberry Priv). Of course there are those who say smartphones are not trusted devices and I absolutely agree hands down no smartphone should be trusted.


What I am saying is that on a personal work it is easier not using music or images coming from copyrighted works without authorization (except when they are a part of the original recording). There is no need to do it. There are sources where music available under more permissive terms can be downloaded and freely used in our own creations.


re DHEThe problem is how users can agree on the shared secret when physical compromise is assumed. Of course some sort of long static passphrase can be agreed on earlier but I suspect users are too lazy to make it strong against brute-force attempts. 2ff7e9595c


 
 
 

Recent Posts

See All

Comments


© 2023 by Car Dealership. Proudly created with Wix.com

bottom of page