Certified Ethical Hacker (Practical):Journey to gateway to Ethical Hacking-akashupadhyayawow
A handy way to pass this exam is to get hands working in the machine. A complete guide to clear the exam with similar resource and tools.
So after enrolling, its time to take exam. But wait when you will decide the date to give exam.
here are the way to do so.
When you are prepare to take the exam?
Its never to late to start with basics.As you know the exam is six-hour, rigorous exam that requires you to demonstrate the application of ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, web app hacking, etc. to solve a security audit challenge.
1:Demonstrate the understanding of attack vectors: map your lab course material with the full approach to solve the question without looking again.initially the things takes time so so with the flow. make a short notes of what you have studies.As the exam is 100% Proctor by an EC-Council proctor themselves which means your proctor can see your screen and every activity you perform. in my case i have to view my entire room with door locked (holding my laptop in hand and moving 360 degree). once the proctor is OK with the environment you are ready to take exam.Remember that go thoroughly with the lab guide success lies inside it.
Perform network scanning to identify live and vulnerable machines in a network:
the key to clear your cert is enumerations and properly probing.
N-Map comes with handy. get acquaint with the Nmap. If you are done with this topic for sure shot you are having your first 6–7 points out of 20.
the above mention link is just sufficient for this… i really went to it completely.
understand the output and make sure the output of the given ip is save in leafpad or save with Nmaps output command. you are having 6–7 point with help of nmap.
Perform OS banner grabbing, service, and user enumeration : the output of this command are the key to answering the question given by them.You need to understand that the question are tricky to answer but again for students if you have to CEHv11course material and lab(i Labs) you have the points and for student like me with only exam vouchers you and go with the YouTube videos regarding similar labs (you have the answers). Again read the output of the scan and you have it.
Perform packet sniffing.
Answer to this section is Wireshark or Tcpdump. you would be give the question stating the audit file is having the password in plane text with some protocol stated or during a pen-test the penetration tester need to find IOC with the outline protocol function . again co with the course material with is the answer and y are having 3–4 points. you need to filter the traffic properly. identity the challenge properly and go with the flow. you really don't want to be a network admin to tackle the answers. my suggestion is go with the wireshark because it is easy and soft if compare with tcpdump.you need to have solid understanding to filtering and using proper in proper segment or request. limited but not limited . you will find many course in YouTube with is more than sufficient
some imp wireshark command are:
Wireshark Filter by IP
ip.add == x.x.x.x
Filter by Destination IP
ip.dest == x.x.x.x
Filter by Source IP
ip.src == x.x.x.x
Filter by IP range
ip.addr >= 10.10.50.x and
ip.addr <=10.10.50.x
Filter by Multiple Ips
ip.addr == 10.10.50.x and
ip.addr == 10.10.50.x
Filter out IP adress
! (ip.addr == 10.10.50.x)
Filter subnet
ip.addr == x.x.x.1/24
Filter by port
tcp.port == x(port no )
Filter by destination port
tcp.dstport == 23
Filter by ip adress and port
ip.addr == 10.10.50.1 and
Tcp.port == 25
Filter by URL
http.host == “host name”
Filter SYN flag
Tcp.flags.syn == 1
Tcp.flags.syn == 1 and tcp.flags.ack ==0
MAC address filter
eth.addr == 00:70:f4:23:18:c4
Conduct a variety of web server and web application attacks including directory traversal, parameter tampering, XSS, Perform SQL injection attacks
for tackling this https://github.com/digininja/DVWA . this is the best link one can tackle with . there are many videos regarding the setup .you need to have manual understanding of how to play with it . if you solve the the mention you are good to go. i my consideration no need to go for hard one . solve easy first maximum until the dvwa omits the outputs of all your command just example : tampering the user id , because sometime example are the clues to solve and get 3–4 challenges done. again you are giving the ceh exam so you need to clear it in first go. make a cheat sheet to perform different attack with payload or input parameter.follow OWASP Top 10 . and keep payload hand. And yes the exam is open book you can search on google and see blogs or read article to perform the attack not limited with this but for any other challenges also. as google is the best friend (i prefer to keep all links handy in the text editor).
and only for this exam you i prefer go with sqlmap. use every key use this https://hackertarget.com/sqlmap-tutorial/ and/or https://www.geeksforgeeks.org/use-sqlmap-test-website-sql-injection-vulnerability/ for reference and perform on dvwa or in buggy app. from here you are almost done and you are near to to cert (14 points).
Perform vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems etc.
use the tool which is in the course eg: vega,openvas or nessus go with the free one and you are done. i got 1 from this but it was easy to answer the question.A/Q to me by this time you are already got cehv11 cert(you are in 14 point). things to remember is go with your own pace to solve challenges.
WpScan use tools scan to perform vulnerability
focus on this also as this is imp tool to solve the rest 2–3 marks challenges.as per question you are ready to solve the web site which is hosted in word press.use this tool to enumerate user name , phone no , info , bio and much more . get very handy with this tool. use this reference. https://linuxconfig.org/use-wpscan-to-scan-wordpress-for-vulnerabilities-on-kali and/or https://linuxhint.com/wpscan_wordpress_vulnerabilities_scan/. this is enough. i hope by this time you are done with it.
the above link is also imp ..
other important tool and techniques
password cracking and dictionary attacks:
john is also good tool: understand the fact that any tools will be good but should have a good replacement also if Plan A did not work go with Plan c(haha, lol)
Rest Important tools
OpenStego
QuickStego
Steghide
https://www.yeahhub.com/use-steghide-stegosuite-steganography-tools-kali-linux
use the above link to solve the values.
RESPONDER:
use this link which will guide you in success.
before exam: read the genral FAQ’s
few points from my side before exam: remember this is just exam always give importance to learning and the outcomes.
you and take breaks in exam by saying in microphone or in chatting section.
use google as it is open exam for real world hacking simulation .
One Kali Linux (No Update) and Windows Server 2016 to perform the hacking.
just fix a slot and you will pass the exam for sure. go for it
you can easily complete all the 20 points under stipulated time.
you can end exam as per your wish.i ended because it was 4 in mooring and i score 17/20.
the amount of time you invest in lab will be directly proportional to passing the exam and Earning Certified Ethical Hacker (Practical)
ALL THE BEST FOR ENTERING INTO CYBER SECURITY WORLD
https://github.com/CyberSecurityUP/Guide-CEH-Practical-Master
