Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "User:Hatter/getting started"

From NetSec
Jump to: navigation, search
(Code)
(Code)
Line 12: Line 12:
  
 
[[Programming]] is the next essential skill. While it is possible to perform exploitation on an [[application]] without any knowledge of the language it is written in, understanding of the language allows for a deeper understanding of the way the application you are exploiting handles input and processes data - if you understand what makes it work, you will understand what makes it stop working in the way you want it to. Why blunder in the dark when the user manual is right before you?   
 
[[Programming]] is the next essential skill. While it is possible to perform exploitation on an [[application]] without any knowledge of the language it is written in, understanding of the language allows for a deeper understanding of the way the application you are exploiting handles input and processes data - if you understand what makes it work, you will understand what makes it stop working in the way you want it to. Why blunder in the dark when the user manual is right before you?   
 
  
 
[[Assembly]] and [[machine code]] are the building blocks of all other programming language. Machine code is what most people think of when they refer to "binary code" (though it is more often represented as hexadecimal opcodes), and assembly is a system of mnemonic words to make machine code easier to work with - for example, "\xcd\x80" comes "int $0x80".   
 
[[Assembly]] and [[machine code]] are the building blocks of all other programming language. Machine code is what most people think of when they refer to "binary code" (though it is more often represented as hexadecimal opcodes), and assembly is a system of mnemonic words to make machine code easier to work with - for example, "\xcd\x80" comes "int $0x80".   

Revision as of 13:12, 1 July 2012

So you're new to offensive security, and one day you want to call yourself a hacker. Understanding the building blocks of a system is the first step towards learning to control it. A solid basis in administration is needed in order to know how to use a machine. A solid basis in programming will help you understand what information gathering leads to successful exploitation and maintaining access. While countermeasures do get in the way, most can be evaded or bypassed with an intermediate knowledge of programming.


Administration

Administration can be broken into a few categories, but for the purposes of this library, administration is divided into system administration, and network administration.

Mastery of an Operating System is essential. Most servers on the internet are powered by Linux. While difficult, a head-first approach to learning Linux can be obtained with Gentoo Installation. We crawl before we learn to walk. Mastery of the basics of file manipulation, diagnostic tools and the like in the linux environment will make you much more efficient when using linux to do anything - be it rooting a box or web exploitation - so it is advised that you check out the Bash book, which will familiarise you with the commands that are essential to efficiently using a linux system.

Protecting yourself on the internet is essential, although you have already taken the first step by using a linux box - especially if you chose to use Gentoo. In order to protect yourself from malicious packets, see the article on Iptables for filtering incoming packets and dropping those that are potentially malicious in nature. It is also a good idea to check the Anonymity article for tips on how to keep your identity secret on the internet - depending on just what you intend to do, these measures can be as simple or as complex as you desire.

Code

Programming is the next essential skill. While it is possible to perform exploitation on an application without any knowledge of the language it is written in, understanding of the language allows for a deeper understanding of the way the application you are exploiting handles input and processes data - if you understand what makes it work, you will understand what makes it stop working in the way you want it to. Why blunder in the dark when the user manual is right before you?

Assembly and machine code are the building blocks of all other programming language. Machine code is what most people think of when they refer to "binary code" (though it is more often represented as hexadecimal opcodes), and assembly is a system of mnemonic words to make machine code easier to work with - for example, "\xcd\x80" comes "int $0x80".

These languages are the predecessors to the C language, a mid-level compiled language which became the cornerstone for nearly all of the modern interpreted languages, including PHP, Perl, Python, and Ruby. The Linux operating system is written in C and C++. It is advisable to become familiar with C and at least learn enough assembly to understand how your C code is compiling. Learning interpreted languages such as PHP and Perl can also be useful for their flexibility and power.

Exploitation

Most beginners find web exploitation to be the easiest topic to start with. This requires a strong understanding of the world wide web. Web applications are programmed using a series of interpreted languages. This nearly always involves some form of HTML and CSS, originally developed to be a document and that document's stylesheet. Dynamic content is usually powered by a database, and usually involves SQL code. The programming languages used to render dynamic content are interpreted on the web server, while languages such as HTML, CSS, and JavaScript are interpreted and rendered by the client.

Web exploitation

Web exploitation can be used to execute remote commands, steal cookies, extract database information, bypass authentication, and more. Simply because exploitation of interpreted languages is easier than exploitation of compiled languages does not make it any less effective. This, in conjunction with the recent popularity of web applications makes it the best place to begin. We've also developed a series of web exploitation tools to assist beginners in remedial tasks.

Binary exploitation

Exploitation of compiled languages used to be much easier than it is today. Due to countermeasures like DEP, ASLR, and IPS applications/devices, binary exploitation is becoming more and more difficult. To perform a filter bypass on a modern Operating System, the shellcode or machine code used during a buffer overflow exploit must be crafted to bypass all of the restrictions in place. Beginners usually start learning to write shellcode with a fundamental knowledge of assembly. Once an understanding of assembly for the respective operating system is obtained, null-free shellcode is usually the first type of shellcode written by a beginner. It is even possible to write printable and polymorphic alphanumeric shellcode and ascii shellcode for IDS evasion.

Network exploitation

Network exploitation requires a solid understanding of network administration and network protocols.

Maintaining access