Saturday, 15 October 2011
Monday, 10 October 2011
Week4
Reverse Engineering!!! The best topic.
Talked about what reverse engineering is, "Reverse engineering is taking apart an object to see how it works in order to duplicate or enhance the object."
Some Reverse Engineering tools:
IDA Pro, Pydasm, Immunity Debugger, WinDbg, oSppy..
We looked at some of the Resgisters, EAX, EBX, for 32bit, AX, BX, for 16bit, etc. Indexes to data (ESI, EDI).
ESP--> Stack pointer (top stack)
EBP--> base pointer
EIP--> Instruction pointer
Some basic Assably codes: JMP (jump), ADD, MOV, SUB and of course, NOP (for the extra cycles needed)
For the lab, (this has been one of the coolests labs ever) Cracking a password!
Trying to figure out g1 and g2...
Talked about what reverse engineering is, "Reverse engineering is taking apart an object to see how it works in order to duplicate or enhance the object."
Some Reverse Engineering tools:
IDA Pro, Pydasm, Immunity Debugger, WinDbg, oSppy..
We looked at some of the Resgisters, EAX, EBX, for 32bit, AX, BX, for 16bit, etc. Indexes to data (ESI, EDI).
ESP--> Stack pointer (top stack)
EBP--> base pointer
EIP--> Instruction pointer
Some basic Assably codes: JMP (jump), ADD, MOV, SUB and of course, NOP (for the extra cycles needed)
For the lab, (this has been one of the coolests labs ever) Cracking a password!
Trying to figure out g1 and g2...
Sunday, 9 October 2011
Week3
Week 3. my favorite class for now. We learned about a new programming language created in 1989 by Guido Van Rossum. One of the most popular programming languages in security tools today.
Python:
Different Data types: Strings (""), Integers (Numbers), Lists, Dictionaries(key:value), Tuples.
With Python you can also create While and For loops to repeat set of codes until a condition is met.
In our class we analyze some basic codes to be able to open a connection with a web server, send and recieve data and close the connection when done.
This is the code:
For our lab we created a Python program to be able to talk to an HTTP server and print specific HTTP Headers
Python:
Different Data types: Strings (""), Integers (Numbers), Lists, Dictionaries(key:value), Tuples.
With Python you can also create While and For loops to repeat set of codes until a condition is met.
In our class we analyze some basic codes to be able to open a connection with a web server, send and recieve data and close the connection when done.
This is the code:
" import socket
#creates a socket -- AF_INET means IPv4, SOCK_STREAM means TCP
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#IP Address to connect to -- Enter Linux VM IP here
IP = ‘freeshell.org'
PORT = 22 #We'll look at the default SSH port
connect = (IP, PORT) #socket connection requires a tuple of IP, PORT
s.connect(connect) #establish a connection
data = s.recv(4096) #Recieve Data -- up to 4K
print data
s.send('SSH-2.0-CLASSROOM-TEST\x0a') #send data
data = s.recv(4096)
print data
s.close() #close the connection) "
For our lab we created a Python program to be able to talk to an HTTP server and print specific HTTP Headers
Friday, 30 September 2011
hacking Week1
Our first week was quite interesting. I was very exited after looking at the course outline, since the beginning I knew I was going to love this course. Just by the fact that we are finally going to learn and test real concepts about security, made me very exited.
On this week we talked about some of the tools that we are going to use through the semester. Some of the tools were, Wireshark, Pythong (one of my favorites until now), Netcat, Immunity Debugger (very useful tool), Process Monitor, Metasploit (dont know how to use it very much still but one of the tools I'm most interested in learning).
We also talked about why it is important to stay up to date in terms of security. Technology is constantly evolving and also hackers are more and more knowledgeable. This fact should make administrators to always be on top of network security to be able to protect networks against attacks.
Week2
This week we talked about Malware. Definitions and examples of Virus, Worm, Rootkit. We also went back and history and talked about "Malware Pivotal Moments in History" with Creeper Virus, Melissa Worm and ILOVEYOU Worm...
Honeypot and Honeynet, what they are and different types, Low Interaction and High.
In the lab, we built and deployed a honeypot (nepenthes) and analized with wireshark.
Honeypot and Honeynet, what they are and different types, Low Interaction and High.
In the lab, we built and deployed a honeypot (nepenthes) and analized with wireshark.
Subscribe to:
Posts (Atom)