[History and Overview]
It's important to keep an open mind when it comes to going back to the roots because understanding them is something that can help unlock a barrier long forgotten that is important in the way things work. Now everything that's fundamental about computer came from a system once known as UNIX, UNIX was an incredibly powerful operating system that was dated back in the late 20th century, only that as it grew it went from being free into something that was sold onto corporations for big money. Over time Bill Gates used UNIX to create the very first form of windows written in C. 2 years after the release of Windows in 1983 C became C++. Gradually over time Windows evolved and Microsoft wanted to remove UNIX from the equation in an effort to become independent, and they did as such by ripping away everything good that UNIX brought for the sake of making their own proprietary versions of it through MS-DOS. The other computer company at the time, Apple, chose to file a lawsuit over their grand scheme of things involving the software for the Lisa project, for imitating all the new qualities they had to offer, but Steve Jobs was in it for the loss in this lawsuit as by the time Windows was improved they had already removed all the things that made Lisa what it was.
All scripts I write for this are found from the latest edition of Foundations of Python Networking by Brandon Rhodes which you can buy here: https://www.amazon.com/Foundations-Python-Network-Programming-Brandon/dp...
The almighty Transfer Control Protocol or TCP as we all know it to be can be seen as a demigod for network protocols encompassing most of the internet in its grasp. To the way TCP works, you have to consider the way the three-way handshake happens SYN - SYN/ACK - ACK for beginning the connection, and FIN - FIN/ACK - ACK. If you don't already know about it consider looking up information about it. I went ahead and looked for a really good tutorial on YouTube which you can check out here https://www.youtube.com/watch?v=F27PLin3TV0
Anyway, the simplest thing to look at is a code for simply making a TCP client and server scenario...however with an added twist explained later on:
All scripts I write for this are found from the latest edition of Foundations of Python Networking by Brandon Rhodes which you can buy here: https://www.amazon.com/Foundations-Python-Network-Programming-Brandon/dp/1430258543
Contrasting the two biggest fields in IT to me is essential, like the concept of yin and yang, the two cannot coexist without the other. The two fields I am talking about are Network Engineering and Cybersecurity; I feel that it is essential to have an understanding of both as opposed to just one because the more you understand about one the more control you have over a network. Network Engineering is about solving problems...well through the use of engineering. Essentially what you are doing is solving problems within a network or making things easier through automation, plain and simple, using programming languages to do so. So to start this topic off I'll give an overview by introducing network programming with python.
To start off, we all know UDP is a non connection oriented protocol that sends out packets in the form of datagrams. Working with the protocol can be a tricky because in the world of cybersecurity clients using the protocol can be seen as promiscuous simply because often times the programmer may forget to check who the sender of the packet they just received is. Here's an example of a dangerous client:
I should say that all the knowledge I gained from creating this is from a very good instructor name Zaid Sabih, owner of Zsecurity you can check out his website and support him by purchasing his course at some point, he goes into better detail than I do and has more then 180,000 students to date here https://zsecurity.org/ and here https://www.udemy.com/learn-python-and-ethical-hacking-from-scratch/
ARP Spoofing is very simple to understand, the essential concept is that you become a man in the middle so that you are able to sniff and redirect packets between a target and the local router within a private network. While there are software such as Wireshark that allow you to do this, this is more just to gain an understanding of how things work:
Image Concept of ARP Spoofing
The first thing to note if you are a Linux user, is that to route or forward packets to anywhere the way a router does you need to place a 1 in the ip_forward file to do this you can use the find program:
I should say that all the knowledge I gained from creating this is from a very good instructor named Zaid Sabih, owner of Zsecurity you can check out his website and support him by purchasing his course at some point, he goes into better detail than I do and has more then 180,000 students to date here https://zsecurity.org/ and here https://www.udemy.com/learn-python-and-ethical-hacking-from-scratch/
Often times you may want to identify hosts on a LAN and maybe you want to say for example dos a target or perform some sort of ARP spoofing to do something related to capture traffic. To understand this you obviously should know how to program in python, and should know a little bit about what the scapy module is used for, you can refer to its documentation here: https://scapy.readthedocs.io/en/latest/
To start off, everything I'm about to explain can simply be done in the three following lines:
But for the sake of understanding how things work, I've put together a script to help curb your understanding here is a simplified version to start you off:
Due to the lack of availability of info on the topic I've decided to re-post this on my blog, I feel it's something I'd like to look back to if I need it:
Initially before writing this I thought to myself that because I had worked really hard on this matter (give or take about two weeks or so of constant hammering), I have just opened doors that were previously closed to me due to the passage of time and how things change. But I was convinced that what this community stands for, and how without it and someone there to guide me on this journey I'd be lost as hell. So I figured I'd give back by sharing what I've learned recently, which is creating shellcode for a portbind attack... however, the difference between what is commonly used to make it and my version of doing so, is that I use a more logical and concise method of doing it. To preface this I'm going to assume that you know x64 ASM, C network programming, and the basics of using Linux. I am also trusting that this post stays within the Soldierx community, I strongly support this community and hope to see its members cherish from this information.
If you don't know x64 ASM, I would recommend using Ray Seyfarth's Intro to x64 on Linux (and Windows for future projects):
https://www.amazon.com/s/ref=dp_byline_sr_book_1?ie=UTF8&text=Ray+Seyfar...
If you don't know C network programming I highly recommend Linux Socket Programming By Example by Warren Gay:
https://www.amazon.com/Linux-Socket-Programming-Example-Warren/dp/078972...
Rather than post about everything I learn on forum threads, I figure it would be best to start my own blog in SX so don't have to flood threads! I am going to start by posting my recently learned topics over here and hope my knowledge can help the needy over time. I will still post in threads when I'm not sure about something, otherwise I'll post everything here. I chose to start this since I hated writing notes on my notebook, plus, examples don't have syntax highlighting the way SX does on a notebook anyway!