C is an imperative programming language developed by Bell Labs in the early 1970s. C provides low-level access features such as memory management and CPU registers. This is in contrast to more modern-day languages such as Java or C#, where memory management and garbage collection are handled automatically by the language's runtime environment (i.e. the Java Virtual Machine and the common Language Runtime respectively).
This low level of control makes C an ideal language for cybersecurity professionals to learn as it requires understanding the inner workings of a computer system.
Nmap ("Network Mapper") is an open-source command-line utility for network discovery. Nmap works by sending packets over a network and analysing the response from hosts. Nmap can be used for port scanning, host discovery, application version detection, TCP/IP stack fingerprinting, and more.
Below is an example of an nmap
command.
nmap -sS -Pn -T4 192.168.80.0/24
# Description:
# Searches for information on all active hosts across 192.168.80.0/24.
#
# Explanation:
# -sS: Stealthy TCP SYN scan technique which is unobtrusive as it never completes a full TCP connection.
# -Pn: Treat all hosts as online, whether or not they respond to a ping.
# -T4: Timing control for enumeration, 1 is paranoid/slow, 4 is aggressive/fast.
# Subnet mask: Will search all 256 addresses on 192.168.80.*
The setuid
bit is an access rights flag that allows users to run an executable file with the privileges of the owner of the file – rather than the privileges of the actual user running the file. This can lead to privilege escalation if exploited.
$ touch test.sh # Create new executable
$ stat -f "%Sp" test.sh # Check the file's permissions
-rw-r--r--
$ chmod u+s test.sh # Set the setuid bit
$ stat -f "%Sp" test.sh # Check the file's permissions (updated)
-rwSr-Sr--
- Write a HTTP server (use fork to handle more than one connection)
- Connect to your HTTP server with your browser and check the requests done by your browser
« Previous week | Next week » |