As I mentioned in my last post I was in the middle of completing a series of YouTube videos on Assembly Primer for Hackers. I am proud to say I finally finished the video series and I would encourage anyone trying to learn Assembly that they should definitely watch this series. The eleven videos that I went through broke down how Assembly programs work and how information is pushed into registers and different memory locations. The instructor provided us with code to use and was extremely thorough in his explanation of the different concepts. I learned how to move things in and out of registers and how to verify and debug programs using GDB.
The greatest moment occurred near the end of the video series. The last 2 programs which went over functions and function stacks gave me issues as the programs that he wrote were for 32-bit architecture and I was running GDB in a 64-bit architecture. I spent a good portion of yesterday on video 10 trying to get certain push and pop functions to work. The program called for a "pushl" and "popl" which are commands used to push and pop in a 32-bit architecture. After banging my head against the wall for a bit and a lot of Googleing I still could not get it but thankfully the first comment told me how to change the push and pop commands as well as the registers, for example, %eax becomes %rax in a 64-bit system and "pushl" becomes "pushq" and "popl" becomes "popq".
The last video which had to do with function stacks gave me a little bit more trouble but not as bad as video 10. When I got the program I saw the same push and pop commands I saw in video 10. Since I already knew how to fix those I did those first. I was able to compile and link but when I ran it the program through an error. Eventually, after much back and forth, I re-wrote all the commands to represent 64-bit architecture and was able to compile, link and run the program. The only problem is that it was just exiting out and not writing HelloWorld. I tried running it in GDB to see if it would shed any light but I could not figure it out on my own. As I watched the rest of the video I saw my issue as the instructor explained how and where things were being placed in the stack. Since he was basing his program and video off of 32-bit the memory space was in 4-bytes instead of 8 in the 64-bit architecture. After doing some math and mapping of the address space I was able to successfully edit the program to look at the right memory space to pull the HelloWorld and print it on the screen. After recompiling the program and running it, HelloWorld appeared and it was a joyous moment. I was able to understand what was going on and how to read the stack properly to adjust my program from 32 to 64 bit.
The next series I am going to be watching is on exploit research and given how well the Assembly Primer series went I cannot wait to tackle this one. Until next time.
Assembly Primer for Hackers
Saturday, December 14, 2019
Monday, December 9, 2019
Metasploit, BURP, Assembly and MORE LINUX
It has been awhile since I last posted I hope everyone had a Happy Thanksgiving and is getting into the holiday spirit. Aside from stuffing my face with food I also have been continuing the lessons that have been laid out for me to become a better security professional and prepare myself to take the OSCP. After my introduction to Linux I continued learning more Linux commands such as how to compare files using "diff" and how to change passwords for a specific user. It was eye opening to learn about the diff command as in the past I have usually copied the files to notepad and use Notepad++ to do compare. The training covered everything from extracting and compressing gzip files, setting up SSH, partitioning with GParted, shell scripting and process, jobs and killing processes.
The next lesson was learning how to use Metasploit. I have always known that Metasploit was a powerful tool and I had always wanted to learn how to use it. The YouTube videos covered using tools and exploits such as SSH scanner and FTP Login to creating and using payloads and backdoors. It helped that Metasploit gives you a vulnerable box to test with and I cannot wait to crack open my Metasploit book once I am finished with my lessons.
BURP Suite was up next. BURP is a suite of tools used to detect vulnerabilities in web applications. Unfortunately I could only use the community version which didn't allow me to try the full suite of tools it has. I am hoping that once I add it to my tools at my company I can go back and practice the things I could not do. The one thing I would ask the company that manages BURP is that if I am using the community addition I should be able to modify the settings for the tools that I have access to.
Currently I am working on the basics of exploit development. I am watching a series of videos on Assembly for Hackers. This is my first dive into Assembly and it is a lot to take in and remember. From understanding the memory space your application runs in to writing an assembly program and the various sections of initialized and uninitialized data and registers. It is a lengthy video series in terms of minutes per video but it is a lot of information. I am excited to see how the rest of the videos are and then begin the video series on exploit research.
Well that is it for now. I hope to post more frequently and include articles and stories on top of the things I am learning.
The next lesson was learning how to use Metasploit. I have always known that Metasploit was a powerful tool and I had always wanted to learn how to use it. The YouTube videos covered using tools and exploits such as SSH scanner and FTP Login to creating and using payloads and backdoors. It helped that Metasploit gives you a vulnerable box to test with and I cannot wait to crack open my Metasploit book once I am finished with my lessons.
BURP Suite was up next. BURP is a suite of tools used to detect vulnerabilities in web applications. Unfortunately I could only use the community version which didn't allow me to try the full suite of tools it has. I am hoping that once I add it to my tools at my company I can go back and practice the things I could not do. The one thing I would ask the company that manages BURP is that if I am using the community addition I should be able to modify the settings for the tools that I have access to.
Currently I am working on the basics of exploit development. I am watching a series of videos on Assembly for Hackers. This is my first dive into Assembly and it is a lot to take in and remember. From understanding the memory space your application runs in to writing an assembly program and the various sections of initialized and uninitialized data and registers. It is a lengthy video series in terms of minutes per video but it is a lot of information. I am excited to see how the rest of the videos are and then begin the video series on exploit research.
Well that is it for now. I hope to post more frequently and include articles and stories on top of the things I am learning.
Thursday, November 21, 2019
I survived Linux Basic Training
Hello everyone. As I stated in my last post the next step was basic Linux commands. Using the website linuxsurvival.com I began the journey of learning the basic Linux commands. The tutorial is actually done very well as it not only teaches you the commands and some terminology but also allows you to practice the commands as you learn them. Through out my professional life I have had to learn Linux commands on the fly. Some of the early commands that I learned about were grep, ls and of course cd. This tutorial went over those commands but also how to use the manual (man), how to do a recursive copy and remove using "-r" as well as a quick overview of Linux file security. That part of the tutorial i found was one of the most important things for me as I have had issues in the past with changing security and ownership of files and directories in order for me to run programs. The tutorial only went over permissions such as read, write and execute for a file or directory and did not go over changing ownership groups. For anyone starting out with Linux and want to learn some basic and frequently used commands in Linux then Linux Survival website is a great place to start.
Wednesday, November 20, 2019
Windows Command Line
So I have begun my training following a plan that was laid out by my mentor. The first thing was the basics of windows command line. Now I have been in IT for over 10 years and have worked primarily on Windows operating systems. Up until this point I have only used the Windows command line interface (CLI) to check my IP, flush DNS, perform NETSTAT and on occasion run specific programs that can only be ran from the CLI. I had an idea that I could use it to make folders or move files around but I always defaulted to using the Windows GUI to get the job done. I never realized that it can be equally as powerful as Linux CLI. Going through the introductory lessons I learned that some of the commands you would use in Linux such as mkdir for making directories are the same in Windows. One of the cool things I learned, besides changing the color to look like the matrix, was see the attributions of files. It was so easy to just be in a directory and type "attrib" and see all the files and whether they were hidden, read only or a system file. It is definitely was a great way to start off the training and next up is Linux command-line. Looking forward to seeing what I learn there and get to share. Until next time.
source for windows command-line basics - Windows Command Line Basics
interesting story for today - Hacker News - Monero Hack
source for windows command-line basics - Windows Command Line Basics
interesting story for today - Hacker News - Monero Hack
Sunday, November 17, 2019
Welcome
Welcome
Welcome to IsItInfoSec. I have been in the physical security industry for 10+ years and have worked my way up from a vault attendant to a security engineer. Information Security has been my passion. I obtained my Security + early in my career, participated as a member and as a part of the board for the NY Metro ISSA chapter. I continued to keep my finger on the pulse of Information Security even though my career had me doing other things. I obtained my CISSP in October of 2017 and I am now working to learn more about the offensive side of the house. I have spent majority of my career on the defense side and have learned a lot. This blog is going to be used to document what I have learned as well as be a place to discuss articles and topics that I find interesting in information security.
Welcome to IsItInfoSec. I have been in the physical security industry for 10+ years and have worked my way up from a vault attendant to a security engineer. Information Security has been my passion. I obtained my Security + early in my career, participated as a member and as a part of the board for the NY Metro ISSA chapter. I continued to keep my finger on the pulse of Information Security even though my career had me doing other things. I obtained my CISSP in October of 2017 and I am now working to learn more about the offensive side of the house. I have spent majority of my career on the defense side and have learned a lot. This blog is going to be used to document what I have learned as well as be a place to discuss articles and topics that I find interesting in information security.
Disclaimer
Disclaimer
NATURE OF THIS SITE
The purpose of this blog is to practice my technical writing and also discuss topics on things I learn as I pursue various professional certifications or training. This is not a website and any comments that is unprofessional in nature will be removed and the user reported. This site is intended to be informational and also provide a place for news in information security.
OPINIONATED CONTENT
Along with information on what I learn I may post links to news topics or reference materials. All posts will have proper citation and sources. The information on this blog is of my own opinion and do not reflect the opinions of my employer or the communities and groups that I participate in.
TERMS OF USE
Information I provide on my blog is accurate and true to the best of my knowledge, but there may be omissions, errors or mistakes. I will try and maintain any updates to information that I post as new information is found.
HOLD HARMLESS CLAUSE
This blog is for informational purposes only and should not be seen as any king of advice, such as medical, legal, tax, emotional or other types of advice. If you chose to use the information presented in this blog as advice that is at your own risk.
As stated in my Welcome post, I am a professional in the field and as such this blog is again only for informational purposes and should not be seen as any advice regarding information or cyber security and you should consult with a professional before taking any sort of action.
RESERVATION OF RIGHTS
I have the right to change how I manage or run the blog. I may change the focus or content at any time with no prior notice.
NATURE OF THIS SITE
The purpose of this blog is to practice my technical writing and also discuss topics on things I learn as I pursue various professional certifications or training. This is not a website and any comments that is unprofessional in nature will be removed and the user reported. This site is intended to be informational and also provide a place for news in information security.
OPINIONATED CONTENT
Along with information on what I learn I may post links to news topics or reference materials. All posts will have proper citation and sources. The information on this blog is of my own opinion and do not reflect the opinions of my employer or the communities and groups that I participate in.
TERMS OF USE
Information I provide on my blog is accurate and true to the best of my knowledge, but there may be omissions, errors or mistakes. I will try and maintain any updates to information that I post as new information is found.
HOLD HARMLESS CLAUSE
This blog is for informational purposes only and should not be seen as any king of advice, such as medical, legal, tax, emotional or other types of advice. If you chose to use the information presented in this blog as advice that is at your own risk.
As stated in my Welcome post, I am a professional in the field and as such this blog is again only for informational purposes and should not be seen as any advice regarding information or cyber security and you should consult with a professional before taking any sort of action.
RESERVATION OF RIGHTS
I have the right to change how I manage or run the blog. I may change the focus or content at any time with no prior notice.
Subscribe to:
Comments (Atom)