QUIZ 02
QUIZ 02
Say it if you know it
PWN
PWN begins with mis-spell of “own”, when successfully compromise a system
PWNed means being hacked
https://haveibeenpwned.com/
RFC
A Request for Comments (RFC) is a publication from the Internet Society (ISOC) and its associated bodies, most prominently the Internet Engineering Task Force (IETF), the principal technical development and standards-setting bodies for the Internet.
Most of our networking protocols are associated with a RFC#
DNS, TCP, IPv4, IPv6, UDP, HTTP, TLS, SSDP, ICMP
https://en.wikipedia.org/wiki/List_of_RFCs
RFC1925
RFC1925
The Twelve Networking Truths
(3) With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead.
(7a) (corollary). Good, Fast, Cheap: Pick any two (you can’t have all three).
(8) It is more complicated than you think.
(9a) (corollary) Every networking problem always takes longer to solve than it seems like it should.
IEEE standard
Name Description Status
IEEE 802.1 Higher Layer LAN Protocols Working Group Active
IEEE 802.2 LLC Disbanded
IEEE 802.3 Ethernet Active
IEEE 802.4 Token bus Disbanded
IEEE 802.5 Token Ring MAC layer Disbanded
IEEE 802.6 MANs (DQDB) Disbanded
IEEE 802.7 Broadband LAN using Coaxial Cable Disbanded
IEEE 802.8 Fiber Optic TAG Disbanded
IEEE 802.9 Integrated Services LAN (ISLAN or isoEthernet) Disbanded
IEEE 802.10 Interoperable LAN Security Disbanded
IEEE 802.11 Wireless LAN (WLAN) & Mesh (Wi-Fi certification) Active
IEEE 802.12 100BaseVG Disbanded
IEEE 802.13 Unused[2] reserved for Fast Ethernet development[3]
IEEE 802.14 Cable modems Disbanded
IEEE 802.15 Wireless PAN Active
IEEE 802.15.1 Bluetooth certification Disbanded
IEEE 802.15.2 IEEE 802.15 and IEEE 802.11 coexistence Hibernating[4]
IEEE 802.15.3 High-Rate wireless PAN (e.g., UWB, etc.) ?
IEEE 802.15.4 Low-Rate wireless PAN (e.g., ZigBee, WirelessHART, MiWi, etc.) Active
IEEE 802.15.5 Mesh networking for WPAN ?
IEEE 802.15.6 Body area network Active
IEEE 802.15.7 Visible light communications ?
IEEE 802.16 Broadband Wireless Access (WiMAX certification) hibernating
IEEE 802.16.1 Local Multipoint Distribution Service hibernating
IEEE 802.16.2 Coexistence wireless access hibernating
IEEE 802.17 Resilient packet ring Disbanded
IEEE 802.18 Radio Regulatory TAG ?
IEEE 802.19 Wireless Coexistence Working Group ?
IEEE 802.20 Mobile Broadband Wireless Access Disbanded
IEEE 802.21 Media Independent Handoff hibernating
IEEE 802.22 Wireless Regional Area Network hibernating
IEEE 802.23 Emergency Services Working Group Disbanded
VLAN
little-endian
big-endian
URL / URI
List of schemes
https://en.wikipedia.org/wiki/List_of_URI_schemes
chrome://
data:
ed2k://|file|
file://[host]/path
git://github.com/user/project-name.git
ldap://[
magnet:?xt=urn:sha1:
mailto: [?
s3://mybucket/puppy.jpg
sip:
smb://[
sms:
spotify:
tel:
The Internet Assigned Numbers Authority (IANA) is a standards organization that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System (DNS), media types, and other Internet Protocol-related symbols and Internet numbers.
0x0d 0x0A
\r \n
Python
{ } vs ( ) vs [ ]
{ } = Dictionary
No order, defined as “key”:”value” pairs
{
“brand”: “Ford”,
“model”: “Mustang”,
“year”: 1964
}
[ ] = array
data=”unethical”
data[2:] // “ethical”
data[2:-10]
// “” empty string
( ) = Tuple
#!/usr/bin/env python3
import socket
HOST = ‘127.0.0.1’
PORT = 65432
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.bind((HOST, PORT))
s.listen()
AAAA
Authentication
Proof who you are (always as username / password ?)
Authorization
Grant / Deny access based your identity
Accounting
Logging, recording
Auditing
Review AAA logs
A/D convert
Digital
Analog
Digital -> Analog Convertor
What is this sound
Dual Tone Multi Frequency (DTMF)
https://en.wikipedia.org/wiki/Dial-up_Internet_access
UTC
Coordinated Universal Time (to replace GMT)
Some countries implements Daylight Saving (+/- 1 hour)
Not always 1 hour (India is UTC+5:30)
Unix time
What is the unix time stamp?
The unix time stamp is a way to track time as a running total of seconds. This count starts at the Unix Epoch on January 1st, 1970 at UTC. Therefore, the unix time stamp is merely the number of seconds between a particular date and the Unix Epoch. It should also be pointed out (thanks to the comments from visitors to this site) that this point in time technically does not change no matter where you are located on the globe. This is very useful to computer systems for tracking and sorting dated information in dynamic and distributed applications both online and client side.
https://www.unixtimestamp.com/
https://stackoverflow.com/questions/10990949/convert-date-time-string-to-epoch-in-bash
PK / MZ
PK = Phillip Walter Katz
(author of PKZip)
MZ = Mark Zbikowski
(developer for MS-DOS)
https://en.wikipedia.org/wiki/List_of_file_signatures
In General, the design philosophy of a file content is:
File Type ( usually very begging of file) e.g. PDF
File content version ( normally right after the file type) e.g. 1.5
File header (meta data) e.g. Author, Creation Date
Indexer to the payloads / sections from header e.g. Pages, Objects
File Tailer ( optional to identify end of section) e.g. JPG ends with 0xFF 0xD9
File Tailer is important for data recovery to determinate end of File
BAAD
BAAD = Deleted file
FILE = normal file
https://en.wikipedia.org/wiki/NTFS#Master_File_Table
DEADBEEF
https://en.wikipedia.org/wiki/Hexspeak
RCE
Remote Code Execution
Phishing
https://attack.mitre.org/techniques/T1566/
Drive-by
https://attack.mitre.org/techniques/T1189/
C&C
/ C2
https://attack.mitre.org/tactics/TA0011/
Man-in-the-middle
https://attack.mitre.org/techniques/T1557/
Web-Shell
https://attack.mitre.org/techniques/T1505/003/
Robots.txt
PS>
https://attack.mitre.org/techniques/T1059/001/
Windows BITS
https://attack.mitre.org/techniques/T1197/
Background Intelligent Transfer Service (BITS)
Win32/StealthFalcon uses the standard Windows component Background Intelligent Transfer Service (BITS), a rather unusual technique
Command name Functionality
K Uninstall itself
CFG Update configuration data
RC Execute the specified application
DL Write downloaded data to file
CF Prepare a file for exfiltration
CFW Exfiltrate and delete files
CFWD Not implemented/no operation
Win32/StealthFalcon is a DLL file that, after execution, schedules itself as a task running on each user login. It only supports basic commands but displays a systematic approach to data collection, data exfiltration, employing further malicious tools, and updating its configuration.
Windows UAC
https://attack.mitre.org/techniques/T1548/002/
SMB
https://attack.mitre.org/techniques/T1021/002/
Evasion
vs Avoidance
https://attack.mitre.org/tactics/TA0005/
obfuscation
https://attack.mitre.org/techniques/T1027/
Nested JavaScript Obfuscation – GuidePoint Security CTF Challenge
Demo 15 – PowerShell Deobfuscation
Hiding python code (script obfuscation).
null
28630.39
/docProps/thumbnail.jpeg