CS计算机代考程序代写 Java python scheme javascript QUIZ 02

QUIZ 02

QUIZ 02

Say it if you know it

PWN

PWN begins with mis-spell of “own”, when successfully compromise a system

PWNed means being hacked

https://haveibeenpwned.com/

RFC

A Request for Comments (RFC) is a publication from the Internet Society (ISOC) and its associated bodies, most prominently the Internet Engineering Task Force (IETF), the principal technical development and standards-setting bodies for the Internet.
Most of our networking protocols are associated with a RFC#
DNS, TCP, IPv4, IPv6, UDP, HTTP, TLS, SSDP, ICMP
https://en.wikipedia.org/wiki/List_of_RFCs

RFC1925

RFC1925
The Twelve Networking Truths
(3) With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead.
(7a) (corollary). Good, Fast, Cheap: Pick any two (you can’t have all three).
(8) It is more complicated than you think.
(9a) (corollary) Every networking problem always takes longer to solve than it seems like it should.

IEEE standard

Name Description Status
IEEE 802.1 Higher Layer LAN Protocols Working Group Active
IEEE 802.2 LLC Disbanded
IEEE 802.3 Ethernet Active
IEEE 802.4 Token bus Disbanded
IEEE 802.5 Token Ring MAC layer Disbanded
IEEE 802.6 MANs (DQDB) Disbanded
IEEE 802.7 Broadband LAN using Coaxial Cable Disbanded
IEEE 802.8 Fiber Optic TAG Disbanded
IEEE 802.9 Integrated Services LAN (ISLAN or isoEthernet) Disbanded
IEEE 802.10 Interoperable LAN Security Disbanded
IEEE 802.11 Wireless LAN (WLAN) & Mesh (Wi-Fi certification) Active
IEEE 802.12 100BaseVG Disbanded
IEEE 802.13 Unused[2] reserved for Fast Ethernet development[3]
IEEE 802.14 Cable modems Disbanded
IEEE 802.15 Wireless PAN Active
IEEE 802.15.1 Bluetooth certification Disbanded
IEEE 802.15.2 IEEE 802.15 and IEEE 802.11 coexistence Hibernating[4]
IEEE 802.15.3 High-Rate wireless PAN (e.g., UWB, etc.) ?
IEEE 802.15.4 Low-Rate wireless PAN (e.g., ZigBee, WirelessHART, MiWi, etc.) Active
IEEE 802.15.5 Mesh networking for WPAN ?
IEEE 802.15.6 Body area network Active
IEEE 802.15.7 Visible light communications ?
IEEE 802.16 Broadband Wireless Access (WiMAX certification) hibernating
IEEE 802.16.1 Local Multipoint Distribution Service hibernating
IEEE 802.16.2 Coexistence wireless access hibernating
IEEE 802.17 Resilient packet ring Disbanded
IEEE 802.18 Radio Regulatory TAG ?
IEEE 802.19 Wireless Coexistence Working Group ?
IEEE 802.20 Mobile Broadband Wireless Access Disbanded
IEEE 802.21 Media Independent Handoff hibernating
IEEE 802.22 Wireless Regional Area Network hibernating
IEEE 802.23 Emergency Services Working Group Disbanded

VLAN

little-endian
big-endian

URL / URI

List of schemes

https://en.wikipedia.org/wiki/List_of_URI_schemes
chrome:///

/ (Where 

 is either “content”, “skin” or “locale”)
data:[;base64],
ed2k://|file||||/ or
file://[host]/path
git://github.com/user/project-name.git
ldap://[[:]][/ [?[][?[][?[][?]]]]]
magnet:?xt=urn:sha1:&dn=
mailto:

[?=[&=]]
s3://mybucket/puppy.jpg
sip:[:]@[:][;][?]
smb://[@][:][/[]][?=[;=]] or
sms:?
spotify:: or
tel: view-source:

The Internet Assigned Numbers Authority (IANA) is a standards organization that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System (DNS), media types, and other Internet Protocol-related symbols and Internet numbers.

0x0d 0x0A

\r \n

Python
{ } vs ( ) vs [ ]

{ } = Dictionary
No order, defined as “key”:”value” pairs
{
  “brand”: “Ford”,
  “model”: “Mustang”,
  “year”: 1964
}
[ ] = array
data=”unethical”
data[2:] // “ethical”
data[2:-10]
// “” empty string

( ) = Tuple

#!/usr/bin/env python3
import socket
HOST = ‘127.0.0.1’
PORT = 65432
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.bind((HOST, PORT))
s.listen()

AAAA

Authentication
Proof who you are (always as username / password ?)
Authorization
Grant / Deny access based your identity
Accounting
Logging, recording
Auditing
Review AAA logs

A/D convert

Digital
Analog
Digital -> Analog Convertor

What is this sound

Dual Tone Multi Frequency (DTMF)
https://en.wikipedia.org/wiki/Dial-up_Internet_access

UTC

Coordinated Universal Time (to replace GMT)
Some countries implements Daylight Saving (+/- 1 hour)
Not always 1 hour (India is UTC+5:30)

Unix time

What is the unix time stamp?
The unix time stamp is a way to track time as a running total of seconds. This count starts at the Unix Epoch on January 1st, 1970 at UTC. Therefore, the unix time stamp is merely the number of seconds between a particular date and the Unix Epoch. It should also be pointed out (thanks to the comments from visitors to this site) that this point in time technically does not change no matter where you are located on the globe. This is very useful to computer systems for tracking and sorting dated information in dynamic and distributed applications both online and client side.
https://www.unixtimestamp.com/
https://stackoverflow.com/questions/10990949/convert-date-time-string-to-epoch-in-bash

PK / MZ

PK = Phillip Walter Katz
(author of PKZip)

MZ =  Mark Zbikowski
(developer for MS-DOS)

https://en.wikipedia.org/wiki/List_of_file_signatures
In General, the design philosophy of a file content is:
File Type ( usually very begging of file) e.g. PDF
File content version ( normally right after the file type) e.g. 1.5
File header (meta data) e.g. Author, Creation Date
Indexer to the payloads / sections from header e.g. Pages, Objects
File Tailer ( optional to identify end of section) e.g. JPG ends with 0xFF 0xD9
File Tailer is important for data recovery to determinate end of File

BAAD

BAAD = Deleted file
FILE = normal file
https://en.wikipedia.org/wiki/NTFS#Master_File_Table

DEADBEEF

https://en.wikipedia.org/wiki/Hexspeak

RCE

Remote Code Execution

Phishing
https://attack.mitre.org/techniques/T1566/

Drive-by
https://attack.mitre.org/techniques/T1189/

C&C
/ C2
https://attack.mitre.org/tactics/TA0011/

Man-in-the-middle
https://attack.mitre.org/techniques/T1557/

Web-Shell
https://attack.mitre.org/techniques/T1505/003/

Robots.txt

PS>
https://attack.mitre.org/techniques/T1059/001/

Windows BITS
https://attack.mitre.org/techniques/T1197/

Background Intelligent Transfer Service (BITS)

Win32/StealthFalcon uses the standard Windows component Background Intelligent Transfer Service (BITS), a rather unusual technique
Command name Functionality
K Uninstall itself
CFG Update configuration data
RC Execute the specified application
DL Write downloaded data to file
CF Prepare a file for exfiltration
CFW Exfiltrate and delete files
CFWD Not implemented/no operation

Win32/StealthFalcon is a DLL file that, after execution, schedules itself as a task running on each user login. It only supports basic commands but displays a systematic approach to data collection, data exfiltration, employing further malicious tools, and updating its configuration.

Windows UAC
https://attack.mitre.org/techniques/T1548/002/

SMB
https://attack.mitre.org/techniques/T1021/002/

Evasion
vs Avoidance
https://attack.mitre.org/tactics/TA0005/

obfuscation
https://attack.mitre.org/techniques/T1027/

Nested JavaScript Obfuscation – GuidePoint Security CTF Challenge

Demo 15 – PowerShell Deobfuscation

Hiding python code (script obfuscation).

null
28630.39

/docProps/thumbnail.jpeg