Wednesday, December 28, 2011

BASH WHILE Loop: article 201107

Loop every 1 minute for 7 hours, provide a date stamp, listen for syslog traffic with TCPDUMP, put the output to screen.  This was to have a check running in a Putty screen so I could keep a manual check on syslog not feeding my appliance.


while [ $COUNTER -lt 421 ]; do
           tcpdump -i eth0 port 514 -c 3
           let COUNTER=COUNTER+1
           sleep 58
           sleep 1


Sunday, December 11, 2011

Breakdown of C Format Parameters: article 201106

Study notes from Hacking: The Art of Exploitation and C Programming in Easy Steps. This is a table of format parameters in the C programming language



Sunday, December 4, 2011

Notes on Memory Segmentation: article 201105

Notes taken from "Hacking: The Art of Exploitation, 2nd ed."  Author Jon Erickson; Publisher No Starch Press.

Take aways: Compiled programs on x86 systems memory is divided into 5 segements each with specific purposes.  The segments are: text, data, bss, heap, and stack.

Fortunately my career is also my hobby; information security.  Forgiving all of the tired cliches, it is true; to really understand "your enemy" you must learn how they work.  It is also my opinion that to protect information you must too learn how the systems it resides on, and through, work as well. 

In my free time I have been educating myself on Assembly, C, Python, application security, and malware analysis. I have been at it for over a year now and due to the slow pace and lack of daily application of my studies I find myself having to re-review some mateirials as I progress.  My current focus is the fantastic book "Hacking: The Art of Explotation".  It is a great step through of showing the reader what C programming is, how to attack a poorly written program, and finally how to attack a network.

I decided to write some notes from my readings out here to provide myself with a reference and hopefully help provide information and understanding to others. 


A compiled program's memory is divided into 5 segments: text, data, bss, heap and stack. Of course each segment has their own purpose.

Sometimes called the code segment.  This location holds the assembled machine language instructions of the program.  WRITE permissions are disabled in the TEXT segment.  The segment is not used to store any variables, only code.  The TEXT segment has a fixed size.

Houses initialized global and static variables.  This segment is writable but does have a fixed size.

Houses uninitialized variables.  This segment is writable but it too has a fixed size.

A segment of memory programmers can directly control. Blocks of memory in this segment can be allocated and used by the programmer.  This segment's size can grow larger and smaller as needed.  The HEAP memory grows DOWN towards HIGHER memory addresses.

This segment is also writeable and is used as a "scratch pad" to store local function variables and context during function calls.  The segment's size also can grow larger and smaller as needed. As the STACK segment expands it grows UP towards LOWER memory addresses.