Answer the question
In order to leave comments, you need to log in
Basic Hacking Principles for a Kettle?
Explain for an unknowing person how the systems are hacked? Is it enough to know Assembler and C and UNIX administration to crack systems?
Answer the question
In order to leave comments, you need to log in
Си полезно знать для того что-бы рыться в исходниках опенсорса - в поисках дыр.
Ассемблер полезно знать для реверсинжинеринга не опенсорса и в принципе для понимания что к чему.
А вообще не на том ресурсе вы задаёте этот вопрос и главное не раскрыли значение слова "систем", да и тему вы подняли на которую в формате Q&A не ответишь.
Да к слову, напомню про Уголовный кодекс - так, на всякий случай.
You can also "crawl" through a web application))
Well, let me explain how this is done using the example of FTP. (Random example)
Let's say someFtp is running on the server.
And you decided to find out if you can climb through it.
You put it on your car, fuzzy (google "fuzzing").
You found some kind of overflow in it. This is where ASM and RE skills come in handy.
You cut the whole thing in gdb, dig what and how and whether this hole can be exploited.
For example, you figured out that you get control of the stack and can overwrite EIP.
Further, using for example ROP style (return oriented programming) you force to transfer control to your shellcode. (You take it, for example, from some kind of bind_tcp/reverse_tcp metasploit).
Well, something like this.
But that's it, if you yourself want it, usually when they conduct a pentest, they check for known holes.
They look for weaknesses and break. You definitely need to know C in order to at least read it :-)
To set a ready-made exploit on a site, you don’t need to know anything at all. And when searching for vulnerabilities without having a source code or even a binary, you need as much knowledge as possible about all related areas. Since holes usually happen when programmers and admins use a tool, technology, the language does not fully understand how it all works. SQL injection is the best example of that. However, there are less and less holes in the software now, it is now fashionable to look for holes in people's brains.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question