Photo by FlyD on Unsplash
Hey folks,
Hoping that the day was good! Welcome to Part-12, We have some more topics to discuss today, Let’s start with no more delay.
- Assembly Level Language Introduction
Now, this is something that isn’t discussed very much in our domain, When we discuss about cybersecurity, people only like to hear cool words that gives them this sort of dopamine rush, maybe because of the possibility of them doing the same thing as the person who’s saying so. While I don’t want to discourage you, I hope I’m not. To be honest, there are more people who teach this “generic hacking” stuff rather than who genuinely practice it and are passionate about it, Cybersecurity is a complex and a broad term, It is definitely not restricted to the things you see everywhere like “Do this to hack your girlfriend’s cam”, “Do this to hack your friends”, “Use this tool to hack Wi-Fi” etc. Assembly level language is interesting because we can create malware and exploits that most people cannot grasp any idea about it. We can even go with greater lengths such as code obfuscation and stenographic methods. Let’s save them for the next time, It’d be a great thing to discuss. Why It is less discussed? because It is complex and stressful to learn something that is not interesting, why would It be interesting If the people aren’t passionate about teaching? I like to write, It makes me feel good. The people who teach the certain things, has the responsibility to make it fun and interesting to learn. These days, be It in YouTube or in real institutions, there’s no “time” they just come and go. Learning about specific thing or a skill feels nice, because It makes us even more curious to know “what is inside it?”. Learn for yourself, not for the exams or your so so high marks.
Assembly level language has the capacity to directly interact with the system’s hardware, making it easier to make them do what we want. Just like Bash, bash does the same thing with Linux. Let’s see the program.section .data
hello db ‘Hack the planet!‘,0
section .text
global _start
_start:
; write the message to stdout
mov eax, 4 ; syscall: write
mov ebx, 1 ; file descriptor: stdout
mov ecx, hello ; pointer to the message
mov edx, 13 ; length of the message
int 0x80 ; make syscall
; exit the program
mov eax, 1 ; syscall: exit
xor ebx, ebx ; exit code 0
int 0x80 ; make syscall
The language has to be changed for each specific system, It focuses on a specific system architecture. Like the code I had used above, It is for x86 assembly Linux environment. If we want for a different architecture, we need to change it accordingly. The instruction sets differ from each other. For e.g. MIPS, ARM architectures. If we can learn it upto a basic-intermediate, we would be proficient enough to see how the exploit is working and how further we can modify and change it. The assembly language exploits include: buffer overflows, kernel exploits.
2.Binary exploitation
Binary exploitation is an exploitation methodology where we change the binary instructions and program codes to manipulate a certain program’s behavior, we can perform buffer overflows and heap exploitation etc.
Photo by Alexander Sinn on Unsplash
We don’t have to go into much details, keep in mind that binary exploitation works by changing and exploiting the vulnerabilities which are present in the compiled binary code, every code needs to be compiled to make itself work and do the services which It was assigned to do, How can a compiled code gets exploited? by using the vulnerabilities that are inside the code itself, let’s say you created code that has no secure protection against buffer over-flows, It can be used to modify the contents of the application which the code has been running on. These are simple and easier to understand, keep in mind that real binary exploitations can get a little complex, due to their working nature(0s and 1s aren’t that great visual feast for humans).
3.IoT Architecture
I’m very sure you’ve already heard the term IoT many times over and over, apparently these days, the more IoT devices you have, the more richer you are(that’s how the society thinks). IoT is short for Internet of Things, these are electronic gadgets used to perform daily life home tasks, these devices range from small handheld remotes to big mansion-controlling systems. These devices are always connected to the internet, making them delightful snack for attackers to use them as a part of botnet swarm or crypto mining sources, We can see for any suspicion based on the data/network usage. Let’s say you just bought a new smart AI powered washing machine, after some few years, you came to know that this super smart AI washing machine is using 50 gigs of network per month as “updates”, I’d definitely get rid of it as soon as possible and buy a normal one. My own washing machine can be a channel of spyware for any attacker, Since It’d be connected to the internet always, It sure is a risk factor worth mentioning. Let’s see Its architecture.
Photo by Robin Glauser on Unsplash
The architecture differs from device to device, because obviously we are talking about a wide range of home products, which focus on different fields and domains. But they all contain the basic things, they are the network layers, client-host interactive layers, software layer and some big exception handlers if devs are patient enough. These are very prone to be attacked, because these are connected to your home Wi-Fi, If your Wi-Fi gets compromised, all of these lil guys will also get knocked down one by one. Because of their little to less security, see these are created to make the life easier for humans, that’s why the creators aren’t dedicated security focused personnel, they just care for the work the product is doing and delivering, I’m sure now, It has became a controversial topic. This whole IoT thing is not far fetched, We already stepped into it many years ago, let’s see how it unfolds.
4.Code Obfuscation
Code Obfuscation is the process of hiding the real existing code into a non-readable format, It is used to hide the confidential working nature of various scripts, from people who don’t have the access (from viewing it). Code obfuscation is widely used in malware creation because of It’s lack of transparency which provides a state of enigma for the creator too, I don’t know If that’s a good thing. It works just like these many encryption algorithms and methods, but this is easier to maintain and get around with, so the popular go-to is this one. Let’s see some samples.eval(import(‘codecs’).decode(import(‘base64’).b64decode(‘aW1wb3J0IGJpbmFyeV9maWxlCnN5c3RlbS5vcGVuKFwicGF5bG9hZF9hcHBsaWNhdGlvbnNcIikKZmlsZV9nZXRfY29udGVudHMgPSBwYXlsb2FkX2FwcGxpY2F0aW9ucy5kZWNvZGVTaWduZWQoJ3MnKQpwcmludCgiSGVsbG8sIFdvcmxkIikKcHJpbnQoIkhlbGxvLCBXb3JsZCIpCnByaW50KCJIZWxsbyBXb3JsZCIpCg==’,‘rot_13’))
The above code is a simple python code for hello world, as we can see it used the codec and base64 packages to decode obfuscated code and then print the output. Very fun right? Yes.import sys; exec((lambda x:xx)(‘import sys;exec((lambda x:xx)(‘print(“import sys; exec((lambda x:x*x)(\’” + sys.argv[0] + ”\”) + ”\”)”)’))’)
Simple never ending loop to annoy the victim after execution, It won’t stop unless we close the IDE. I don’t know if they work or not, shown for the representational purposes.import sys; exec((lambda x:x[1]*int(x[0]))((‘000011101110001110111100011101111000111011110001110111100011101110001110111100011101111000111011110001110111100011101111000111011110001110111100011101111000111011110001110111100011101111000111011110001110111100011101111000111011110001110111100011101111000111011110001110111100011101111000111011110001110111100011101111000111011110001110’, sys.argv)))
This one is my favorite, It just keeps repeating and forcing the user to run the script forever. The above codes don’t work, because There’s no fun in copy & paste. Go through the code and try to build your own obfuscated ones! Well for motivation, You can come back daily. I ain’t got a ton, but It’s honest work.
5.Hardware security
Now, hardware security isn’t that thing to be overlooked, almost all the devices we use have their own respective hardware components which needs their own security, If there’s a lack of security then there would be many chances/ways for hardware pwning, It’s not like some guy will just steal our android/iPhone and sit for an hour to modify the components right? It’s still very fun to tinker with hardware because you can see their entire anatomy, how they work etc.
Photo by Alexandre Debiève on Unsplash
They contain protection against unwanted modification against factory sets, anti-content modification and possible guarding against malware and infectious multimedia. Without this basic security, It’d be a total chaos! Every software and hardware has their parts to do, just like our ecosystem. Everyone has a part to perform, that what matters.
Those are the little things for today, I’ll see you tomorrow!