1
00:00:00,320 --> 00:00:01,190
Hello everyone.

2
00:00:01,190 --> 00:00:08,420
My name is Stephan and now let's delve deeper into a significantly valuable aspect of our study the

3
00:00:08,420 --> 00:00:10,880
construction of a TCP bind trail.

4
00:00:10,880 --> 00:00:18,260
The concept of TCP bind trail revolves around the establishing a server instance on a designated machine,

5
00:00:18,260 --> 00:00:25,730
referred to as the victim or target, so the server remains in a state of anticipation, awaiting an

6
00:00:25,730 --> 00:00:30,920
incoming connection from a separate machine termed as the attacker or hacker.

7
00:00:30,920 --> 00:00:37,400
So the critical functionality of this connection lies in its facilitation of command execution on the

8
00:00:37,400 --> 00:00:39,860
server by the remote attacker.

9
00:00:39,860 --> 00:00:47,000
In a sense, a TCP bind shell serves as a pivotal mechanism for remote command execution.

10
00:00:47,000 --> 00:00:54,080
By skillfully configuring this arrangement, an attacker can efficiently and effectively wield control

11
00:00:54,080 --> 00:01:02,120
over a victim's machine throughout the execution of commands, so the sense of this process resides

12
00:01:02,120 --> 00:01:09,710
in the establishment of a connection between the attacker and the victim's server, so subsequently

13
00:01:09,710 --> 00:01:13,670
enabling the seamless transition and execution of instruction.

14
00:01:13,670 --> 00:01:21,440
So the intricacies of crafting a TCP bind trail span the domains of networking protocols and programming

15
00:01:21,440 --> 00:01:22,460
paradigms.

16
00:01:22,460 --> 00:01:30,140
So the victim's machine server is meticulously configured to bind to a specific port, allowing it to

17
00:01:30,140 --> 00:01:33,830
listen attentively for incoming connection requests.

18
00:01:33,830 --> 00:01:40,310
So this implies that the victim server is in a state of readiness.

19
00:01:40,310 --> 00:01:48,230
So a poised to response and to an engage initiated by the attacker.

20
00:01:48,230 --> 00:01:55,910
So upon the successful establishment of this connection, the attacker is endowed with a gateway to

21
00:01:55,910 --> 00:01:59,060
remotely communicate with the victim's server.

22
00:01:59,060 --> 00:02:05,270
So this interaction materialized rises in the form of command transmission, enabling the execution

23
00:02:05,270 --> 00:02:07,700
of directives on the victim's machine.

24
00:02:07,700 --> 00:02:16,310
Such a mechanism inherently raises concerns pertaining to security and ethical considerations, as an

25
00:02:16,310 --> 00:02:21,410
authorized command, execution can lead to compromised systems and networks.

26
00:02:21,410 --> 00:02:27,230
In our exploration of the TCP bind trail, we shall delve into the intricate details of port selection,

27
00:02:27,230 --> 00:02:31,160
socket programming, and orchestration of communication flows.

28
00:02:31,160 --> 00:02:38,060
By grasping these intricacies, you will be equipped to not only comprehend the mechanisms of remote

29
00:02:38,060 --> 00:02:45,200
command execution, but also appreciate the importance of robust security measures to thwart potential

30
00:02:45,200 --> 00:02:46,160
misuse.

31
00:02:46,820 --> 00:02:54,080
So throughout this comprehensive study of the TCP bind, shall we aspire to empower you with the knowledge

32
00:02:54,080 --> 00:03:01,940
and insights necessary to navigate the multifaceted landscape of network programming and security?

33
00:03:01,940 --> 00:03:10,280
So the creation of the creation and analysis of such construct necessitate a nuanced understanding of

34
00:03:10,280 --> 00:03:16,160
programming languages, network protocols, and ethical dimensions that underscore the digital realm.

35
00:03:16,370 --> 00:03:23,060
So, at its core, a bandshell in the context of C programming is sophisticated embodiment of the network

36
00:03:23,060 --> 00:03:24,080
programming concepts.

37
00:03:24,080 --> 00:03:31,850
So this construct encompasses the orchestration of socket creation, binding, and listening, all of

38
00:03:31,850 --> 00:03:36,830
which culminate in the establishment of a robust network communication channel.

39
00:03:37,040 --> 00:03:43,100
So this channel, forged throughout meticulous programming techniques, facilitates the interaction

40
00:03:43,100 --> 00:03:47,330
between the victim's machine server and the external attacker.

41
00:03:47,330 --> 00:03:55,070
Now, our journey into the realm of C based bind trails is poised to equip you with the foundational

42
00:03:55,070 --> 00:04:02,450
knowledge required to construct and dissect this intricate construct, and by unraveling its inner workings,

43
00:04:02,450 --> 00:04:08,510
you shall gain in an in-depth understanding of network programming, security implications, and the

44
00:04:08,510 --> 00:04:12,890
symbiotic interplay between attacker and victim's machines.

45
00:04:12,890 --> 00:04:17,330
So now we will create the new file here, which is the C program file.

46
00:04:17,330 --> 00:04:22,010
So let's name it TCP bind dot c.

47
00:04:22,160 --> 00:04:35,300
And now we will include the yeah five headers here include c s socket dot age include system.

48
00:04:36,340 --> 00:04:39,040
Include system types here.

49
00:04:40,580 --> 00:04:41,660
Include.

50
00:04:44,960 --> 00:04:45,890
System.

51
00:04:45,890 --> 00:04:50,510
Now we are enough of system here, so we will include the stdlib here.

52
00:04:51,420 --> 00:04:53,430
And we will include the.

53
00:04:54,240 --> 00:04:59,460
On S.T.D., which we use that in previous lectures.

54
00:04:59,760 --> 00:05:00,330
Yeah.

55
00:05:00,330 --> 00:05:02,460
And we will also include the.

56
00:05:02,910 --> 00:05:07,410
Net init and in dot h.

57
00:05:07,980 --> 00:05:11,610
And now we will first create our main function here as we always do.

58
00:05:11,610 --> 00:05:14,580
So integer main void here.

59
00:05:14,580 --> 00:05:18,930
And we will first declare variables for socket descriptors.

60
00:05:18,930 --> 00:05:20,460
In this case it's going to be integers.

61
00:05:20,460 --> 00:05:30,780
So integer uh my client FD and uh sock here my sock feet.

62
00:05:31,470 --> 00:05:34,230
And after that we will specify a port number.

63
00:05:34,230 --> 00:05:36,960
In this case let's actually make it um.

64
00:05:38,530 --> 00:05:39,220
Yeah.

65
00:05:39,220 --> 00:05:40,900
Integer port.

66
00:05:41,560 --> 00:05:43,210
My port here.

67
00:05:43,600 --> 00:05:44,560
Uh, three.

68
00:05:44,740 --> 00:05:45,490
One two.

69
00:05:46,250 --> 00:05:47,000
Yeah.

70
00:05:47,000 --> 00:05:47,900
Three.

71
00:05:47,930 --> 00:05:48,470
You know.

72
00:05:48,470 --> 00:05:49,610
Or seven.

73
00:05:49,610 --> 00:05:49,790
Three.

74
00:05:49,790 --> 00:05:50,000
Three.

75
00:05:50,000 --> 00:05:50,480
One.

76
00:05:52,890 --> 00:05:58,500
And here we will declare a sock address in structure.

77
00:05:58,500 --> 00:06:03,900
So struct, uh, sock or my sock or actually.

78
00:06:03,900 --> 00:06:04,410
Yeah, yeah.

79
00:06:04,410 --> 00:06:08,760
No, you can use my sock, my sock adder here.

80
00:06:09,700 --> 00:06:10,420
In.

81
00:06:11,550 --> 00:06:12,390
And which.

82
00:06:14,100 --> 00:06:14,460
Or.

83
00:06:14,460 --> 00:06:15,120
Uh, yeah.

84
00:06:15,120 --> 00:06:20,670
And we will also name it, uh, stock adder in here.

85
00:06:21,870 --> 00:06:23,190
That's it.

86
00:06:24,420 --> 00:06:30,150
And after that we will create a socket with IP version four and TCP protocol.

87
00:06:30,150 --> 00:06:31,620
So we will use.

88
00:06:32,890 --> 00:06:34,480
The my sock feet.

89
00:06:34,510 --> 00:06:37,240
So my sock feet.

90
00:06:37,930 --> 00:06:38,980
Here we go.

91
00:06:38,980 --> 00:06:42,850
Socket AF in it.

92
00:06:43,610 --> 00:06:45,050
Sock stream.

93
00:06:46,150 --> 00:06:47,710
Just for TCP here.

94
00:06:47,710 --> 00:06:48,850
And zero.

95
00:06:50,120 --> 00:06:55,340
And after that we will set the address family to IP version four.

96
00:06:55,340 --> 00:07:00,020
And in order to do that we will use this my sock order here.

97
00:07:00,020 --> 00:07:00,740
So.

98
00:07:01,760 --> 00:07:04,610
My sock adder here.

99
00:07:04,610 --> 00:07:06,200
Actually, let's delete this in here.

100
00:07:06,200 --> 00:07:07,820
So we don't need that.

101
00:07:07,970 --> 00:07:11,510
So my my sock address here.

102
00:07:11,510 --> 00:07:12,860
My socket address.

103
00:07:13,660 --> 00:07:17,110
And after that we will use sin family.

104
00:07:19,810 --> 00:07:22,450
And it will be AF init.

105
00:07:27,490 --> 00:07:28,180
That's it.

106
00:07:34,200 --> 00:07:35,130
And that's it.

107
00:07:35,130 --> 00:07:42,540
As I said with this line of code, here we are setting the address family to, uh, IP version four.

108
00:07:42,540 --> 00:07:50,910
And now we will convert the port to network byte order and assign it to SoC address structure.

109
00:07:50,910 --> 00:07:55,230
In this case we will going to assign it to my SoC address here.

110
00:07:56,280 --> 00:08:00,270
And, uh, what we're going to do here is.

111
00:08:00,540 --> 00:08:02,490
Yeah, we did the.

112
00:08:04,020 --> 00:08:05,580
Same family.

113
00:08:05,730 --> 00:08:06,510
And.

114
00:08:06,510 --> 00:08:07,170
Yeah.

115
00:08:07,500 --> 00:08:10,680
So my sock order here.

116
00:08:10,680 --> 00:08:15,360
Address and sin port, which is.

117
00:08:15,360 --> 00:08:16,140
We will.

118
00:08:17,040 --> 00:08:17,490
Sorry.

119
00:08:18,090 --> 00:08:22,260
So which is we will do the heat tones.

120
00:08:24,490 --> 00:08:24,940
Part.

121
00:08:25,240 --> 00:08:26,050
That's it.

122
00:08:28,930 --> 00:08:29,740
My port.

123
00:08:35,370 --> 00:08:42,960
And after that we will need to bind the socket to all available network interfaces on the machine.

124
00:08:46,670 --> 00:08:51,530
And now we will do a bind.

125
00:08:51,680 --> 00:08:53,990
Bind sock.

126
00:08:53,990 --> 00:08:55,970
My, uh.

127
00:08:55,970 --> 00:08:57,050
Socket.

128
00:08:58,780 --> 00:09:00,550
My soft.

129
00:09:01,790 --> 00:09:04,610
And we will use the struct here.

130
00:09:06,760 --> 00:09:07,540
Struct.

131
00:09:08,690 --> 00:09:10,250
My socket.

132
00:09:12,650 --> 00:09:15,710
Address here, pointer.

133
00:09:15,980 --> 00:09:19,640
And after that we will do.

134
00:09:21,420 --> 00:09:24,060
My my socket.

135
00:09:24,060 --> 00:09:24,300
Oops.

136
00:09:24,300 --> 00:09:25,770
My socket.

137
00:09:25,770 --> 00:09:26,700
Address.

138
00:09:28,200 --> 00:09:32,040
So address here and we will size.

139
00:09:32,040 --> 00:09:33,870
We will use the size of here.

140
00:09:33,870 --> 00:09:37,260
My socket address again.

141
00:09:37,650 --> 00:09:38,760
That's it here.

142
00:09:38,760 --> 00:09:40,530
And now let's end this code.

143
00:09:40,800 --> 00:09:45,480
And now we will listen for incoming connections on the bound socket here.

144
00:09:45,480 --> 00:09:49,650
So in order to do that we will just use this simple function.

145
00:09:49,650 --> 00:09:58,380
Listen my sock address and no my sock my socket FD here.

146
00:09:58,380 --> 00:10:03,420
And we will as a second argument we will pass one and that's it.

147
00:10:03,420 --> 00:10:09,990
And after that we will accept any incoming connection and get a new socket descriptor for communication.

148
00:10:12,520 --> 00:10:15,790
And now we will do my.

149
00:10:16,780 --> 00:10:17,140
Oh, yeah.

150
00:10:17,140 --> 00:10:18,280
We will define this.

151
00:10:18,280 --> 00:10:23,950
My client left here and accept.

152
00:10:26,060 --> 00:10:28,460
My socket feet.

153
00:10:30,580 --> 00:10:34,300
EFT and we will pass two nulls as a no.

154
00:10:34,300 --> 00:10:43,450
We will pass one null per parameter in this case the second and third parameter here null and null.

155
00:10:46,910 --> 00:10:50,780
And now what we're going to do is let's actually end this line of code.

156
00:10:50,810 --> 00:10:56,570
Now we will duplicate the client socket descriptor onto the standard output zero.

157
00:10:57,140 --> 00:10:57,650
Uh, no.

158
00:10:57,650 --> 00:10:59,120
Standard output of zero.

159
00:10:59,120 --> 00:10:59,750
Standard.

160
00:11:01,120 --> 00:11:06,280
Standard input zero, standard output one, and standard error two.

161
00:11:06,310 --> 00:11:10,270
And now we will use DUP here.

162
00:11:12,020 --> 00:11:15,140
And my client left.

163
00:11:16,870 --> 00:11:17,590
Zero.

164
00:11:18,340 --> 00:11:21,040
This is for the standard input.

165
00:11:21,460 --> 00:11:22,900
Let's actually write it down.

166
00:11:24,230 --> 00:11:25,640
So this is for.

167
00:11:26,520 --> 00:11:27,120
It's not.

168
00:11:29,310 --> 00:11:31,890
This for the STD.

169
00:11:32,070 --> 00:11:33,870
Actually, this just.

170
00:11:34,930 --> 00:11:37,510
Write it and I will explain that after this.

171
00:11:38,380 --> 00:11:39,820
Right completing this code.

172
00:11:39,820 --> 00:11:47,140
So my client fd1 for the output standard output here, let's actually make it nice.

173
00:11:47,140 --> 00:11:52,150
And after that we will use lastly the my client FD.

174
00:11:53,660 --> 00:11:56,210
Here, which is for errors.

175
00:11:58,820 --> 00:12:06,200
And now we will prepare the arguments for the Execvp function to execute the shell, in this case bash.

176
00:12:06,200 --> 00:12:08,210
So character.

177
00:12:09,860 --> 00:12:11,900
Actor pointer const.

178
00:12:11,900 --> 00:12:12,620
Here.

179
00:12:13,570 --> 00:12:17,140
Const RGV here.

180
00:12:17,170 --> 00:12:24,670
No RC, no, not RC here we will use the RGV argument V and the array.

181
00:12:27,820 --> 00:12:28,960
C.H..

182
00:12:29,850 --> 00:12:30,810
Null.

183
00:12:31,790 --> 00:12:36,110
Null as a second and third argument parameter.

184
00:12:36,110 --> 00:12:43,310
So now we will replace the current process with the shell uh using the bin sh program.

185
00:12:43,310 --> 00:12:49,580
So exec v we use that you learned that exec function in previous lectures.

186
00:12:49,580 --> 00:12:52,850
So bin sh.

187
00:12:54,150 --> 00:12:59,820
Here and our arguments V and null.

188
00:13:00,480 --> 00:13:01,290
That's it.

189
00:13:01,290 --> 00:13:03,480
And now we will just.

190
00:13:05,540 --> 00:13:06,800
Return here.

191
00:13:06,830 --> 00:13:13,820
Uh, but the this line will never be reached since Ziggy replaces the process.

192
00:13:13,820 --> 00:13:15,380
So it actually has no purpose.

193
00:13:15,380 --> 00:13:21,440
But it's okay to write a return, uh, cause in every C program here, not every.

194
00:13:21,440 --> 00:13:22,610
But, like, mostly.

195
00:13:22,610 --> 00:13:24,470
And now let's explore.

196
00:13:24,500 --> 00:13:26,510
Uh, explain this here.

197
00:13:26,510 --> 00:13:27,530
So.

198
00:13:28,190 --> 00:13:29,810
But we got some errors.

199
00:13:29,810 --> 00:13:30,410
Yeah.

200
00:13:30,410 --> 00:13:31,370
Because of that.

201
00:13:36,070 --> 00:13:37,390
I finished.

202
00:13:38,320 --> 00:13:38,860
Yeah.

203
00:13:38,860 --> 00:13:39,310
Perfect.

204
00:13:39,310 --> 00:13:41,620
Now, let's, uh, begin explanation here.

205
00:13:41,620 --> 00:13:47,650
So with this, include directives include necessary header files for using socket types and other related

206
00:13:47,650 --> 00:13:48,820
functions.

207
00:13:48,820 --> 00:13:55,600
And with with this here uh integer my client FD, my SoC fd here my socket FD.

208
00:13:55,870 --> 00:14:03,460
We are declaring the integer variables to store socket descriptors, um, socket descriptors and integer.

209
00:14:03,460 --> 00:14:06,520
My port uh 7331.

210
00:14:06,520 --> 00:14:09,400
We are setting the port number to 7331.

211
00:14:09,400 --> 00:14:17,440
And with this year's uh, struct uh socket address in my socket address is we are declaring a struct

212
00:14:17,440 --> 00:14:21,070
to store socket address information, in this case IP version four.

213
00:14:21,070 --> 00:14:26,950
And, uh, here we are, my, uh, so-called FD, my sock FD here.

214
00:14:26,950 --> 00:14:33,310
Uh, we are creating a new socket using an IP version four and TCP protocol.

215
00:14:33,970 --> 00:14:40,690
And we are telling the city to store the socket descriptor in my socket FD here.

216
00:14:40,690 --> 00:14:43,960
And after that we are.

217
00:14:43,960 --> 00:14:48,880
As you can see, we have two lines here which uses scene family and scene port.

218
00:14:48,910 --> 00:14:57,160
This means actually here that we are telling the C language to convert the port number to network byte

219
00:14:57,160 --> 00:15:03,700
order and assign it to scene port in my socket address.

220
00:15:03,700 --> 00:15:10,750
And we are doing the same here, uh, with uh, family here.

221
00:15:10,780 --> 00:15:12,910
Uh, write my socket address.

222
00:15:12,910 --> 00:15:20,200
In family, we are setting the address family of my, uh, socket address to IP version four.

223
00:15:20,620 --> 00:15:23,590
And yes, this info as I explained.

224
00:15:23,590 --> 00:15:25,480
Here we are.

225
00:15:26,640 --> 00:15:31,170
Converting the port number to network byte order here and.

226
00:15:32,180 --> 00:15:32,720
There.

227
00:15:32,720 --> 00:15:36,110
There should be some interesting line of code here.

228
00:15:36,110 --> 00:15:37,910
So we need to actually.

229
00:15:40,500 --> 00:15:41,040
Mhm.

230
00:15:41,100 --> 00:15:41,370
Mhm.

231
00:15:43,020 --> 00:15:43,830
Yes.

232
00:15:43,830 --> 00:15:45,360
I think we need to.

233
00:15:46,500 --> 00:15:54,330
Write the sin address, and to bind the circuit to all available network interfaces on the machine.

234
00:15:54,330 --> 00:15:57,510
In this case, I think we didn't do it.

235
00:15:57,510 --> 00:15:58,860
So let's actually do that.

236
00:15:58,860 --> 00:16:03,150
So we will need to my socket address here.

237
00:16:04,350 --> 00:16:05,310
Sin.

238
00:16:06,420 --> 00:16:07,320
Address.

239
00:16:07,740 --> 00:16:09,990
That's address here.

240
00:16:09,990 --> 00:16:14,310
And we will use in adder here.

241
00:16:14,520 --> 00:16:15,090
Any.

242
00:16:15,330 --> 00:16:22,710
So with this we are binding the socket to all the available network interfaces on the machine.

243
00:16:22,710 --> 00:16:31,170
So this is important if you are writing the shell code or some uh malicious files for ethical hacking

244
00:16:31,170 --> 00:16:31,980
purposes.

245
00:16:31,980 --> 00:16:36,630
And now what we're going to do here is that's it.

246
00:16:36,900 --> 00:16:37,680
So.

247
00:16:38,640 --> 00:16:45,270
And as I explained, we are doing this for the bind the socket to all available network interfaces on

248
00:16:45,270 --> 00:16:45,990
the machine.

249
00:16:45,990 --> 00:16:48,330
Now after that we have the struct.

250
00:16:48,330 --> 00:16:54,870
So we are binding the socket to the address specified in my socket address variable.

251
00:16:54,870 --> 00:16:56,700
And here.

252
00:16:56,700 --> 00:17:02,340
So after that we are listening for incoming connections on the bound socket.

253
00:17:02,340 --> 00:17:09,450
And after that we are accepting an incoming connection and get a new socket descriptor for communication.

254
00:17:10,140 --> 00:17:13,740
And with this three lines of code here.

255
00:17:14,510 --> 00:17:21,800
We are duplicating duplicating the client socket descriptor on the standard output in standard input

256
00:17:21,800 --> 00:17:23,840
output and error here.

257
00:17:23,840 --> 00:17:24,890
So.

258
00:17:27,130 --> 00:17:27,880
And yeah.

259
00:17:27,880 --> 00:17:30,340
And after that we have the character array.

260
00:17:30,340 --> 00:17:35,020
So we are preparing an array of arguments for the exec v function.

261
00:17:35,020 --> 00:17:40,570
And it specifies the program to execute shell and null terminates the argument list.

262
00:17:40,660 --> 00:17:43,030
And after that we have exec.

263
00:17:43,030 --> 00:17:52,000
We boenisch arguments v we are replacing the current process with the shell, uh, inheriting the duplicated

264
00:17:52,000 --> 00:17:52,990
uh file descriptors.

265
00:17:52,990 --> 00:17:59,950
So this effectively gives the connected client a shell on the server and the return zero.

266
00:17:59,950 --> 00:18:05,890
As I said, the line is never reached since exec replaces the current process with the shell, and so

267
00:18:05,890 --> 00:18:09,220
this line won't have any practical effect on this example.

268
00:18:09,220 --> 00:18:18,280
So this program sets up a basic server that listens on a specified port, accepts incoming connections,

269
00:18:18,280 --> 00:18:21,610
and provides a remote shell to the connected client.

270
00:18:21,970 --> 00:18:29,050
Now, it's important to note, keep in mind that it's important to keep in mind that this code resembles

271
00:18:29,080 --> 00:18:37,150
a basic example of a reverse shell, which can have security implications if used improperly or maliciously.

272
00:18:37,150 --> 00:18:43,060
So try this code on your virtual machine or some safe environment.

273
00:18:43,540 --> 00:18:46,600
So now um, here.

274
00:18:47,430 --> 00:18:50,040
First let's talk about the creating a socket in C.

275
00:18:50,040 --> 00:18:53,850
So this is like setting up a line of communication between computers.

276
00:18:53,850 --> 00:18:58,230
So we need three pieces of information here the protocol family.

277
00:18:58,230 --> 00:19:01,680
So think of this as the type of communication we are setting up.

278
00:19:01,680 --> 00:19:08,310
We use Afinet to say we are using IP version four and older version of Internet Protocol.

279
00:19:08,310 --> 00:19:11,130
And the second is connection type.

280
00:19:11,130 --> 00:19:13,410
So this is like saying how we want to talk.

281
00:19:13,410 --> 00:19:15,570
So socket stream here.

282
00:19:15,840 --> 00:19:18,420
This is for reliable connection.

283
00:19:18,420 --> 00:19:22,650
Like when you are talking on the phone and don't want to miss any words.

284
00:19:22,650 --> 00:19:24,660
And the third is protocol.

285
00:19:24,660 --> 00:19:29,340
So this is a bit like telling the computer to how to handle the communication.

286
00:19:29,340 --> 00:19:35,520
So we set it to zero, which means the computer will pick the best way for us.

287
00:19:35,520 --> 00:19:39,060
And now let's switch to something simpler.

288
00:19:39,060 --> 00:19:44,700
Finding the number that represents this socket thing we just talked about.

289
00:19:44,700 --> 00:19:50,730
Now, when programmers want to do things with computers, they use special numbers for different actions.

290
00:19:50,730 --> 00:19:54,840
It's like using a remote control to change the TV channel.

291
00:19:55,530 --> 00:19:58,650
And every button on the remote has a number.

292
00:19:58,680 --> 00:20:01,770
Similarly, computer actions have numbers to.

293
00:20:02,450 --> 00:20:04,520
And we are looking for the special number.

294
00:20:04,520 --> 00:20:07,070
That means create a socket.

295
00:20:07,070 --> 00:20:13,130
So by knowing this number we can interact with computers deeper parts to make our communication work.

296
00:20:13,160 --> 00:20:20,090
Understanding this numbers helps us to how different parts of computer work together.

297
00:20:20,090 --> 00:20:26,600
So while the last, um, explanation had some complex words, the bottom line is that we are discovering

298
00:20:26,600 --> 00:20:33,050
the secret number that lets us set up communication between computers.

299
00:20:33,050 --> 00:20:39,770
Now, this takes us beyond just writing basic code and helps us to understand how computers really work

300
00:20:39,770 --> 00:20:40,460
together.

301
00:20:40,460 --> 00:20:46,520
Now, to locate this system call number associated with the socket operation, you can use this cat

302
00:20:46,520 --> 00:20:47,030
command.

303
00:20:47,030 --> 00:20:59,630
So cat user include here x86 64, Linux GNU here ASM and honest D here 64.

304
00:20:59,960 --> 00:21:03,890
And we will use grep socket.

305
00:21:04,130 --> 00:21:10,760
And as you can see here, this command accomplishes the task of extracting the relevant information

306
00:21:10,760 --> 00:21:12,380
from the system's header files.

307
00:21:12,380 --> 00:21:14,660
But before that actually let me check the.

308
00:21:15,370 --> 00:21:16,030
Microphone.

309
00:21:16,030 --> 00:21:16,900
Yeah, it's working.

310
00:21:17,050 --> 00:21:23,770
Now, by examining the output of this command, you can identify the numeric code corresponds to the

311
00:21:23,770 --> 00:21:24,790
socket system call.

312
00:21:24,790 --> 00:21:31,420
So this numeric code serves as a fundamental identifier for the operating system to understand and execute

313
00:21:31,420 --> 00:21:35,290
the socket action requested by your program.

314
00:21:35,290 --> 00:21:41,350
So as we embark on this endeavor, we will journey through the realms of assembly language, understanding

315
00:21:41,350 --> 00:21:45,610
how instructions are composed and executed on a micro level.

316
00:21:45,610 --> 00:21:48,490
So furthermore, we shall orchestrate a.

317
00:21:49,470 --> 00:21:54,360
Our assembly knowledge with the network programming techniques creating seamless interaction between

318
00:21:54,360 --> 00:21:56,670
the attacker and the victim machine.

319
00:21:56,670 --> 00:22:03,570
Additionally, uh, we will delve into the nuances of payload generation, ensuring that our shellcode

320
00:22:03,570 --> 00:22:08,130
operates reliably and securely within the intended context.

321
00:22:08,130 --> 00:22:15,120
So this encompasses considerations such as size constraints, memory layout, and compatibility across

322
00:22:15,120 --> 00:22:15,960
different systems.

323
00:22:15,960 --> 00:22:21,690
So throughout the comprehensive study of these intricacies, you will be equipped with the skills and

324
00:22:21,690 --> 00:22:25,620
insights needed to craft and comprehend shellcode creation.

325
00:22:25,620 --> 00:22:31,890
However, it's important to emphasize that the ethical dimensions of this knowledge should be upheld

326
00:22:31,890 --> 00:22:39,360
at all times, as the potential for misuse is substantial, so responsible and ethical usage of this

327
00:22:39,360 --> 00:22:45,870
technique is paramount to maintaining the integrity and security of digital systems and networks.

328
00:22:45,870 --> 00:22:53,070
So in an upcoming lecture, we shall embark on accelerating journey through the realms of assembly,

329
00:22:53,070 --> 00:23:00,930
networking and security, and ultimately arming you with the pruners to construct and analyze shellcode.

330
00:23:00,930 --> 00:23:07,110
This is a national asset in the domain of cybersecurity and penetration testing.

331
00:23:07,110 --> 00:23:10,230
My name is Stephan and I'm waiting you in the next lecture.