Author Archives: Russel Van Tuyl (Ne0nd0g)
As a Rookie, Joe provides us with plenty to do. We are always asked to give some “cycles” for work. These cycles go towards a multitude of things. Things like blog posts all the way to constructing lab manuals. Most of the time Joe needs the work done yesterday and we spend countless hours trying to accomplish the tasks he provided. Sometimes we have a little bit more time to work on projects and what not. It’s evident that as a Rookie I possess very little skills and understanding regarding information security. Because of this, I personally have become great at working but getting nothing done.
How do I work yet get nothing accomplished? Easy, I get lost trying to figure out what’s going on or where I am. Sometimes I feel like just got thrown into a foreign country where they speak a language that I don’t know. I spend more time figuring out what the heck they are talking about then I do actually producing work towards the goal. For instance, pretend you knew nothing about security and the tools that come along with the trade. Now envision you see this:
SSH Login into your Asterisk VM as root
Get the exploit scripts
DNS running on UDP port 53
we will use netcat’s UDP mode (-u) for the transport.
perl dproxy1.pl | nc -u xx.yy.aa.bb 53
gdb -core core.9999 — load core files
info registers — inspect registers
x/64x $reg — examine memory at a particular register
x/64x $esp — examine memory at ESP
q — quit
x/10i $eip — disassemble 10 instructions beginning at EIP
perl dproxy1.pl | nc -u 192.168.128.140 53
gdb -core core.8888
What the heck is this? First I have to install Virtual Machine (VM) software. Then download a VM, extract it, run it up, and configure the network so I get into it. Where the heck do I get these scripts from. What the heck is Netcat and how do I make it work on Windows. What’s Perl. Do I run these commands on the host or the guest? GDB…..thats going to take a lot of Googling before I know what the !#@ that is. For what it’s worth, gdb is GNU Debugger. Why can’t I see these so called registers? What the heck is a register? Am I doing this right? My head hurts! All this right here, took me about 2.5 hours and I am no further now to completing a lab manual then I was when I started. Better yet the clock is striking 1 a.m. and I have to get up for work in 4.5 hours. This is how I get nothing done.
Being lost in a fog of confusion and the amount of time spent configuring machines is exactly how I get nothing done. This is why I get to tell Joe that I did absolutely nothing for him during our weekly call. Let me take a step back and re-evaluate quickly though. While there is no tangible lab manual produced, I did learn a ton. This is why it’s great to be Rookie. I have learned how to configure VM’s, install and run Perl, and now know what gdb is. I consider myself the sole beneficiary of this supposed fail operation. Being a Rookie is about learning and about late nights. As mentioned by another Rookie, all this work is a trick to teach us by doing. Being thrown into this “foreign country” is the perfect recipe for success by learning for survival. It can be stressful to feel lost and to have your work call you names because the notes are smarter than you. But it pays off in the end. As I burn through “cycles” I spend a ton of time learning, but getting nothing done.