Term
|
Definition
Open Systems Interconnection Model is a conceptual framework used to describe the functions of a networking system.
7. Application
6. Presentation
5. Session
4. Transport
3. Network
2. Data Link
1. Physical |
|
|
Term
|
Definition
| Transmission Control Protocol |
|
|
Term
| What does ICMP stand for? |
|
Definition
| Internet Control Message Protocol |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| A canary is a stack guard. It is a bit of data that sits between the buffer and the return address and acts as a warning when buffers are overflowed and the return address might be overwritten. If the canary is overwritten, the program knows it is time to abort the operation and report an error rather than actually returning from the function and potentially setting up a vulnerability. |
|
|
Term
|
Definition
Address Space Layout Randomization
The purpose of ASLR is to increase the difficulty of performing buffer overflow by randomizing the mapping of the memory at processes load time. |
|
|
Term
|
Definition
| NX refers to no execution. This setup disallows memory pages should either be writable or executable, not both. |
|
|
Term
|
Definition
| Return Oriented Programming is the process of using small sequences of code (or gadgets) that are embedded in other code. The concept is that while there may be protections in places to stop you from loading shellcode, we can leverage the code already within the target program. |
|
|
Term
| What is the layout of virtual address space? And what does each section contain? |
|
Definition
higher address
0xffffffff --> .----------------.
| reserved | <-- command line args
+----------------+ environment variables
| |
| stack | <-- user stack, function frames
| | |
: | :
' v '
<-- mapped data
. ^ .
: | :
| | |
| heap | <-- user heap, dynamic memory
+----------------+
| bss | <-- global memory
+----------------+
| text | <-- code segments
0x00000000 --> '----------------'
lower address
reserved: the reserved space is used for passing environment variables and command line arguments to the program.
stack: the stack is for organizing the execution of the program into stack frames for tracing functions and local variables. Each function call pushes a stack fram. from on the stack, and each return pops off a stack frame. The stack grows towards lower addresses, into empty memory address space.
heap : the heap is for dynamic, global memory allocations, such as called from malloc()
bss : the bss is used to store global or statically declared values
text : is where the program code, i.e., the x86 instructions, is stored. |
|
|
Term
|
Definition
| Advanced RISC Machines is a family of reduced instruction set computing architectures for CPUs. |
|
|
Term
|
Definition
| The CISC approach attempts to minimize the number of instructions per program, sacrificing the number of cycles per instruction. RISC does the opposite, reducing the cycles per instruction at the cost of the number of instructions per program. |
|
|
Term
|
Definition
| x86 is a family of instruction set architectures initially developed by Intel utilizing complex instruction set computing architectures for CPUs. |
|
|
Term
| What is the memory availability for 32-bit machines? |
|
Definition
2^32 = 4GB
~2GB to the user/virtual
~2GB to the kernel |
|
|
Term
| What is the memory availability for 64-bit machines? |
|
Definition
In principle 2^64, 18.4 exabytes.
For x86-64, 48-bits (256TB) virtual memory and 52-bits (4PB) physical memory. |
|
|
Term
| What is the TCP/IP Model? |
|
Definition
Also known as the internet protocol suite, it is a conceptual model and set of communications protocols used in the internet and similar computer networks.
Application Layer - (Application, Presentation, Session: HTTP, SSH, etc.)
Transport Layer - (End-to-end comms: TCP, UDP)
Internet Layer - (Logical transmission: IP, ICMP, ARP)
Network Access Layer - (Datalink + Physical) |
|
|
Term
|
Definition
21: FTP
22: SSH
25: SMTP
53: DNS
80: HTTP
115: SFTP
143: IMAP
443: HTTPS
445: SMB |
|
|
Term
|
Definition
|
|
Term
| What does HTML stand for? |
|
Definition
| HyperText Markup Language |
|
|
Term
|
Definition
| New Technology File System is Window's common file system in which it allows volumes of data to have permissions, greater than 4GB of storage, compression, encryption, and data recovery. |
|
|
Term
|
Definition
| Critical Windows operating system files. Mostly executables and dlls. |
|
|
Term
| Where do you set up automating the launching of programs? Linux & Windows |
|
Definition
Linux: Cron jobs
Windows: Computer Mngmt > System Tools > Task Scheduler |
|
|
Term
| Name 3 types of artificial intelligence techniques? |
|
Definition
| Neural network, min-max algorithm, q-learning. |
|
|
Term
| Where can you find published vulnerabilities? |
|
Definition
National Vulnerability Database (NVD)
ExploitDB
Common Vulnerabilities & Exposures (CVE) Mitre |
|
|
Term
| Describe an integer array in memory using C standard. |
|
Definition
Use little endian and given:
int arr[4] = {1, 2, 3, 4};
rbp-0x00:
rbp-0x04: 4
rbp-0x08: 3
rbp-0x0a: 2
rbp-0x10: 1 |
|
|
Term
| Describe a linked list and where they are commonly used? |
|
Definition
A linked list is a data structure of nodes where it starts with a root pointer to a node, and that node has a pointer to another node, and so on.
They are commonly used in the heap but as a doubly-linked list where it's the same as I previously described but with a pointer to the previous node as well. |
|
|
Term
| Describe a stack. What are the common operands for a stack? |
|
Definition
A stack is a LIFO (last in, first out) data structure. Like a stack of pancakes where you only have access to the last pancake placed on your plate.
Peek, push, and pop. |
|
|
Term
| Describe a tree data structure. |
|
Definition
| A tree starts with a root node and has logic to determine which branch to use to proceed to the next node. |
|
|
Term
|
Definition
| A queue is a FIFO (first-in, first-out) data structure. |
|
|
Term
| Name significant cyber incidents. |
|
Definition
| Stuxnet (US & Israel), Office of Personnel Management Data Breach (China), DNC Cyber Attack (Russia), The Sony Picture Hack (NK), Fuel & Meat Ransomeware Attack(Russia) |
|
|
Term
|
Definition
| A Mutex is a lock that we set before using a shared resource and release after using it. Mutex lock will only be released by the thread who locked it. |
|
|
Term
|
Definition
| A semaphore is a data structure often used for synchronizing the processes and assisting threads without their interaction with one another to operate together. A binary semaphore works like a mutex. A counting semaphore can vary its size across an unrestricted domain. |
|
|
Term
| Why do you want to get into the CWE Community? |
|
Definition
|
|
Term
| What is the most common issue with multithreading? |
|
Definition
| deadlock, or a race condition, where multiple threads rely on each other's data to continue. |
|
|
Term
| List some types of buffer overflow protection. |
|
Definition
| No Execute, ASLR, and Stack guards (canaries) |
|
|
Term
| Name some wifi vulnerabilities |
|
Definition
WPS can be brute-forced.
WEP encryption key can be discovered with enough packet traffic.
Can be DOS'd with DE-AUTH packets. |
|
|
Term
| What is commonly the most vulnerable part of a system? |
|
Definition
| The user, aka social engineering. |
|
|
Term
| Name some website exploits. |
|
Definition
SQL injection
Cross-site injection
Authentication bypass via cookies
Social engineering |
|
|
Term
| Describe the relationship between processes, threads, heaps, and stacks. |
|
Definition
1 to many: process to threads
1 to 1: process to heap
1 to 1: thread to stack |
|
|
Term
|
Definition
|
|
Term
|
Definition
Vampire Tap
Inline Tap
MAC Flood
ARP Poisoning |
|
|
Term
| Provide examples of each layer of the OSI model. |
|
Definition
|
|
