Presentation is loading. Please wait.

Presentation is loading. Please wait.

CITA 352 Chapter 7 Programming for Security Professionals.

Published byJanis Casey Modified over 8 years ago

Similar presentations

Presentation on theme: "CITA 352 Chapter 7 Programming for Security Professionals."— Presentation transcript:

1 CITA 352 Chapter 7 Programming for Security Professionals

2 Introduction to Computer Programming Computer programmers –Must understand rules of programming languages –Deal with syntax errors One minor mistake and the program will not run –Or worse, it will produce unpredictable results Being a good programmer –Takes time and patience

3 Programming Fundamentals You can begin writing programs with little knowledge of programming fundamentals Fundamental concepts –Acronym BLT Branching Looping Testing

4 Branching, Looping, and Testing (BLT) Function –Mini program within a main program Carries out a task Branching –Takes you from program area to another Looping –Performing a task over and over Testing –Verifies some condition Returns true or false

5 Branching, Looping, and Testing (BLT) (cont’d.) main() { int a = 1 /* Variable initialized as an integer, value 1 */ if (a > 2) /* Testing if "a" is greater than 2 */ printf("A is greater than 2"); else GetOut(); /* Branching--calling a different function */ GetOut() /* Do something interesting here */ { for(a=1; a<11; a++) /* Loop to print 10 times */ { printf("I'm in the GetOut() function"); }

6 Branching, Looping, and Testing (BLT) (cont’d.) Algorithm –Defines steps for performing a task Keep it as simple as possible Bug –An error that causes unpredictable results Pseudocode –English-like language –Used to create program structure

7 Documentation Documenting your work is essential –Add comments to your code Should explain what you are doing –Many programmers find it time consuming and tedious –It helps others understand your work Industry standard –One bug for every 2000 lines of code Windows Vista contains almost 50 million lines –Fewer bugs than average

8 Documentation (cont’d.) // The following function was added to the program June 15, 2010 // per a request from the Marketing Department. // It appears that reports generated by the sales() function were // not giving the marketing folks information about the sales in Asia. // This new function now uses data from text files from the offices // in Tokyo and Hong Kong. – Bob C. Twins

9 Learning the C Language Developed by Dennis Ritchie –1972, Bell Laboratories –Powerful and concise language UNIX –First written in assembly language –Later rewritten in C language Assembly language uses a combination of hexadecimal numbers and expressions C++ –Enhancement of C language

10 Learning the C Language (cont’d.) Compiler –Converts text-based program (i.e., source code) into executable or binary code –Some C compilers can also create executable programs in C++

11 Table 7-1 C language compilers

12 Anatomy of a C Program The first computer program a C student learns: /* The famous "Hello, world!" C program */ #include /* Load the standard IO library. The library contains functions your C program might need to call to perform various tasks. */ main() { printf("Hello, world!\n\n"); }

13 Anatomy of a C Program (cont’d.) Many use /* and */ to comment large portions of text –Instead of // for one-line comments #include statement –Loads libraries that hold commands and functions used in your program Parentheses in C –Means you are dealing with functions main() function –Required by every C program

14 Anatomy of a C Program (cont’d.) Braces –Show where a function begins and ends Functions –Can call other functions –Parameters (i.e., arguments) are optional

15 Table 7-2 Special characters for use with the printf() function

16 Declaring Variables Variable –Represents a numeric or string value –Can be declared at the beginning of a program Must be declared before use –C supports several variable types Conversion specifiers –Tells compiler how to convert values in a function

17 Table 7-3 Variable types in C

18 Table 7-4 Conversion specifiers in C

19 Declaring Variables (cont’d.) Operators –Compare values –Perform mathematical calculations –Types: Mathematical operators Logical operators

20 Table 7-5 Mathematical operators in C

21 Table 7-6 Relational and logical operators in C

22 Branching, Looping, and Testing in C Branching: main() { prompt(); //Call function to prompt user with a question display(); //Call function to display graphics on screen calculate(); //Call function to do complicated math cleanup(); //Call function to make all variables equal to //zero prompt() { [code for prompt() function goes here] } display() { [code for display() function goes here] } [and so forth]

23 Branching, Looping, and Testing in C (cont’d.) While loop: main() { int counter = 1; //Initialize (assign a value to) //the counter variable while (counter <= 10) //Do what's in the brackets until false { printf("Counter is equal to %d\n", counter); ++counter; //Increment counter by 1; }

24 Figure 7-1 A while loop in action

25 Branching, Looping, and Testing in C (cont’d.) Do loop: main() { int counter = 1; //Initialize counter variable do { printf("Counter is equal to %d\n", counter); ++counter; //Increment counter by 1 } while (counter <= 10); //Do what's in the brackets // until false } For loop: for (counter = 1;counter <= 10;counter++)

26 Figure 7-2 A for loop

27 Understanding HTML Basics HTML –Markup language –Used mainly for Web page formatting and layout –Syntax is the basis for Web development Security professionals –Often need to examine Web pages –Recognize when something looks suspicious

28 Creating a Web Page with HTML Create HTML Web page in Notepad –View in a Web browser HTML –Does not use branching, looping, or testing The symbols –Denote HTML tags –Each tag has a matching closing tag and

29 Table 7-7 HTML formatting tags

30 Figure 7-4 HTML source code

31 Figure 7-5 An HTML Web page

32 Understanding Perl Practical Extraction and Report Language (Perl) –Used to write scripts and programs for security professionals –Powerful scripting language –Next choice after C for hackers and professionals

33 Background on Perl Developed by Larry Wall in 1987 Can run on almost any platform –*nix-based OSs already have Perl installed Syntax is similar to C Hackers use Perl to create automated exploits and malicious bots Security professionals use Perl to perform repetitive tasks and conduct security monitoring

34 Table 7-8 Perl timeline

35 Figure 7-8 Creating the first.pl Perl script

36 Understanding the Basics of Perl The perl –h command –Gives a list of parameters used with perl command The perldoc –f print –Displays description of a Perl print command

37 Figure 7-11 Using the perldoc command

38 Table 7-9 Using printf to format output

39 Understanding the BLT of Perl Some syntax rules –Keyword sub is used in front of function names –Variables begin with the $ symbol –Comment lines begin with the # symbol –The & character indicates a function

40 Branching in Perl # Perl program illustrating the branching function # Documentation is important # Initialize variables $first_name = "Jimi"; $last_name = "Hendrix"; &name_best_guitarist; sub name_best_guitarist { printf "%s %s %s", $first_name, $last_name, "was the best guitarist!"; }

41 Looping in Perl For loop: for ($a = 1; $a <= 10; $a++) { print "Hello security testers!\n" } While loop: $a = 1; while ($a <=10) { print "Hello security testers!\n"; $a++ }

42 Testing Conditions in Perl if (($age > 12) && ($age < 20)) { print "You must be a know-it-all!"; } elsif ($age > 39) { print "You must lie about your age!"; } else { print "To be young..."; } unless ($age == 100) { print "Still enough time to get a bachelor's degree."; }

43 Table 7-10 Perl operators

44 Table 7-10 Perl operators (cont’d.)

45 Understanding Object-Oriented Programming Concepts Technology –Changes frequently Object-oriented programming –Isn’t new –Might not be familiar to those just learning –Takes time and practice to learn

46 Components of Object-Oriented Programming Classes –Structures that hold pieces of data and functions The :: symbol –Used to separate the name of a class from a member function –Example: Employee::GetEmp()

47 Components of Object-Oriented Programming (cont’d.) // This is a class called Employee created in C++ class Employee { public: char firstname[25]; char lastname[25]; char PlaceOfBirth[30]; [code continues] }; void GetEmp() { // Perform tasks to get employee info [program code goes here] }

48 An Overview of Ruby Object-oriented language –Similar to Perl Figure 7-17 Modifying exploit shell code in Ruby

49 Figure 7-19 Examining the code of a Metasploit module written in Ruby

Download ppt "CITA 352 Chapter 7 Programming for Security Professionals."

Similar presentations

Chapter 11 Introduction to Programming in C

Chapter 11 Introduction to Programming in C
Introducing JavaScript

Introducing JavaScript
Introduction to C Programming

Introduction to C Programming
 2005 Pearson Education, Inc. All rights reserved. 1 1 1 Introduction.

 2005 Pearson Education, Inc. All rights reserved Introduction.
1 Chapter 2 Introduction to Java Applications. 2 2.1 Introduction Java application programming Display ____________________ Obtain information from the.

1 Chapter 2 Introduction to Java Applications Introduction Java application programming Display ____________________ Obtain information from the.
 2000 Prentice Hall, Inc. All rights reserved. Chapter 2 - Introduction to C Programming Outline 2.1Introduction 2.2A Simple C Program: Printing a Line.

 2000 Prentice Hall, Inc. All rights reserved. Chapter 2 - Introduction to C Programming Outline 2.1Introduction 2.2A Simple C Program: Printing a Line.
Introduction to C Programming

Introduction to C Programming
Working with JavaScript. 2 Objectives Introducing JavaScript Inserting JavaScript into a Web Page File Writing Output to the Web Page Working with Variables.

Working with JavaScript. 2 Objectives Introducing JavaScript Inserting JavaScript into a Web Page File Writing Output to the Web Page Working with Variables.
C Lecture Notes 1 Program Control (Cont...). C Lecture Notes 2 4.8The do / while Repetition Structure The do / while repetition structure –Similar to.

C Lecture Notes 1 Program Control (Cont...). C Lecture Notes 2 4.8The do / while Repetition Structure The do / while repetition structure –Similar to.
Guide To UNIX Using Linux Third Edition

Guide To UNIX Using Linux Third Edition
Introduction to C Programming

Introduction to C Programming
CMSC 104, Version 9/011 Introduction to C Topics Compilation Using the gcc Compiler The Anatomy of a C Program 104 C Programming Standards and Indentation.

CMSC 104, Version 9/011 Introduction to C Topics Compilation Using the gcc Compiler The Anatomy of a C Program 104 C Programming Standards and Indentation.
An Introduction to C Programming Geb Thomas. Learning Objectives Learn how to write and compile a C program Learn what C libraries are Understand the.

An Introduction to C Programming Geb Thomas. Learning Objectives Learn how to write and compile a C program Learn what C libraries are Understand the.
Introduction to Java Appendix A. Appendix A: Introduction to Java2 Chapter Objectives To understand the essentials of object-oriented programming in Java.

Introduction to Java Appendix A. Appendix A: Introduction to Java2 Chapter Objectives To understand the essentials of object-oriented programming in Java.
JavaScript, Fifth Edition Chapter 1 Introduction to JavaScript.

JavaScript, Fifth Edition Chapter 1 Introduction to JavaScript.
CIS Computer Programming Logic

CIS Computer Programming Logic
Goals of Course Introduction to the programming language C Learn how to program Learn ‘good’ programming practices.

Goals of Course Introduction to the programming language C Learn how to program Learn ‘good’ programming practices.
IPC144 Introduction to Programming Using C Week 1 – Lesson 2

IPC144 Introduction to Programming Using C Week 1 – Lesson 2
Chapter 3: Data Types and Operators JavaScript - Introductory.

Chapter 3: Data Types and Operators JavaScript - Introductory.
Programming With C.

Programming With C.

Similar presentations

Ads by Google