.

Relevant programming languages for Ethical Hackers

<<

skiglades

Newbie
Newbie

Posts: 4

Joined: Thu Mar 19, 2009 2:27 pm

Post Thu Mar 19, 2009 2:49 pm

Relevant programming languages for Ethical Hackers

Hi everyone,

I'm looking to get some input on what is (in your opinion) the most relevant and useful programming language for an Ethical Hacker. 

I have experience with Network Pen testing, some web app experience, and *nix experience.  I have some basic understanding of what exploits are doing when executed.

I just purchased a book on perl and thought I would start there; input from the community will keep me on track. 

Thanks!
Last edited by skiglades on Thu Mar 19, 2009 6:17 pm, edited 1 time in total.
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Thu Mar 19, 2009 4:29 pm

Re: Relevant programming languages for Ethical Hackers

Perl is good.  SQL is a must.  I recommend C/C++ as well.  Much of the software is written in C/C++.  Assembly is great to know as well.  Any sort of shell scripting will go a long way.
~~~~~~~~~~~~~~
Ketchup
<<

timmedin

User avatar

Sr. Member
Sr. Member

Posts: 469

Joined: Thu Feb 05, 2009 11:18 pm

Post Thu Mar 19, 2009 5:11 pm

Re: Relevant programming languages for Ethical Hackers

Ketchup wrote:Perl is good.   SQL is a must.   I recommend C/C++ as well.   Much of the software is written in C/C++.   Assembly is great to know as well.  Any sort of shell scripting will go a long way.


Iwas going to say the same thing as Ketchup but he beat me to it, but I'd add python to the list.
twitter.com/timmedin | http://blog.securitywhole.com
<<

NickFnord

User avatar

Full Member
Full Member

Posts: 117

Joined: Fri Sep 05, 2008 5:25 am

Post Thu Mar 19, 2009 5:50 pm

Re: Relevant programming languages for Ethical Hackers

I second python - only learned it this year but after forcing myself to learn perl, python feels like cheating it's so useful and quick to develop in.
<<

LSOChris

Post Thu Mar 19, 2009 5:51 pm

Re: Relevant programming languages for Ethical Hackers

-a scripting language(s): perl, python, ruby
- sql then syntax for various databases
- javascript for web
- low level and high level languages...so assembly & some sort of C, you can also throw VB too.

oh an English, because alot of the stuff you need can be found if you just search for it.
<<

skiglades

Newbie
Newbie

Posts: 4

Joined: Thu Mar 19, 2009 2:27 pm

Post Thu Mar 19, 2009 6:05 pm

Re: Relevant programming languages for Ethical Hackers

Does anyone have a preference between Perl and Python?  Any positives / negatives, or situations where one is impractical?

SQL I agree with completely. 

I can agree with Javascript to a point I suppose.  Are there situations where you would be writing something in Javascript, or would it be beneficial for just understanding the code when looking at a web app?
<<

Dark_Knight

User avatar

Sr. Member
Sr. Member

Posts: 294

Joined: Mon Aug 11, 2008 7:03 pm

Post Thu Mar 19, 2009 6:22 pm

Re: Relevant programming languages for Ethical Hackers

skiglades wrote:Does anyone have a preference between Perl and Python?  Any positives / negatives, or situations where one is impractical?

SQL I agree with completely. 

I can agree with Javascript to a point I suppose.  Are there situations where you would be writing something in Javascript, or would it be beneficial for just understanding the code when looking at a web app?





XSS attacks, cookie stealing etc javascript come in handy
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com
<<

NickFnord

User avatar

Full Member
Full Member

Posts: 117

Joined: Fri Sep 05, 2008 5:25 am

Post Thu Mar 19, 2009 6:24 pm

Re: Relevant programming languages for Ethical Hackers

I have a personal preference for python - it's easier to read (IMHO) and can still do a lot of the things that perl can do.  perl was originally made as a text parsing language so it's very good at that sort of thing.  

I only use either for ad-hoc once-off type scripts or write-and-forget type jobs so for me they're equal in functionality with python getting huge marks for ease of maintenance but someone who uses them every day may have a different oppinion.
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Thu Mar 19, 2009 8:02 pm

Re: Relevant programming languages for Ethical Hackers

Perl and python. I've used perl for quite some time, to the point where I even use it for relatively major programming projects. Python is a more recent addition for me and is very handy for banging things out quickly. There are some places where it makes a a better utility language than perl even.
<<

skiglades

Newbie
Newbie

Posts: 4

Joined: Thu Mar 19, 2009 2:27 pm

Post Fri Mar 20, 2009 8:23 am

Re: Relevant programming languages for Ethical Hackers

Thanks for the great feedback everyone.

Is there an overall, personal preference between C and C++?

I may move towards learning Python since the general consensus is that it's a little easier to learn.  Since I've haven't yet learned Perl or Python, Python seems like a logical place to start. 

Personally I see a lot of MS-SQL when testing.  If I follow that road, does it make sense to familiarize yourself with MS-SQL and my-SQL?  Of course there is some generic injection syntax that works over both types of database, but does it make sense to concentrate on one or gain an understanding of both?

Thanks
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Fri Mar 20, 2009 9:09 am

Re: Relevant programming languages for Ethical Hackers

Is there an overall, personal preference between C and C++?


I think that you need both.  I would start with C and learn how memory is allocated and destroyed.  Learn about types, pointers, and so on.  Much of the software, especially in Nix is still written in plain C. 

After you master C, move on to C++ and learn the object oriented nature of the language.  It will be a quick pickup if you can grasp OOP.

Personally I see a lot of MS-SQL when testing.  If I follow that road, does it make sense to familiarize yourself with MS-SQL and my-SQL?  Of course there is some generic injection syntax that works over both types of database, but does it make sense to concentrate on one or gain an understanding of both?


I think you should learn SQL.  Before you move on to specifics in MSSQL, Oracle, or MySQL, you have to understand the concepts.  I would recommend becoming comfortable with doing SQL Injection on the three above.  Each RDBMS is going to have its own stored procedures, views, and functions.  The syntax is different, despite accomplishing pretty much the same task.  Those are the most common database engines. 
~~~~~~~~~~~~~~
Ketchup
<<

skiglades

Newbie
Newbie

Posts: 4

Joined: Thu Mar 19, 2009 2:27 pm

Post Fri Mar 20, 2009 10:27 am

Re: Relevant programming languages for Ethical Hackers

Ketchup wrote:I would start with C and learn how memory is allocated and destroyed.  Learn about types, pointers, and so on.  Much of the software, especially in Nix is still written in plain C.  

After you master C, move on to C++ and learn the object oriented nature of the language.  It will be a quick pickup if you can grasp OOP.


That makes sense.  I picked up "Hacking: The art of exploitation" and was a bit overwhelmed.  I'm sure some knowledge of C would help me understand those concepts.
<<

NickFnord

User avatar

Full Member
Full Member

Posts: 117

Joined: Fri Sep 05, 2008 5:25 am

Post Fri Mar 20, 2009 12:02 pm

Re: Relevant programming languages for Ethical Hackers

skiglades wrote:

Personally I see a lot of MS-SQL when testing.  If I follow that road, does it make sense to familiarize yourself with MS-SQL and my-SQL?  Of course there is some generic injection syntax that works over both types of database, but does it make sense to concentrate on one or gain an understanding of both?

Thanks


I'd say the more important thing is to understand "how databases work" i.e. database theory, learn about different types of statements, what a union does, what group by and having clauses do etc.  once you know this, then you just need to find the specific syntax for whichever RDBMS you're working with. 

having said that, it's pretty much the same for all programming languages - learn the fundamentals - varialbes, pointers, loops, conditional statements, functions etc. then you should be able to pick up any language with minimal effort.  next step up from that is getting your head arround object oriented concepts, but that's not too hard either.
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Fri Mar 20, 2009 12:11 pm

Re: Relevant programming languages for Ethical Hackers

I picked up "Hacking: The art of exploitation"


That's a great book in my opinion.  I would definitely go back and re-read it after you better understand the programming languages.
~~~~~~~~~~~~~~
Ketchup
<<

quan991

Newbie
Newbie

Posts: 7

Joined: Fri May 22, 2009 12:22 pm

Post Mon May 25, 2009 11:42 pm

Re: Relevant programming languages for Ethical Hackers

I would say Assembly, C and a couple scripting languages (the more the better) .

But I think it depends on what you want to specialize in,
i.e. using tools/command line scripting attacks, etc.. or exploit development/analysis & reversing, in which case Assembly & C are a must.

Return to Programming

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software