CS335: Random Notes & Code Snippets

This page contains links to notes and code snippets.

• SQL
• XSS
• CSRF
• DNS
• TCP
• UDP
• IP
• ARP
• Networking
• Buffer Overflow
• Shellshock
• Reverse Shell
• Upgrade VM
• Setup Environment
• File Commands and Directory Navigation
• Permissions
• Networking
• Process commands
• Clone a website

SQL

• Setup files: Labsetup.zip
• Create Table: create-table.sql
• Insert Into: insert-into.sql

To top

XSS

• Setup files: Labsetup.zip
• Example of add a friend script: add-a-friend.js
• Example of update profile script: update-profile.js
• Self Propagation test: self-propagation.html

To top

CSRF

• CSRF Prevention Cheat Sheet
• Setup files: Labsetup.zip

User	User Name	Password
Admin	admin	seedelgg
Alice	alice	seedalice
Boby	boby	seedboby
Charlie	charlie	seedcharlie
Samy	samy	seedsamy

To top

DNS

• https://www.internic.net/domain/root.zone
• Send DNS query: send_dns_query.py
• DNS server: dns-server.py
• RFC
  • Domain Name System (DNS) IANA Considerations: 6895
  • DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION: 1035
  • Resource Records for the DNS Security Extensions: 4034
• DNS Cache
  • Dump: rndc dumpdb -cache
  • View: cat /var/cache/bind/dump.db
  • Flush: rndc flush
• Potential Traffic Issues
  • Delay by 100ms: tc qdisc add dev eth0 root netem delay 100ms
  • Delete the tc entry: tc qdisc del dev eth0 root netem
  • Show all tc entries: tc qdisc show dev eth0
• Setup files: Labsetup.zip

To top

TCP

• Docker Compose: docker-compose.yml
• Client: client.py
• Server: server.py
• Multi Server: server2.py
• SynFlooding Attack
  • Python: synflood.py
  • C: synflood.c
  • sysctl -w net.ipv4.tcp_syncookies=0
  • sysctl -w net.ipv4.tcp_max_syn_backlog=80
  • ip tcp_metrics flush
• Reset: reset.py
• Auto Reset: auto_reset.py
• Hijack Session: hijack.py

To top

UDP

• Client: udp_client.py
• Time Server: udp_server.py
• Docker Compose: docker-compose.yml
• Attack: udp_attack.py
• UDP Flood: flood.py
• DNS Query: dns.py

To top

IP

• Ping: ping.py
• Traceroute: traceroute.py
• Docker Compose: docker-compose.yml
• Fragment: fragment.py
• ICMP: icmp.py
• ICMP Redirect: icmp_redirect.py
  • sysctl net.ipv4.conf.all.accept_redirects=1
• mitm: mitm.py

To top

ARP

• Docker Compose: docker-compose.yml
• arp_request: arp_request.py
• arp poisoning: arp.py
• arp mitm: mitm.py
  • sysctl -w net.ipv4.ip_forward=0

To top

Networking

• udp_client: udp_client.py
• udp_server: udp_server.py
• Lab Setup: docker-compose.yml
• Scapy:
  • sniff: sniff.py
  • icmp_spoof: icmp_spoof.py
  • udp_spoof: udp_spoof.py
  • sniff_spoof: sniff_spoof.py

To top

Buffer Overflow

• Memory Layout: layout.c
  • Use -m32
• Buffer Overflow Example: buffer.c
  • Use -m32 -fno-stack-protector
• ASCII vs binary: print_zero.c
• ASLR: aslr.c
• Launching shell: launch_shell.c
• Setup files: Labsetup.zip
  • Turn off address randomization: sudo /sbin/sysctl -w kernel.randomize_va_space=0
  • Update Symbolic Link: sudo ln -sf /bin/zsh /bin/sh
• Old shellcode: shellcode.c
  • Compile with: -m32 -z execstack
• Print esp: sp.c

To top

Shellshock

• Set-UID Example: vul.c
• Setup files: Labsetup.zip
  • curl -o Labsetup.zip https://ycpcs.github.io/cs335-spring2026/notes/shellshock/Labsetup.zip
  • unzip Labsetup.zip

To top

Reverse Shell

• Setup files: Labsetup.zip
• File Descriptors Intro: fd.c
• Redirection: redirect.c
• Duplicate a file descriptor: dup.c and dup2.c
• Redirecting IO to TCP Connections: tcp_in.c and tcp_out.c

To top

Upgrade VM

• sudo apt update - downloads package information from all configured sources.
• sudo apt upgrade - will upgrade all installed packages to their latest versions.
• sudo apt-get autoremove - deletes orphaned packages, or dependencies that remain installed after you have installed an application and then deleted it.
• sudo apt-get clean - removes all packages from the cache.

To top

Setup Environment

• Sublime: sudo snap install sublime-text --classic
• Visual Studio Code: sudo snap install --classic code
• clion: sudo snap install clion --classic

To top

File Commands and Directory Navigation

• cd go to $HOME directory.
• cd ... go one level up the directory tree.
• cd /etc to change to the /etc directory.
• ls list all files.
  • Use -R to list all-subdirectories as well
  • -a will list hidden files as well
  • Use the -al argument to view details
• pwd lists the present working directory.
• mkdir directory created a directory.
• rm -r directory removes the directory and its contents recursively. Use the f argument to forcefully remove, re: rm -rf directory.
• touch file will create an empty file.
• rm file removes a flle.
• cp file file2 will copy file to file2.
• mv file file2 renames or moves file to file2.
• cat filename will display the contests of filename.
• cat > filename creates a new file with filename.

To top

Permissions

• Legend
  • User or Owner U
  • Group G
  • World (Other Users) W
• Permission Classes
  • Read r
  • Write w
  • Execute x
• File Type
  • - regular file
  • d directory
• Examples
  • file desktop.ini: -rwxrwxrwx 1 seed seed 282 Dec 27 10:10 desktop.ini
  • directory host: drwxrwxrwx 1 seed seed 4096 Jan 20 13:22 host

  Number	Permission Type	Symbol
  0	No Permission	—
  1	Execute	–x
  2	Write	-w-
  3	Execute + Write	-wx
  4	Read	r–
  5	Read + Execute	r-x
  6	Read +Write	rw-
  7	Read + Write +Execute	rwx

• Permission Examples
  • chmod 777 filename: rwx rwx rwx
  • chmod 775 filename: rwx rwx r-x
  • chmod 755 filename: rwx r-x r-x
  • chmod 664 filename: rw- rw- r–
  • chmod 644 filename: rw- r– r–

To top

Networking

• ifconfig -a displays all network interfaces and IP address.
• hostname -I displays the IP addresses of the host (all local IP addresses).
• host domain displays IP address for domain.
• ping host sends ICMP echo request to host.
• whois domain displays whois records for domain.
• dig domain displays DNS information for domain.
• dig -x IP does reverse lookup of IP address.
• nslookup query Internet name servers interactively.
• To display the IP/kernel routing table:
  • netstat -rn
  • ip route
  • route -n

To top

Process commands

• bg sends a process to the background.
• fg runs a stopped process in the foreground.
• top shows details on all active processes.
• ps gives the status of processes running for a user.
• pidof gives the process id (PID) of a process.
• ps PID gets the status of a particular process.
• kill PID kills a process with PID .
• nice starts a process with a given priority.

To top

Clone a website

wget --mirror --convert-links --adjust-extension --page-requisites --no-check-certificate --no-parent https://site-to-copy.com

• --mirror make the download recursive.
• --no-parent do not crawl the parent/top directory.
• --convert-links makes all the links work properly with the offline copy.
• --page-requisites download JS/CSS files.
• --adjust-extension add the appropriate extensions (e.g. html, css, js) to files.
• --no-check-certificate ignores SSL certificate errors To top