📝
Home
Pentesting
  • 📝Home
  • ⚒️PENTESTING
    • Foundational
      • Gaining Access
      • Session Hijacking
      • Buffer Overflows
        • Finding the Offset
        • Spiking
        • Fuzzing
      • Attack Basics
        • Brute Force Attacks
        • Credential Stuffing and Password Spraying
        • Netcat Shell Stabilization
        • Reverse Shells vs Bind Shells
        • Staged vs Non-Staged Payloads
      • Footprinting
    • Reconnaissance
      • Discovering Email Addresses
      • Hunting Subdomains
    • Scanning and Enumeration
      • Banner Grabbing
      • Enumerating HTTP and HTTPS
      • Enumerating SMB
      • Enumerating SSH
      • NetBIOS Enumeration
      • SNMP Enumeration
      • Sniffing
    • Privilege Escalation
      • 🐧Linux Privilege Escalation
      • 🪟Windows Privilege Escalation
        • Initial Enumeration
    • Defense Evasion
      • Hiding Files and Covering Tracks
      • Network Evasion
    • Attacking Services
      • Attacking Kerberos
      • Attacking VPNs
      • Denial of Service
      • Exploiting FTP
      • Exploiting NFS
      • Exploiting SMTP
      • Exploiting Telnet
    • Attacking Active Directory
      • Initial Attack Vectors
        • Gaining Shell Access
        • LLMNR Poisoning
        • SMB Relay
        • Passback Attacks
        • IPv6 Attacks
      • Post-Compromise Enumeration
        • Bloodhound
        • ldapdomaindump
        • PowerView
        • PlumHound
      • Post-Compromise Attacks
        • GPP Attacks
        • Print Nightmare
        • Token Impersonation using Incognito
        • URL File Attack
        • Pass Attacks
        • Kerberoasting
        • LNK File Attacks
        • Mimikatz
      • Post-Domain Compromise Attacks
        • Dumping the NTDS.dit
        • Golden Ticket Attacks
      • Post Exploitation
    • Toolkit
      • Burp Suite
        • Intruder
      • Hping
        • Crafting TCP and UDP Packets
      • Metasploit
        • Meterpreter
        • Shell Handler
        • Gather Information
        • Gaining Root
    • Web Application Hacking
      • Attack Methodology
      • Attacking Web Applications
      • Authentication Bypass
      • Cross-Site Scripting
      • Cross-Site Request Forgery
      • File Inclusion
      • Server-Side Request Forgery
      • Injection
        • Command Injection
        • LDAP Injection
        • SQL Injection
  • 👽MALWARE ANALYSIS
    • Malware Analysis Primer
    • Malware Types
      • Rootkits
      • Viruses
      • WannaCry
    • Analyzing Malicious Windows Programs
    • Static Analysis
      • Basic Static Techniques
      • Advanced Static Analysis
    • Reverse Engineering
      • Crash Course in x86 Disassembly
      • Recognizing Code in Assembly Language
    • Dynamic Analysis
    • Detecting Malware
      • Evasion Techniques
      • Detecting Mimikatz
      • Hunting Malware
      • Hunting Metasploit
      • Hunting Persistence
  • 🏹THREAT HUNTING
    • Foundational
      • ATT&CK Framework
      • CIA Triad
    • APTs
  • 🐍PROGRAMMING & SCRIPTING
    • Foundational
      • Computer Memory
    • C Programming
    • Assembly Language
      • Assembly File Structure
      • Debugging with gdb
    • Bash
    • Python
      • Foundational
        • Booleans and Operators
        • Comprehensions
        • Conditionals
        • Dictionaries
        • Exceptions and Error Handling
        • Functions
        • Lambdas
        • Lists
        • Loops
        • Modules
        • Numbers
        • Reading and Writing Files
        • Sets
        • Sockets
        • String Formatting
        • Tuples
        • User Input
        • Variables
      • Extending Python
        • Virtual Environments
        • Sys Module
        • Requests
        • pwntools
    • Regular Expressions
    • SQL
  • 🕵️DIGITAL FORENSICS
    • Anti-Forensic Techniques
    • 🪟Windows Security Internals
      • Windows Security Internals
        • Kernel
          • Security Reference Monitor (SRM)
          • Object Manager
            • System Calls
            • NTSTATUS Codes
            • Object Handles
            • Query and Set Information System Calls
          • The I/O Manager & The Process and Thread Manager
          • The Memory Manager
          • The Configuration Manager
  • 💼GRC (CISSP Notes)
    • Security Assessment and Testing
    • Security Governance Principles
    • Security Policies Standards and Procedures
    • Preventing and Responding to Incidents
    • Organizational Roles and Responsibilities
    • Organizational Processes
  • 📦Networking
    • Foundational
      • DHCP
      • DNS Basics
      • HTTP Protocol
      • IPSec
      • IPv6 Fundamentals
    • Wireless Technologies
      • 802.11
      • Bluetooth
      • Wireless Authentication
      • Wireless Encryption
Powered by GitBook
On this page
  • main()
  • Functions
  • Variables
  • printf
  • scanf
  • strcpy/strncpy
  1. PROGRAMMING & SCRIPTING

C Programming

main()

  • All C programs should contain a main() function that follows the format

<optional return value type> main(<optional argument>) {
  <optional procedure statements or functional calls>;
}
// argc integer holds the number of arguments 
// argv holds the input arguments (strings)
// Name of the program is always stored at offset argv[0]
<optional return value type> main(int argc, char * argv[]){
}

Functions

  • Functions are self-contained bundles of code that can be called for execution by main()

// C Function format
<optional return value type> function name (<optional function argument>) {
}
// Simple example
#include <stdio.h>
#include <stdlib.h>

int foo() {
    return 8;
}
int main(void){
    int val_x;
    val_x = foo();
    printf("The value returned is: %d\n", val_x);
    exit(0);
}

Variables

  • Used in programs to store pieces of information that may change and may be used to dynamically influence the program.

Variable Type
Use
Typical Size

int

Stores a signed integer value such as 314 or -314

  • 8 bytes for 64-bit machines

  • 4 bytes for 32-bit machines

  • 2 bytes for 16-bit machines

float

Stores a signed floating-point number such as 3.234

4 bytes

double

Stores a large floating-point number

8 bytes

char

Stores a single character

1 byte

printf

  • Prints out to the screen

// Trwo forms of the printf command:
printf(<string>);
printf(<format string>), <list of variables/values>);
Format Type
Meaning
Example

%n

Print nothing

printf("test %n");

%d

Decimal value

printf("test %d, 123);

%s

String Value

printf("test %s", "123");

%x

Hex value

printf("test %x", 0x123);

%f

Float

printf("test %f", 1.308);

// Format string example code
#include <stdio.h>

int main(void){
  double x = 23.5644;
  //Total width of 5 with 2 values after the floating point
  printf("The value of x is %5.2f\n", x);
  // Total width of 4 with 1 value after the floating point 
  printf("The value of x is %4.1f\n", x);
  
  return 0;
}

scanf

  • Generally used to get input from the user

// scanf format
scanf(<format string>, <list of variables/values>);

// Example - reads an integer from the user and stores it in a variable called number
scanf("%d", &number);

// You must use & before any variable with scanf

strcpy/strncpy

  • One of the most dangerous functions used in C.

  • Purpose is to copy each character in the source string into the destination string.

  • Dangerous because there is no checking of the source's size before it is copied over to the destination.

    • If the source is is larger than space allocated for the destination, overflow conditions are likely.

// Format
strcpy(<destination>, <source>);

  • strncpy is a safer alternative

// strncpy format
strncpy(<destination>, <source>, <width>);
PreviousComputer MemoryNextAssembly Language

Last updated 1 year ago

🐍