wannabe a linux exploitation expert and malware developer

[parad0x]

Hello guys,  it has been  quite a long time that I am not on forum and on IRC cause I was very busy in my real life.

Now its the time that I have some time and I always wanted to be a good hacker, I am now thinking to focus on  linux exploitation and mastering the art of writing malware and rootkits.  I was wondering what I had to know properly before getting my hands dirty. I know some C and assembly and am constantly working on these to make myself as better as I can.  I just want to know how I shold proceed in that direction.  I mean I know I should have good knowledge of C, Assembly and system internals but I am looking for some resources that would help me in doing so.
Currently I am working on writing exploits but I would be very grateful to you if you guys enlighten my way into the malware writing part.

[ande]

Writing malware is.. Well, there is a million ways to do it. That is why it is called malware; Malicious software.

Malware can be anything, the point is to get it installed on the machine (in most cases) and be able to use/misuse the information and or resources on a machine. To be honest, I havent written any linux malware, so I know very little about that. But I guess the idea is more or less the same; Find entry points on the system that will start your software when the machine starts. Registry entries, startup folders, config files, overwriting existing files that are started by default and so on. Then after you have mastered the code part, you will be interested in how to get it installed on the machine as root and implementing rootkits, hiding traffic, covert channels and so on.

Hope this gets you more or less started. If you have more specific questions, ill be here to answer.

[chapp]

For basic exploitation try out http://io.smashthestack.org/. They start with really easy challanges and move ahead quickly.

Writing good malware or rootkits requires medium to advanced knowledge of the internals of the target operating system to properly know how to hide, what functions to patch and what structures to change to meet your needs.

Knowing C is always great, but not a requirement. If you can reverse and know about data structures then exploit development isn't about knowing C.

[proxx]

Hello guys,  it has been  quite a long time that I am not on forum and on IRC cause I was very busy in my real life.

Now its the time that I have some time and I always wanted to be a good hacker, I am now thinking to focus on  linux exploitation and mastering the art of writing malware and rootkits.  I was wondering what I had to know properly before getting my hands dirty. I know some C and assembly and am constantly working on these to make myself as better as I can.  I just want to know how I shold proceed in that direction.  I mean I know I should have good knowledge of C, Assembly and system internals but I am looking for some resources that would help me in doing so.
Currently I am working on writing exploits but I would be very grateful to you if you guys enlighten my way into the malware writing part.

You should ask turbo on the IRC
But I think "try harder" is the basic thing here.

[parad0x]

You should ask turbo on the IRC
But I think "try harder" is the basic thing here.

There is nothing like try harder, I am trying my best but need the resources that can give me knowledge about the internals of the system so that I can write ring 0 malwares.

[ande]

Quick resource digging:

Windows kernel driver/module dev:
http://www.osronline.com/article.cfm?article=20
http://www.catch22.net/tuts/introduction-device-drivers
http://resources.infosecinstitute.com/writing-a-windows-kernel-driver/

I know very little about linux kernel dev, but this seems like an ok place to start:
http://tldp.org/LDP/lkmpg/2.6/html/

[Deque]

My question: Linux malware only? Or also windows?

The bible for malware is the book by Peter Szor. Some stuff is outdated, but the concepts are true and will be for a long time: http://rogunix.com/docs/Malware/The%20Art%20of%20Computer%20Virus%20Research%20and%20Defense.pdf
It also explains how antivirus software works.

Malware analysis books are also enlightening to get to know the approach of an analyst and to learn some typical defense mechanisms of malware and the countermeasures of the analyst. A superb one is Practical Malware Analysis: http://upload.evilzone.org/download.php?id=6047157&type=zip

For Windows system internals: http://rogunix.com/docs/Reversing&Exploiting/WindowsInternals_6thED_part1.pdf
http://rogunix.com/docs/Reversing&Exploiting/WindowsInternals_6thED_part2.pdf

Also get to know the file format throughoughly that you are using.
E.g. for PE files you must read the PE/COFF specification and some papers that explain malformations which cause analysis programs to crash.
Similarly you will have to look for the specification of other file formats you want to use for the malware.

[TheBlackShadow]

You said that you wanna be a linux exploitation expert. First of all, you have to know how linux OS works. C knowledges are good, but not enough. I mean that you have to be familiar with CODING. Not only a specific programming language. If you have no background in linux, I strongly recommend Ubuntu OS first, and after BackTrak or Kali Linux. Anyway, maybe these will help you:


- Offensive Security 101: http://thepiratebay.se/torrent/4025361/Offensive_Security_101_-_Videos___PDF (Great hacking course)


- Hacker Academy: https://hackeracademy.com/


-Great Hacking Content: http://www.breakthesecurity.com/p/hacking-tutorials-for-beginners.html


- 40 Hacking Tutorials : http://www.efytimes.com/e1/fullnews.asp?edid=132738


And so on. You can find a lot of hacking content on the internet.


Good luck in Hacking !!!