👾
My Cybersecurity & Coding Journey
  • Zero to Hero
  • Buy me a Coffee/Donate
  • My LinkedIn Profile
  • Walkthroughs
    • Training Program
    • Cybersecurity Concepts
      • TCM's Pentesting Playlist
      • Buffer Overflow
      • Pentest Tools Library
      • Basic Linux
      • Scripting
    • Useful Links Archive
    • Machines & Practice
      • Over the wire - Bandit
      • Vulnhub Machines
        • Kioptrix 1.1
      • TryHackMe
        • THM - Vulnersity
    • Capture the Flags (CTF)
      • HTB Cyber Santa CTF 2021
        • Revision of Challenges
      • TryHackMe - Advent of Cyber
        • Day 7 : Migration without Security
        • Day 8 : Santa's Special Bag of Toys (John Hammond Special)
        • Day 9 : Networking - Where is all this data going
        • Day 10 & 11 & 12 : Networking - Nmap & MsSQL & NFS (Network File System)
  • Pentest Playbook
    • Reconnaissance
      • Host Scanning
      • Subdomain Enum
      • Network Scanning
      • Packet Analysis
    • Enumeration
      • Ports
      • Files
      • Web Attacks
      • Cloud Attacks
        • General Info
        • AWS
        • Azure
        • GCP
    • Exploitation
      • Payloads
    • Post-Exploitation
      • Windows Privilege Escalation
      • Linux Privilege Escalation
      • Pivoting
  • Concepts
    • Networking Fundamentals
    • Web Infrastructure
    • Malware & Antivirus Evasion
    • Active Directory
  • Incident Response Playbook
    • Network Traffic
    • Incident Response Process
    • Vulnerability Response Playbook
  • Programming
    • Guide to Python 3
      • Web Scraping
    • Codecademy - JavaScript
      • Memory Allocation
      • HTTP Requests
      • Async Await
      • JavaScript Asynchronous Ops - Promises
      • Intermediate JavaScript Basics - Classes to Modules
      • JS Projects Archive
    • HackerRank
      • HackerRank - 30 Days Python Challenge
      • HackerRank - 10 Days JavaScript Challenge
        • Day 5 : Arrow Functions
        • Day 4 : Classes
        • Day 5 : Inheritance
      • Bash (Linux Shell)
    • Codewars
    • SQL
    • C
Powered by GitBook
On this page
  • C in exploit development
  • Basic Syntaxes
  • Compiling
  • Variables
  • Replacing Variables
  • Setting Permanent Variables (Const)
  • Conversion of float to int
  • Char Conversion
  • Operators
  1. Programming

C

Quick guide to the language C. Honestly I find C quite easy to pickup once I had some training in JavaScript, the syntaxes were hugely similar here and there.

As a budding ethical hacker, my goal would be to at least be able to read C for exploits (buffer overflow, memory allocation) in addition to scripting in python, bash and JavaScript.

C in exploit development

Most operating systems today including the Linux Kernel are implemented with C code. By learning C, you will be able to understand and visualize the inner workings of computer systems (like allocation and memory management), their architecture and the overall concepts that drive programming.

Exploit Writing and Development: C, the mother of all programming languages, is used massively in the security field; it helps with exploiting writing and development. C also helps penetration testers write programming scripts. Learning C will also help hackers get an overview of the structure of operating systems.

Basic Syntaxes

  • #include <stdio.h>: This line is needed to run the line of code that starts with printf.

  • int main(){ }: This is the starting point of the code. All the code inside the curly braces {} runs first.

  • // output a line: This is a comment. It is not a line of code but a message we can add to code to tell ourselves or others what the code does. When the code is run this line will be ignored.

  • printf("Hello World!");: This line of code prints, or outputs, the text “Hello World!” to the console. Printing text to the console is one way for a program to communicate with the user.

\n adds newline, \t adds a tab space within the string, /* <insert string> */ allows for a block comment over several lines

; semicolon is a MUST

#include <stdio.h>

int main() {
  // output a line
  printf("Hello World!\n");
}

A widely used C Compiler is gcc, which stands for GNU Compiler Collection.

Compiling

Need to run the below in the command line to compile code

gcc helloWorld.c -o helloWorld

//run the code using
./helloWorld

  • gcc is how we run the compiler application.

  • helloWorld.c is the filename of our code to be compiled.

  • -o helloWorld is an optional but common addition to the command. It tells gcc to output the program executable under the name helloWorld. If this is left out, the executable file will be called a.out

Variables

The basic structure of variable creation (known as declaration) is type variable_name

The main data types in C: int, float, double, and char.

  • int : whole number

  • float : decimal (6 decimal places)

  • double : number with possible decimals (15 decimal places)

  • char : letter or number, only single char

you can create more than one variable of the same type at a time by listing them with commas between their names, like type variable1, variable_2, variable_3, variable4.

#include <stdio.h>

int main() {
  
  // Fix the missing data types
  int studentRank;
  float studentFeeTotal;
  char studentGradeLetter;
  
  // No need to make any changes below here, use these as a hint to how each variable above should be declared
 studentRank = 1;
 studentFeeTotal = 100.56;
 studentGradeLetter = 'A';

 printf("Student's Rank in class: %dst\n", studentRank); 
 printf("Student's Total Fees: $%3.2f\n", studentFeeTotal);
 printf("Student's Grade: %c\n", studentGradeLetter);
}
//output
//Student's Rank in class: 1st
//Student's Total Fees: $100.56
//Student's Grade: A

Replacing Variables

int main() {
 int ageLearnedToRide = 5;

 printf("I was %d years old when I learned to ride a bike.\n", ageLearnedToRide );

Setting Permanent Variables (Const)

These special types, also known as literals, prevent any changes during execution once the value is set at declaration.

Any basic data type in C, like those we have gone over, can be declared as a constant using the keyword const before the type. So instead of our template of type variable_name, it would be const type variable_name.

It is also a best practice to use all upper case letters when declaring a constant:

const int DAYSINWEEK = 7;

Conversion of float to int

int main(){
    double testScore = 95.7;
    int displayScore = testScore;
    // now it will display as 95
    //alternatively, convert explicitly
    int displayScore = (int)testScore;

Char Conversion

In the back-end, a char doesn’t store 'a', it stores the value representing that: 97 for lowercase and 65 for uppercase.

  1. Converting char to integer

  2. int back to char

int targetInt;
char sourceChar = 'a';
targetInt = (int)sourceChar;

int sourceInt = 65;
char targetChar;
sourceInt = (char)targetChar;

Codecademy Grocery Store Project 1 - Variables

Grocery Store Part 2 - Operators

#include <stdio.h>

int main() {
  
 int appleQuantity;
 double applePrice = 1.49;
 double appleReview;
 int appleReviewDisplay;
 const char appleLocation = 'F';
 int dayOfWeek = 0;

 appleQuantity = 23;
 appleReview = 82.5;
 appleReview = 823/9;
 appleReviewDisplay = appleReview;
 dayOfWeek = 1; //tuesday
//new review added
 appleReview = (823 + 52)/(9+1);

 if(dayOfWeek % 7 == 3 && appleQuantity<10) //if its wednesday, offer a sale if theres low quantiy of apples
 {
  printf("Sale on apples today, today only they are: $%.2f\n", applePrice * .9);
 }

 // Put all your code above this and if you declare your variables using the given names and types there is no need to change any of the code below.
 printf("An apple costs: $%.2f, there are %d in inventory found in section: %c and your customers gave it an average review of %d%%!", applePrice, appleQuantity, appleLocation, appleReviewDisplay);

}

Operators

To be continued

PreviousSQL

Last updated 3 years ago

Page cover image