# Beginner training series part 1 ###### tags: `steganography` `Cybersecurity` `beginner ` `vulnerability` ## Steganography This is hiding a file or a message inside another file. The file in question could be an image, audio file, or any other file type. [Here](https://0xrick.github.io/lists/stego/) is a useful list of tools you can use for steganography as well as some common commands for those tools. ## Vulnerability Searching A great place to start would be: * [Exploit Db](https://www.exploit-db.com/) * [National Vulnerability Database (NVD)](https://nvd.nist.gov/vuln/search) * [CVE Mitre](https://cve.mitre.org/) CVE stands for Common Vulnerabilities and Exposures. They take the form CVE-YEAR-IDNUMBER. For example: log4shell, the java vulnerability said to affect nearly every system under the sun, is [CVE-2021-44228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228) From your Kali terminal you could use ***searchsploit*** to search Exploitdb from your own machine. When you don't know how to use a tool try the **man** page. ## Understanding the OSI model With whichever choice mnemonic( e.g Please Do Not Throw Sausage Pizza Away) the order from top to bottom would still be: #### 7. Application Layer * Provides networking options to programs on a computer. * Provides an interface for apps to use in order to transmit data. * When data is input to the app layer it is passed on to the presentation layer. #### 6. Presentation Layer * Translates data received from the app layer into a standardised format that will be understood by the app layer in the receiving computer. * This layer also handles, encryption, compression and other transformations to the data. Once this is complete, data is passed to the session layer. #### 5. Session Layer * Upon receiving the correctly formatted data from the presentation layer: * session layer checks to see if it can set up a connection with the receiving computer. * If not, it sends back an error message and the process is stopped. * If it can, this layer both maintains the connection and collaborates with the session layer of the receiving computer to synchronise communication. * A session created is unique to each communication. This allows for multiple requests to different endpoints simultaneously without the data getting mixed up (like playing youtube on one tab while working on google docs on another). * Once this layer successfully logs a connection between host and receiver, data is passed to the transmission layer. #### 4. Transmission Layer Chooses the protocol over which the data shall be transmitted. Common choices are: 1. TCP - connection oriented. Used where accuracy is prioritised over speed. e.g file transfer 2. UDP - connectionless. Used where speed is prioritised over accuracy e.g Video streaming Once a protocol is selected. the transmission layer breaksdown the transmission into bite-sized pieces: **segments**(for TCP) and **datagrams**(for UDP) which easens the transmission process. #### 3. Network Layer * Locates the destination of your request. * Takes an ip address and figures out the best route to take. * Logical addressing is used to provide order to networks, categorising them and allowing for their proper sorting. #### 2. Data Link Layer * Focuses on the **physical** addressing of the transmission. * Receives a packet from the network layer (including IP addr) and adds in the MAC address of the receiving endpoint. * When it receives data, it checks to ensure it hasn't been corrupted during transmission. #### 1. Physical Layer Converts the binary data of the signals and transmits them across the network, and receiving incoming signals then convert them to binary data. ## Understanding the TCP/IP model Introduced by the American DoD in 1982 to provide a standard for manufacturers to follow in order to allow all equipment to communicate with each other on a networking level. TCP/IP gets its name from the two most important suites of protocols it utilises. Transmission control protocol - a connection based protocol meaning for any data to be sent a stable connection must first be established. For this to happen, a **3 way handshake** occurs. 1. The client sends a **SYN** (synchronise) request 2. The server responds with a **SYN/ACK** (acknowledged) 3. The client responds with an **ACK** The 4 layers of the TCIP Protocol are #### 4. Application Layer equivalent of the App, Presentation and Session layer of OSI #### 3. Transport Layer equivalent to the Transport layer of OSI #### 2. Internet Layer equivalent of the Network layer in OSI #### 1. Network Interface equivalent of the Data Link and Physical layers of OSI **ping** is used to test whether a connection with a remote resource is possible. **traceroute** is used to map the path a request takes to the requested resource.