Home > Programming, Tech > metasploit answers: “Should a good pen-tester know assembly?”

metasploit answers: “Should a good pen-tester know assembly?”

It’s a question I’ve asked myself quite a bit over the last 2 years, and I have finally answered “Yes, I do need to learn assembly”.

If you intend to learn assembly and don’t come from an engineering or electronics/physics background, I *highly* recommend reading Charles Petzold’s book Code, The Hidden Language of Computer Hardware and Software.

It gently introduces the concepts required to understand how computers work, why they are designed the way they are, and even how to build a simple computer using materials available 100 years ago. It’s a great read even for someone with no background in programming, and provides a foundation for beginning any type of programming (but especially low-level programming). It’s also a great read for management-types that want to really know what is going on in all those gray boxes.

The article is here – Penetration Testing: Learn Assembly?


Little things, like knowledge of beginner mistakes in configuration files, can go a long way to a successful penetration test. In the case of assembly, it helps, just like everything else does, but its not always required or even used frequently. Assembly language programming is mandatory for developing your own exploits and for tweaking others, but for the most part, it is not the defining factor in whether you will gain access to a network.

There is one critical task where deep knowledge of assembly (and C) is required; validating public exploits. Over the years, dozens of fake exploits have been released; some of these delete all of the files from the drive, while others install a persistent backdoor. There is one other class of backdoored exploits that you rarely hear about, but are still found on public exploit repositories. These exploits look correct, function correctly, but also provide the exploit author with access to the system you exploited. The tricky thing about these exploits is that to find the backdoor, you have to decode and understand the shellcode, which is invariably written in assembly language.

Categories: Programming, Tech
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s