December 16, 2017, 08:05:07 PM
Welcome, Guest. Please login or register.

"640 K ought to be enough for anybody." -- Bill Gates

Author Topic: Basics of Ip Addressing and Reversing with a little class ;)  (Read 1713 times)

Offline ch3rn0byl

  • Top Hat Member
  • Experienced
  • ********
  • Posts: 191
  • Internets: +1337/-0
  • Grumpy Old Man with Mounds of Salt
Basics of Ip Addressing and Reversing with a little class ;)
« on: April 17, 2016, 09:20:21 PM »
So we all want to be 1337 and hack and pop shells...well try to, atleast. But you have to know a little networking atleast to know what's going on! Without it, you'll probably be asking what??? Why can't I hack my girlfriend/boyfriend/dog's facebook??

Alrighty, so you have a few things in an addy:
   1. Network I.D
   2. Hosts
   3. Subnet Mask
   4. Classes

Let's begin with a little class. No one likes dirty ;)
You have 2 types of networks. You have your public addresses and your private addresses.
Lets start with a public net. Publics you can reach over the internet like websites, email, maybe even a movie server you own.

Classes for a public are:
   A) 1-126.x.x.x   w/ 255.0.0.0 or /8
   B) 128-191.x.x.x w/ 255.255.0.0 or /16
   C) 192-223.x.x.x w/ 255.255.255.0 or /24

If you notice, 127 is not in there. It's left out because that's a Loopback address. It could be used as a way to troubleshoot, or to test if your website is a go on your local machine. Anything that happens here, stays here. Sorta like Vegas ;)

The classes for a private are:
   A) 10.x.x.x      w/ 255.0.0.0 or /8
   B) 172.16-31.x.x w/ 255.255.0.0 or /16
   C) 192.x.x.x     w/ 255.255.255.0 or /24

That's it for classes. Boring, I know...but it helps.

Now let's break down an address
An IP address breaks down to a 32 bit addy.

8 bits. 8 bits. 8 bits. 8 bits = 32 bits....rephrase
11111111.11111111.11111111.11111111

See how four 8's goes to 32? or if you count each one, it equals up to 32?
What does each one stand for?? Lets get that one too!

128 64 32 16 8 4 2 1

Now it's not just a single ones randomly put together. No, sir!
192 would be all the numbers added up as so:

128 64 32 16 8 4 2 1
 1   1  0  0 0 0 0 0
128 + 64 = 192
11000000

168 would be: 10101000 and so on.

You get the idea :) That goes for each net you encounter. Just add it up and you'll have your binary...which will be useful to you later on in this tut...for the long way of course

Now on to picking out the network. Let's take a look at 192.168.126.145/24.
So the CIDR is a /24 meaning a 255.255.255.0
So, your net id and hosts would look as such:

Network     | Host
------------------
192.168.126 | 145
255.255.255 | 0

Another example. Lets take a look at 10.134.142.144/8
CIDR is a /8.
So, your net id would look as such:

Network |    Host
---------------------
   10  | 134.142.144
   255 | 0.0.0

Got it?? Sweet :) Fairly easy stuff gents. On to the next.

Reversing, the somewhat fun stuff. But it helps to know what you're working with if ever needed.
Lets take another look at uhhh....lets see...
Well, you do an ipconfig on "your" computer and you see 45.165.42.125/16. Ok, lets see what we're working with...
That would be 45.165.42.125 255.255.0.0. Got it.

There are two ways to finding it. A looooong way, and the short way. Lets do the long way first. Get that out the way

You can find it with the Logical AND
Basically, it's:

1 and 0 is 0
0 and 1 is 0
1 and 1 is 1

So 45.165.42.125 will be 00101101.10100101.00101010.10000011
255.255.0.0 will be 11111111.11111111.0.0

Now, do some Logical And!!
Line them up as so and go to town:

0 0 1 0 1 1 0 1 . 1 0 1 0 0 1 0 1 | 0 0 1 0 1 0 1 0 . 1 0 0 0 0 0 1 1
1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 | 0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0
---------------------------------------------------------------------
0 0 1 0 1 1 0 1 . 1 0 1 0 0 1 0 1 | 0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 <-- This would be your network id

So add them up, and you get a network id of: 45.165.0.0
For the next part, you need to turn all the bits on AFTER the "|", or the net id as so:

0 0 1 0 1 1 0 1 . 1 0 1 0 0 1 0 1 | 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 <-- This is your broadcast

Adding all that up, you get: 45.165.255.255

Lets put it together. Looking at that and doing the work, you get:
A network id of:         46.165.0.0
Your hosts will be from: 46.165.0.1 - 45.165.255.254
Your broadcast will be:  46.165.255.255

Voila!!

What if you come across one that says...84.168.44.15/22?
Whoa!! /22?? What is that??
Well, glad you asked. A "/22" is just 6 bits AFTER the CIDR of a /16.

So let's take a deeper look into it. If you recall earlier, you'll notice that there is /8, /16, and /24.
Also, remember that in the subnet binary, each bit is 1. So some simple math, you would "turn on" 6 bits. Check it:

1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 | 1 1 1 1 1 1 0 0 . 0 0 0 0 0 0 0 0 <-- This is how a /22 looks like

This would add up to: 255.255.252.0 because 128 + 64 + 32 + 16 + 8 + 4

So using the same steps as above, you can find the network id, hosts, and broadcast.

0 1 0 1 0 1 0 0 . 1 0 1 0 1 0 0 0 . 0 0 1 0 1 1 | 0 0 . 0 0 0 0 1 1 1 1
1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 | 0 0 . 0 0 0 0 0 0 0 0
-----------------------------------------------------------------------
0 1 0 1 0 1 0 0 . 1 0 1 0 1 0 0 0 . 0 0 1 0 1 1 | 0 0 . 0 0 0 0 0 0 0 0 <--Net id
0 1 0 1 0 1 0 0 . 1 0 1 0 1 0 0 0 . 0 0 1 0 1 1 | 1 1 . 1 1 1 1 1 1 1 1 <--Broadcast. Remember, everything gets turned on after "|"

So you have
Network id of: 84.168.44.0
Host range:    84.168.44.1 - 84.168.47.254
Broadcast is:  84.168.47.255

Finally, the short way!
We will use the same IP as the sample above of 84.168.44.15/22
Here is a a little chart you can follow for the following steps

Subnet:     128 192 224 240 248 252 254 255
Block Size: 128  64  32  16   8   4   2   1

So there are a few steps you need to take.
1. Identify the block size
2. Divide the last network octet by the block size
3. Multiply it by the block size, and
4. Write it out :)

Step 1.
Your block size will be the last bit that is turned on. So, to see that...check this:
Remember how in the above example I told you its "6 digits AFTER the CIDR of 16"?

Subnet:     128 192 224 240 248 252 | 254 255
Block Size: 128  64  32  16   8 [4] |   2   1
              1   1   1   1   1   1 |   0   0
It's 4

Step 2.
You have to find out where on earth is 44 with a block size of 4.
What do you mean by that??
So since the block size is 4, the blocks will be: 0, 4, 8, 12, etc..
The way you find that out is by DIVIDING the network octet by the block size
So, simple math again.
What's 44 divided by 4?? You got it! 11

Step 3.
Now, you multiply the result, by the block size
So again...
What's 11 * 4?? You got it! 44
So it's already sitting in a 44 block.

Step 4.
Write it out!
You'll get a network id of: 84.168.44.0
Getting the hosts, you add the block size (4), and subtract 2: 84.168.44.1 - 84.168.47.254
Now the broadcast, add 1 from the last host: 84.168.47.255

Let's do another one.
Let's do 36.192.127.43/21

Subnet:     128 192 224 240 248 | 252 254 255
Block Size: 128  64  32  16 [8] |   4   2   1
              1   1   1   1   1 |   0   0   0

Step 1.
You get a block size of 8

Step 2.
127 divided by 8 is 15.875
Uh oh! We have a remainder, dude!! Does that matter??
No sir it doesn't!!

Step 3.
15 * 8 is 120.
So this guy is actually in the 120 network block

Step 4.
Your network id is: 36.192.120.0
The host range is:  36.192.120.1 - 36.192.127.254
The broadcast is:   36.192.127.255

And...that's all folks!! :)
Lot's to read, but full of info.
« Last Edit: April 17, 2016, 09:31:24 PM by ch3rn0byl »
Will *personally* drive the fucking hour to rip the computer out of your hands

Offline TAPE

  • Top Hat Member Moderator
  • Elite
  • ********
  • Posts: 1249
  • Internets: +193/-0
Re: Basics of Ip Addressing and Reversing with a little class ;)
« Reply #1 on: April 18, 2016, 01:40:08 AM »
Holy Cow ch3rn0byl...


This is a friggin awesome post, you never cease to amaze..(either one way or the other.. :D :D hehe)


Thanks for the time put in it, this is gonna be one I will revisit often for sure.
Take all the advice you like and then tell everyone to **** off and do your own thing -- Gitsnik

Offline Grey-Matter

  • Top Hat Member
  • Experienced
  • ********
  • Posts: 112
  • Internets: +57/-0
Re: Basics of Ip Addressing and Reversing with a little class ;)
« Reply #2 on: April 18, 2016, 02:50:35 AM »
Absolutely top friggin quality as always brotha!!!

Offline ch3rn0byl

  • Top Hat Member
  • Experienced
  • ********
  • Posts: 191
  • Internets: +1337/-0
  • Grumpy Old Man with Mounds of Salt
Re: Basics of Ip Addressing and Reversing with a little class ;)
« Reply #3 on: April 18, 2016, 04:29:24 AM »
Holy Cow ch3rn0byl...


This is a friggin awesome post, you never cease to amaze..(either one way or the other.. :D :D hehe)


Thanks for the time put in it, this is gonna be one I will revisit often for sure.
Absolutely top friggin quality as always brotha!!!
Thank you, gents!! :D
Will *personally* drive the fucking hour to rip the computer out of your hands

Offline H4v0K

  • Administrator
  • Elite
  • *****
  • Posts: 1020
  • Internets: +986/-1
Re: Basics of Ip Addressing and Reversing with a little class ;)
« Reply #4 on: April 18, 2016, 04:56:00 AM »
Very nice man and all this time  I didn't know u could count :P  +1 

Offline doctane

  • Top Hat Member
  • Experienced
  • ********
  • Posts: 154
  • Internets: +14/-0
  • Never should of trusted hollywood!
    • Public key
Re: Basics of Ip Addressing and Reversing with a little class ;)
« Reply #5 on: April 18, 2016, 06:45:05 AM »
What if they are using ipv6?

 :P
---
Don't blink, don't move. You feel that, as your worries fade away? You hear that? That's the Sound of Madness, calling for you!

Offline ch3rn0byl

  • Top Hat Member
  • Experienced
  • ********
  • Posts: 191
  • Internets: +1337/-0
  • Grumpy Old Man with Mounds of Salt
Re: Basics of Ip Addressing and Reversing with a little class ;)
« Reply #6 on: April 18, 2016, 01:15:19 PM »
Very nice man and all this time  I didn't know u could count :P  +1 
Yea man, I actually had to ask my friend if I can use her fingers and toes haha

What if they are using ipv6?
Then whatever you do, make sure to use ::1
Will *personally* drive the fucking hour to rip the computer out of your hands

Offline FiendCoder

  • Pay no attention, to the man behind the curtain!
  • Top Hat Member
  • Prospect
  • ********
  • Posts: 4
  • Internets: +0/-0
Re: Basics of Ip Addressing and Reversing with a little class ;)
« Reply #7 on: April 18, 2016, 04:03:23 PM »
Ch3rn good job bro, much appreciated for the skills man. always a pleasure to learn from you.

Offline Ov3rd0s3

  • *SQL INJECTION CERTIFIED*
  • Enthusiast
  • *****
  • Posts: 73
  • Internets: +17/-1
  • I walk in the light but reside in the shadows
Re: Basics of Ip Addressing and Reversing with a little class ;)
« Reply #8 on: April 19, 2016, 03:19:12 PM »
Amazing ch3rn =)   Keep em coming we need more tutorials of this quality ^.^

+1
Lost In Space from the split OD on acid.

Offline outofstep

  • Top Hat Member
  • Enthusiast
  • ********
  • Posts: 85
  • Internets: +19/-2
    • Dorkfeast
Re: Basics of Ip Addressing and Reversing with a little class ;)
« Reply #9 on: May 20, 2016, 11:37:09 AM »
Nice post, it hurts my brain