Saturday, 30 October 2010

Language trends in exploit development

The exploit database in Backtrack 4 currently holds over 13,000 exploits, from the present back to 1996.

As I am keenly interested in this area, I was interested to see what languages have been used for exploit development, and how these have changed over time.

Here I have documented some very basic analysis (using bash commands, and open office) to look at the languages used in exploit development, and try to see if there are any trends that can be seen over the period that the database has been collected.

Please note, this analysis took around 2 hours (such is the power of the bash shell) though this is a brief amount of time, and as such may contain the odd schoolboy error ;o)


If you are not interested in my workings, by all means skip to the pretty graphs at the bottom.

Initial trend by year

The exploitdb has an index file; files.csv, which contains comma delimited information on each exploit in  the database, and this is the data I am going to be using for my analysis. The fields are as follows:

1,platforms/windows/remote/1.c,"MS Windows WebDAV (ntdll.dll) Remote Exploit",2003-03-23,kralor,windows,remote,80
....
14405,platforms/php/webapps/14405.txt,"PHP-Fusion Remote Command Execution Vulnerability",2010-07-18,"ViRuS Qalaa",php,webapps,0

The csv format is structured as; number, file, title, date, author, platform, type, port

So, to look at the number of entries for 2005 we can use the following bash expression:

cat files.csv | cut -d"," -f4 | grep 2005 | wc -l
655


(Here we read the file, take the fourth field only, and count the number of lines containing the expression "2005")

Let's recursively look at the number of exploits in the database for each year using a "for loop" on the command line:

for year in $(seq 1996 2010); do echo -ne "$year = "; cat files.csv | cut -d"," -f4 | grep $year | wc -l; done
1996 = 7
1997 = 13
1998 = 0
1999 = 1
2000 = 63
2001 = 55
2002 = 17
2003 = 142
2004 = 407
2005 = 655
2006 = 1783
2007 = 1954
2008 = 3217
2009 = 3161
2010 = 2295




So we are definitely seeing some up-tick there over time ;o) and I am interested in looking at trends in the languages used for exploit development in this database.

Languages used

This part is not so easy, but I am going to use some very basic checks using the file extension in the filename (which is certainly unreliable for Linux, but an interesting first look)

Let's see what file extensions we do have, and in what proportion for the whole database:

So we need the second field, cut of the extension after the dot, and sort for unique entries

cat files.csv | cut -d"," -f2 | cut -d"." -f2 | sort -u

Which returned several odd items, not worth putting here. Interesting results though, with perhaps some typos in the database (? I will investigate these later).

Anyway, just use the ones that are identifiably "languages", make a list of them, and then look at the total usage for the database.

Here is the list I am going for:

for lang in $(cat langs.txt); do echo -ne "$lang = "; cat files.csv | cut -d"," -f2 | cut -d"." -f2 | grep $lang$ | wc -l ; done
asm = 25
asp = 14
bat = 1
c = 1512
cgi = 2
cpp = 120
cs = 1
delphi = 1
htm = 124
html = 595
jar = 2
java = 4
js = 4
ksh = 1
php = 785
pl = 1784
py = 608
rb = 192
sh = 99
sql = 10
vbs = 2


Note: the second $ in "grep $lang$" is quite important because "c", for example, appears in other extensions

So, let's take the significant ones (anything above 10) and look into those more:

for lang in $(cat toplangs.txt); do echo -ne "$lang = "; cat files.csv | cut -d"," -f2 | cut -d"." -f2 | grep $lang$ | wc -l ; done
asm = 25
asp = 14
c = 1512
cpp = 120
htm = 124
html = 595
php = 785
pl = 1784
py = 608
rb = 192
sh = 99
sql = 10


Looking at the total usage (based on file extension)


...and usage over the past couple of years:


As you can see, Perl seems to be a clear winner, though Python is definitely on the rise, and seems due to overtake at some point.


Looking at language trends over a period of 15 years

To get just the extensions and dates we can use:

cat files.csv | cut -d"," -f2,4 | cut -d"." -f2

For each year, and for each language, I want to grep for the year/language combination and count the result:

for year in $(seq 1996 2010); do echo "For year $year"; for lang in $(cat toplangs.txt); do echo -ne "$lang = "; cat files.csv | cut -d"," -f2,4 | cut -d"." -f2 | grep $year | grep $lang, | wc -l ; done ; done

Blah, blah, blah...

...
For year 2010
asm = 4
asp = 0
c = 101
cpp = 3
htm = 0
html = 108
php = 43
pl = 174
py = 164
rb = 34
sh = 6
sql = 0


Which resulted in an interesting graph:


Which languages should I learn?

So, based on these results, if you are interested in Ethical Hacking, (exploit development and analysis) and you want to learn a programming language in order to do this, then based on these results, I would recommend the following (in this order):
  1. Perl
  2. Python
  3. C
Also, as web application hacking is a huge part of exploit development these days, it's definitely worth studying PHP, ASP, Javascript, and some SQL too.

    27 comments:

    1. Hi,

      Thanks for sharing a very interesting article about Language trends in exploit development. This is very useful information for online blog review readers. Keep it up such a nice posting like this.

      Regards,
      WondersMind,
      Best Web Design Company in Bangalore

      ReplyDelete
    2. Thanks for sharing such informative post putlocker

      ReplyDelete
    3. Thank you for sharing your thoughts and knowledge on this topic. putlocker

      ReplyDelete
    4. Hey Guys !

      USA Fresh & Verified SSN Leads with DL Number AVAILABLE with 99.9% connectivity
      All Leads have genuine & valid information

      **HEADERS IN LEADS**
      First Name | Last Name | SSN | Dob | DL Number | Address | City | State | Zip | Phone Number | Account Number | Bank Name | Employee Details | IP Address

      *Price for SSN lead $2
      *You can ask for sample before any deal
      *If anyone buy in bulk, we can negotiate
      *Sampling is just for serious buyers

      ==>ACTIVE, FRESH CC & CVV FULLZ AVAILABLE<==
      ->$5 PER EACH

      ->Hope for the long term deal
      ->Interested buyers will be welcome

      **Contact 24/7**
      Whatsapp > +923172721122
      Email > leads.sellers1212@gmail.com
      Telegram > @leadsupplier
      ICQ > 752822040

      ReplyDelete
    5. We offer certified and verifiable bank instruments via Swift Transmission from a genuine provider capable
      GENUINE BANK GUARANTEE (BG) AND STANDBY LETTER OF CREDIT (SBLC) FOR BUY/LEASE

      ReplyDelete
    6. Digi Tech Tricks
      USA Fresh & Verified SSN Leads with DL Number AVAILABLE with 99.9% connectivity

      ReplyDelete
    7. One the best article on my whole life, I have read your website blogs and web pages, trust me you are expert on this topic. I stumbled onto your blogs and I like your style of writing. I hope it will continue in the future because it is so beneficial and meaningful to the community. Thank you admin. assignment help online - auditing assignments - university assignment help - help assignment

      ReplyDelete
    8. Outstanding read, I just passed this onto a my friend who was doing a little research on this topic information and He was right, It is very helpful blog about this topic. Excellent content on your website many blogs and web pages, it’s nice to find a website the details so much information about many others niche and trust me you are my idol. Thank you admin for this. engineering mathematics assignment help - geotechnical engineering assignment help - rationalism assignment help - recruitment assignment help

      ReplyDelete
    9. IT Service Management System is responsible for delivering quality services to the customers. ISO 20000 standard demonstrates the specifications to enhance the IT services in an organization. ISO 20000 Certification in Thailand| for all service industries | internationally accepted | Online Audit | Contact:enquiry@iascertification.com. Call @ +6531591803

      ReplyDelete
    10. Took me time to read all the comments, but I really enjoyed the article. It proved to be Very helpful to me and I am sure to all the commenters here! It’s always nice when you can not only be informed, but also entertained. work online from home and get paid

      ReplyDelete
    11. Thanks for sharing your information. We provide best SEO Services and Web development
      Web Development
      Best SEO sevices

      ReplyDelete
    12. Assignment Help that are written by the assignment writing experts are plagiarism-free and thus the assignments can be submitted anywhere. Students who take the assignment assistance have very chill and tension free life and they can do whatever they want to do in their life so they love assignment assistance.

      ReplyDelete
    13. Visiting an unknown place where everybody is unknown to you is quite challenging. It usually makes us feel insecure. Find a villa that is completely safe and secure for visitors. It is much more important than anything else.

      ReplyDelete
    14. In-home care is care provided to persons - usually elderly seniors - in their own homes, allowing them to remain at home rather than moving into a residential, long-term, institutional setting. In the comfort and convenience of a person's own home, these skilled healthcare llc provide a variety of companionship, personal care, and supervision services. If given the option, most people would choose home care over institutional care.

      ReplyDelete
    15. Thank you Foreign visitors who wish to visit the Turkey need to apply for Turkey Travel Visa online. apply for Turkey evisa, travelers need to fill out an application form.

      ReplyDelete
    16. Thank you for posting such a great blog article! I've found this website perfect for my needs. It contains wonderful and helpful posts. Keep up the good work. Thank you for this wonderful share! Meanwhile, visit miu post utme past questions pdf free download

      ReplyDelete
    17. Software selling company in mumbai
      The software can be created which can make any computing task easy. Through Software development, we can get rid of major human errors and make the process smooth, fast, and accurate. Techverden’s service providers offer Software development services to help businesses to develop and create software based on the requirements of their clients.

      ReplyDelete
    18. Hello! I was sure I've been to this blog before, however after checking through some of the posts I realized it's actually a new one to me. Anyhow, I am definitely delighted I found it and I will book-mark and check back often. Indian 30 days tourist eVisa from USA, you don't need to go to embassy and consulate, you can get Indian visa online for US citizens. Online via Indian eVisa Portal.

      ReplyDelete
    19. I thought I had been to this site before, but when I read some of the posts, I realized it's new to me. Anyhow, I'm glad I found it and I'll be back often. Indian 30 days tourist eVisa from USA, you don't need to go to embassy and consulate, you can get Indian visa online for US citizens. Online via Indian eVisa Portal.

      ReplyDelete
    20. There are millions of people who are struggling to achieve their ambitions and dreams in their lives. But you could get an edge over them, if you seek the services of our Best astrologer in Sydney, Australia.

      Indian Astrologer in Sydney

      ReplyDelete
    21. Today, I was just browsing along and came across your blog.Just wanted to say good blog and this article helped me a lot.. If you are willing to travel to India, you will need a visa. Apply for an e visa to an Indian online. Do you have any questions regarding e Visa India documents? You can find all frequently asked questions with the answers on eta Indian e visa website. You can also contact the visa support center by phone or by email. Apply for your visa easily and quickly.


      ReplyDelete
    22. Our experts who offer MYOB Assignment Help are cognizant of the significance of accountancy assignments and extend a helping hand to students in order to help them manage the complex of assignments; develop a solid understanding of the topic. They assist you with doing your work and developing a solid base in the subject so you may stand out from your classmates and fellow students. Our online site, which includes Online Assignment Help, is credible and genuine.

      ReplyDelete
    23. Global Assignment Help is an online platform that aims to offer services to the needful students to score high in their academics. We are recognized for our high-quality and plagiarism-free content. We understand the needs of students and their academic guidelines. To get help from the best assignment experts log on to https://globalassignmentexpert.com/ and order your assignment.

      ReplyDelete