I know this question has probably been asked a million times already here but I just can’t decide what to go with.
Here’s some background information on me. I’m practically interested in malware, cryptography, reverse engineering and breaking stuff. Don’t get me wrong, I’m not here to do any harm to anyone, ever. It’s just that these topics interest me and I’d like to learn more about them, think of it as a hobby of mine that keeps me up when I can’t sleep. The thing is, I already know the basics of each programming language so it’s hard for me to decide which one to pick. Currently I’m mostly interested in creating my own crypter. Which language should I focus on and if you could give a brief explanation why (pros, cons…)?
Lol. If you are interested in Linux malware, go for C (C++) would work as well. Windows malware, C++ and WinAPI are your friends. @dtm is your best buddy for C++ and WinAPI, he’s written some awesome content on crypters.
I am also learning C++ right now, and I am loving it. C++ is a really popular language and is a nice balance.
As this site’s loudest C++ programmer, I would suggest that you start with C. It gives you an appreciation for any higher level programming languages you may learn down the road, forces you to focus on the intricacies of your operating system, and is really good for disciplining a programmer.
Yeah, C++ is great, but to start with C++ makes no sense because C++ was made (in part) as a response to C. It would make more sense for you to start with C so that you have a solid foundation of system internals and what really goes on under the hood before starting C++, which adds abstraction and more programming paradigms.
Oh, and C and C++ are not the same. If you write C code and compile it with a C++ compiler, yes, it may compile; but you will have just written the most garbage C++ of your career. Good C is not good C++ and vice versa. Don’t let anyone tell you different! The creator of C++ himself (Bjarne Stroustrup) said so himself; One of the most prolific C programmers, Linus Torvalds, abhors C++.
While I believe that C++ would make for better malware (frameworks like Qt will make multiplatform support a bit easier), having that C discipline will make you a more elegant programmer.
I am all the way down the rankings when it comes to programming here on 0x00sec, I have experience programming firmware. If you wish to code firmware, go with embedded C/assembly for PIC’s
Like @oaktree said, C is a good language to learn the discipline of programming, my experiences with C up to this point have taught me that C will FORCE you to check every line of code twice, which is good practice. C is also used in a wide variety of operating systems, although C++ is the preferred language for malware. Only thing I hate about C is that it depends a lot on what system you are writing it. e.g. the embedded C language differs A LOT from the C language in Linux, so don’t expect to know programming by just knowing C on Linux. So I give the same suggestion as oaktree: start with C, move to C++.
Now unlike most other people, I think C# is very useful when writing things on Windows. Making a phishing program in C# on .NET is a true breeze, so if you’re going to focus on 'doze, learn some basic C# too. I think @TheDoctor can agree with me on this.
Best of luck! And do a better job than me with learning programming
I fully agree with @oaktree. That said, these are my 2 cents:
Malware. Malware heavily relies on low-level use of OS features, sometimes hidden features. As major OSes provide a C interface, that is the natural language to interact with it. Otherwise you will probably end up adding C++ wrappers around C calls that will only make your programs bigger and slower
Reverse Engineering. For this one, ASM will probably be more interesting, neither C/C++/C# will help you much on this, unless you are reversing C# code. In that case there are good decompiler and better knowing the language will help. AFAIK there is no good decompiler for C/C++ specially if the code has been crafted to make reverse engineering hard
Cryptography. Here I will still stick to C but C++ maybe a very good option. I would go with C because most cryptographic libraries still provides a C interface, and nowadays it is becoming more and more common to have HW support for cryptography, which is controlled by the OS (see first bullet). However, C++ is very interesting for science/math SW. If you are interest look for Templates as Parial Evaluation. In addition to this, it is a common trend nowadays to make use of the GPU for cryptography. In this case you have basically 3 options:
You do it yourself. You will have to code your own shaders and learn GLSL. This is closer to C than C++
Use CUDA from nVida. It provide C and C++ interfaces, but probably you will find more C++ information out there
Use OpenCL. I haven’t look much into this but looks more C++ related.
Ayyye, another malware guy! I’d say stick with C/C++ for malware since you have more power over your resulting binary which destroys antivirus’ signature-based detection. Having said that, assembly is probably a favourable addition upon them, especially for reverse engineering compiled binaries.
After going through it a couple of times, I decided to go with C first, seemed the most logical choice from what everyone suggested here.
What learning resources do you guys recommend? Stack Overflow is an obvious one of course but what about the books? I want one that explains stuff really well and doesn’t leave to many blanks. Any suggestions? What about the IDE? I’m currently using VS 2015 Community Edition. I know that C code will compile in a C++ project, but what about later on, when I start using GUIs?
@dtm How would one go about learning the WinAPI / C++ from a systems programmers perspective or malware developers perspective? The tutorials I’ve seen so far are either outdated or are GUI programming related, neither of which are useful from the looks of it.
@TheSeventhKind: The WinAPI is pretty well-documented, as is C++. Set out with a goal, and consult the documentation and StackOverflow to find the means to that goal.
1 Like
pry0cc
(Leader & Offsec Engineer & Forum Daddy)
13
Duuude. Stack Overflow should actually be called “decent place to copy and paste code if you can’t code it yourself/can’t be bothered”.
Honestly, I think you should always learn from a programmer’s perspective. I see malware development as just normal programming but with malicious intent so they’re not actually that different so you’re probably much better off learning the proper coding styles, programming techniques, understanding the OS, etc. as well.
As @oaktree has already stated, the WinAPI is well-documented (for the most part) so all you really need to do is to look up the function you want and use it. There really isn’t any WinAPI tutorial so what you need to search is a more specific task that you need, for example winapi socket programming or winapi how to enumerate processes. There’s no need to be intimidated by all of the large and strange macros and types, they’re all documented as well so just do a simple Google search.
