From zero to hero in bug bounty [Pt. 2]

Introduction:

Welcome back to my complete bug bounty guide! I, first of all, want to thank everyone for your support and welcome all our new subscribers!Last week, we left the guide on requirements in bug bounty, this week, I'll introduce you to networking in bug bounty.

Networking is significantly important in bug bounty as we are almost always dealing with network attacks and it also plays a huge role in reconnaissance. Knowing how everything works under the hood is essential and cannot be skipped (if you still proceed, you might find it challenging later on).

Table of contents:

• What is a Network

• Protocols

• The OSI Model

• The Internet Protocol

• Subnet mask

• CIDR Notation

• Networking terminologies

What is a Network?

Your home probably has several devices, let's say, you have a personal computer, a printer, a smartphone and probably also a desktop. When these devices are connected they form a network. A network makes it possible for them to transfer data from one device to the other. Let's take a look at an example below.

Computer A tries to send data to the printer to print for example a document. To do so, computer A must first be in the same network as the printer. They should be connected to each other somehow in order to share data. To do so, you need a switch to connect them through a wire. The connection could also be established wirelessly by using an access point (basically, a switch without cables), this type of network is also called Wireless Fidelity, or Wi-Fi for short.And secondly, it should transmit the data in a way that is understandable for both devices (the sender, in this case: computer A, and the receiver: the printer). The structure in which data gets sent is called a protocol.

Protocols:

You can think of a protocol as a language. They help both devices understand the data that is being sent. One protocol that we are going to use a lot and talk more about in-depth is the Hyper Text Transfer Protocol, also commonly known as HTTP. This is a protocol that is used to surf the web. Don't worry for now as we will cover this protocol in a separate part.HTTP is one of the common protocols that we will use, but there are several others (I, unfortunately, won't cover these as they are beyond the scope of this guide). SMTP (Simple Mail Transfer Protocol) is used for sending electronic mails (or emails in short), Ethernet is used to transfer data in wired networks, etc.

To achieve tasks such as surfing the web & sending emails with attachments, we will need to make use of several protocols. The OSI Model allows us to reference each protocol and understand what is actually going on when we for example request a resource online. Let me explain what the OSI Model is, and shortly go over the layers and explain them briefly. Please, bear in mind that nowadays, not every protocol fits in the OSI Model, it is just a reference that we can use to make our lives a bit easier :)! Also, there are other models as well (such as the TCP/IP model) but are again outside the scope of this guide.

The OSI Model:

The OSI Model helps us to understand our network by breaking it down into separate layers. It basically consists of 7 layers: Physical, Data Link, Network, Transport, Session, Presentation and Application. The Application layer (where the File Transfer Protocol and web services are located) forms the top of the model, meanwhile, the Physical layer is located at the bottom of the OSI Model.There are a few rather funny mnemonics that can help us memorize the 7 layers, you can choose which one to remember:

• A_Penguin Said That Nobody Drinks Pepsi

• Please Do Not Throw Sausage Pizza Away

• Please Do Not Tell Salespeople Anything

Let's take a closer look at the different layers and see what role each one has (from top to bottom).- Layer 7: ApplicationThe application layer is where protocols form applications are. Think of HTTP, HTTPS, FTP, SMTP, SSH, Telnet, ...- Layer 6: PresentationThis layer is responsible for making sure that the data that is received is presented in a format that the device can fully understand.- Layer 5: SessionLayer 5 manages the connections or sessions between the two devices.- Layer 4: TransportThe Transport layer or layer 4 breaks the data into segments (small chunks of data, if it's large enough). This is also where the lower-level protocols such as TCP and UDP live.- Layer 3: NetworkWe now have everything to send data but there's no way to know where to. This is where Layer 3 or the Network layer comes into play. The Network layer will make sure to route the data to the correct destination by adding the correct address. From now on, we call our data chunk a "packet".The Network layer is also where the Internet Protocol (or IPv4 and IPv6) lives.- Layer 2: Data LinkThis layer is responsible to transfer data from one device to another device.- Layer 1: PhysicalLayer 1 or the Physical layer provides the physical connection with the device (like enabling sound, sending electrical signals, or electromagnetic waves for wireless networks, etc).This was a short introduction to the OSI Model if you want to get more in-depth, you can take a look at the following resources:

• OSI-Model - OSI-model.com

• The Transport Layer of OSI Model - TutorialSpoint

Now that we broke down how data gets transferred between 2 machines, let's move on to the next chapter where I cover the IP.

The Internet Protocol:

The Internet Protocol (or IP for short) forms the fundamental protocols and allows the internet to work. IP address act as a physical address. They allow devices to address each other across a network. They are unique, and there are 2 types of IPs: IPv4 and IPv6. The most common IP you'll see is IPv4. IPv4 is older but is more commonly used. Whereas IPv6 is much newer and only used in certain cases. They do look a lot different from each other:

Let's break down an IPv4 as we are most of the time only going to work with it. Each IP address consists of 4 digits separated by a dot. And each of the numbers is called an octet as it has an 8-bit value. And as 8-bit values start at 0 and end at 255, this means that an IP address also starts at 0.0.0.0 and ends at 255.255.255.255. This is called an IP space or a range.No worries if you haven't fully gotten this, you may want to look up how binary works to fully understand how and why an IP address starts with 0 and ends with 255.

Subnet mask:

We can further break an IP address down into 2 parts. Each IP address has actually 2 addresses. When the first organizations in the world started making use of IPs, the first 2 numbers formed the network address and the last 2 numbers represented the host address. However, this has changed over time as more and more devices started connecting to the internet. Nowadays, you can only tell what the host and network address are by looking at the subnet mask (I won't go into detail here but all 0 bits form the host address meanwhile all the 1 bits represent the network address).

CIDR:

If you have looked at some subnet masks, you may have realized that they aren't easy to write down. This is where CIDR notations help us. CIDR stands for Classless Inter-Domain Routing and is used to note down IP blocks. Take the following CIDR notation: 255.255.255.255/31. It looks like an IP address followed by a forward slash with a digit. The digit is used for identifying the hosts in that particular range. I recommend you read more about this subject as you will often come across these in bug bounty program scopes.

Networking terminologies:

TCP: TCP stands for Transmission Control Protocol and it basically ensures that data chunks, now called "packets" get sent to their destination reliably. It does so by opening a three-way handshake connection prior to sending the data packets and by also checking for errors. Since the data is divided into smaller packets, only 1 single packet has to be resent if it did contain an error (instead of terminating the whole connection and resending everything again). After the data has been transferred to the other device, it will terminate the connection using a similar four-way handshake.As we covered earlier, TCP is located in the Network layer of the OSI Model.UDP: UDP stands for User Datagram Protocol and is quite similar to TCP. The only big difference between the two is that UDP does not verify the receiving end and does not establish any kind of connection with it. Meaning, every data packet that gets sent (even if it contains errors), will not be checked for errors and resent. This makes UDP extremely unreliable compared to TCP, however, it is still used in certain conditions where delays cannot be part of a process as UDP is much faster than TCP.UDP is also located in the Network layer of the OSI Model.If you are going to rent a VPS or a Virtual Private Server (basically a computer located somewhere in the cloud), then you're going to hear about SSH a lot.SSH: SSH or Secure SHell helps you to establish an encrypted connection with another host (in this case, your VPS) and communicate with it securely (probably execute commands and perform some tasks that may or may not break some websites).SSH and many other similar protocols are located in the Application layer of the OSI Model.

And this is where I will wrap this up for this part.

Thank you for making it this far!

In the next part of Networking basics, I will go over what ports are, and explain DNS (and look at the process behind requesting a domain online) before moving on to HTTP. If you've made it this far! Congratulations! You are one of the few who have done this + you make much more chance to complete this guide and become a bug bounty hunter!I hope you've enjoyed this, if you have any feedback, please do not hesitate to reach out! You can reply to this email or get in touch via Twitter DM!Have a nice day and see you in the next post!

You can follow me on Twitter to receive upcoming updates on this newsletter:

Whenever you're ready, I can help you:

Get $200 in Digital Ocean credits to set up your Virtual Private Server: