Finally, I have the time to write this blog since I have been so busy with other stuff such as doing CTF and boxes, studying for cert and read Cybersecurity books for the mindset. This is more like the continuation of Steal Like a Hacker that I wrote since Summer. My intention is to add more words to this blog but why add more words to it when I can create another blog about it! Like a sequel, if you know what I mean. Anyway let’s get to the point.
I happen read across Feynman Tips on Physics which is literally outside of Cybersecurity, there is one section that clicks my mind that is very applicable and relatable which is this section.
This is what is said in this section:
Those are all the rules I can remember as being necessary. So you say, “Well, that’s very easy: I’ll just memorize the whole damn table, and then I’ll know all the physics.” Well, it won’t work.
Actually, it might work fairly well at the beginning, but it gets harder and harder, as I pointed out in Chapter 1. Therefore, what we have to learn next is how to apply the mathematics to the physics in order to understand the world. The equations keep track of things for us, so we use them as tools—but to do that, we have to know what objects the equations are talking about.
The problem of how to deduce new things from old, and how to solve problems, is really very difficult to teach, and I don’t really know how to do it. I don’t know how to tell you something that will transform you from a person who can’t analyze new situations or solve problems, to a person who can. In the case of the mathematics, I can transform you from somebody who can’t differentiate to somebody who can, by giving you all the rules. But in the case of the physics, I can’t transform you from somebody who can’t to somebody who can, so I don’t know what to do.
Because I intuitively understand what’s going on physically, I find it difficult to communicate: I can only do it by showing you examples. Therefore, the rest of this lecture, as well as the next one, will consist of doing a whole lot of little examples—of applications, of phenomena in the physical world or in the industrial world, of applications of physics in different places—to show you how what you already know will permit you to understand or to analyze what’s going on. Only from the examples will you be able to catch on.
We have found many old texts of ancient Babylonian mathematics. Among them is a great library full of mathematics workbooks for students. And it’s very interesting: the Babylonians could solve quadratic equations; they even had tables for solving cubic equations. They could do triangles (See Fig. 2-3); they could do all kinds of things, but they never wrote down an algebraic formula. The ancient Babylonians had no way of writing formulas; instead, they did one example after the other—that’s all. The idea was you’re supposed to look at examples until you get the idea. That’s because the ancient Babylonians didn’t have the power of expression in mathematical form.
Today we do not have the power of expression to tell a student how to understand physics physically! We can write the laws, but we still can’t say how to understand them physically. The only way you can understand physics physically, because of our lack of machinery for expressing this, is to follow the dull, Babylonian way of doing a whole lot of problems until you get the idea. That’s all I can do for you. And the students who didn’t get the idea in Babylonia flunked, and the guys who did get the idea died, so it’s all the same!
So, now we try.
This is the same apply to Hacking and Playing CTFS, we just have to see the same technology and vulnerabilities such as Active Directory and SQL & OS Command Injections through a bunch of examples various boxes, writeup, walkthrough, tutorial and blogs from numerous people until it’s a second nature to you. If you keep doing this and you still didn’t get it then you flunked, those who get it died ! So it doesn’t matter either way and still the same !
So keep grinding doing boxes and have fun !!!