What are Call Back Functions in JavaScript

Callback functions often seem quite confusing or complicated at first, but if we take a look under the hood we’ll find that they’re fairly straightforward. The chances are that you’ve already used them.

Callbacks are typically used to run a piece of code after a certain event has happened. Whether this event is mouse-clicking on a link, data being written to a database, or just another piece of code finishing executing isn’t important, as it could be just about anything. A callback function itself is typically an anonymous function—a function declared without a name—that’s passed directly into the receiving function as a parameter. Don’t worry if this just seems like jargon right now; we’ll look at code examples soon and you’ll see how easy it actually is!

Running a Callback Function

Simply declare a new function called setTimeout that accepts the parameters callback and delay; the names aren’t important—they can be anything you want. The following code snippet demonstrates this (note that you’ll not be able to run this in a JavaScript console):

The callback parameter is expected to be a function, which can be invoked at a specific

point in the setTimeout function 1. In this case you’re passing it a simple anonymous function 2 that will write a message to the console log. So when the setTimeout function deems it appropriate, it will invoke the callback and the message will be logged to the console. That’s not so difficult, is it?

If JavaScript is your first programming language you’ll have no idea how weird this concept of passing anonymous functions around looks to those coming in from different backgrounds. But the ability to operate like this is one of JavaScript’s great strengths. Typically you won’t generally look inside the functions running the callbacks,whether it’s setTimeout, jQuery’s ready, or Node’s createServer. The documentation for all of these will tell you what the expected parameters are, and also what parameters it may return.

CallBack Scope

Something to bear in mind when passing anonymous functions around like this is that the callback doesn’t inherit the scope of the function it’s passed into. The callback function isn’t declared inside the destination function, merely invoked from it. A callback function inherits the scope in which it’s defined. 

Let’s understand this with the idea of scope circles and look at this visually in figure

Here you can see that the callback has its own local scope inside the global scope, as that’s where requestB is defined. This is all very well and good if your callback will only need access to its inherited scope, but what if you want it to be smarter? What if you want to use data from your asynchronous function in your callback? Currently the example callback function has a dollar amount hard-coded into it, but what if you want that value to be dynamic, to be a variable? Assuming this value is set in the setTimeout function, how do you get it into the callback? You could save it to the global scope, but as you know by now this would be bad. So you need to pass it as a parameter into the callback function. This should give you something like the scope circles shown in figure

This code snippet will output the same message to the console that you’ve already seen. The big difference now is that the value of dollars is being set in the setTimeout function and being passed to the callback.

ARP Cache Poisoning of Switched Network

In my previous article Sniffing a switched network i gave an introduction, on how a switched networked can be sniffed and what are the popular different techniques. In this article i am explaining one of the techniques i discussed in my previous  article.

The ARP Process

The two main types of packet addressing are at layers 2 and 3 of the OSI model. These layer 2 addresses, or MAC addresses, are used in conjunction with whichever layer 3 addressing system you are using. In this book, in accordance with industry-standard terminology, I refer to the layer 3 addressing system as the IP addressing system. All devices on a network communicate with each other on layer 3 using IP addresses. Because switches operate on layer 2 of the OSI model, they are

cognizant of only layer 2 MAC addresses, so devices must be able to include this information in packets they construct. When a MAC address is not known, it must be obtained using the known layer 3 IP addresses to be able to forward traffic to the appropriate device. This translation process is done through the layer 2 protocol ARP. The ARP process, for computers connected to Ethernet networks, begins when one computer wishes to communicate with another. The transmitting computer first checks its ARP cache to see if it already has the MAC address associated with the IP address of the destination computer. If it does not, it sends an ARP request to the data link layer broadcast address FF:FF:FF:FF:FF:FF, as discussed in Chapter 1. As a broadcast packet, this packet is received by every computer on that particular Ethernet segment. The packet basically asks, “Which IP address owns the XX:XX:XX:XX:XX:XX MAC address?”

Devices without the destination computer’s IP address simply discard this ARP request. The destination machine replies to the packet with its MAC address via an ARP reply. At this point, the original transmitting computer now has the data link layer addressing information it needs to communicate with the remote computer, and it stores that information in its ARP cache for

fast retrieval.

How ARP Cache Poisoning Works

ARP cache poisoning, sometimes called ARP spoofing, is the process of sending ARP messages to an Ethernet switch or router with fake MAC (layer 2) addresses in order to intercept the traffic of another computer. Figure illustrates this setup.

ARP cache poisoning is an advanced form of tapping into the wire on a switched network. It is commonly used by attackers to send falsely addressed packets to client systems in order to intercept certain traffic or cause denialof- service (DoS) attacks on a target. However, it can also be a legitimate way to capture the packets of a target machine on a switched network.

Tapping out a Switched Network

In my previous article Sniffing a switched network i gave an introduction, on how a switched networked can be sniffed and what are the popular different techniques. In this article i am explaining one of the techniques i discussed in my previous  article.

A network tap is a hardware device that you can place between two points on your cabling system in order to capture the packets between those two points. As with hubbing out, you place a piece of hardware on the network that allows you to capture the packets you need. The difference is that rather

than using a hub, you use a specialized piece of hardware designed for network analysis. There are two primary types of network taps: aggregated and non aggregated. Both types of taps sit in between two devices in order to sniff the communications. The primary difference between an aggregated tap and a non aggregated tap is that the non aggregated tap has four ports and the aggregated tap only has three ports. Taps also typically require a power connection, although some include batteries for brief stints of packet sniffing without the need to plug into a power receptacle.

Aggregated Taps

The aggregated tap is the simplest to use. It has only one physical monitor port for sniffing bidirectional traffic. To capture all traffic to and from a single computer plugged into a switch using an aggregated tap, follow these steps:

1. Unplug the computer from the switch.
2.  Plug one end of a network cable into the computer, and plug the other end into the tap’s “in” port.
3.  Plug one end of another network cable into the tap’s “out” port, and plug the other end into the network switch.
4. Plug one end of a final cable into the tap’s “monitor” port, and plug the other end into the computer that is acting as your sniffer.

The aggregated tap should be connected as shown in Figure. At this point, your sniffer should be capturing all traffic in and out of the computer you’ve plugged into the tap.

Non aggregated Taps

The nonaggregated tap is slightly more complex than the aggregated type, but it allows a bit more flexibility when capturing traffic. Instead of a single monitor port that can be used to listen to bidirectional communication, the nonaggregated type has two monitor ports. One monitor port is used for sniffing traffic in one direction (from the computer connected to the tap), and the other monitor port is used for sniffing traffic in the other direction (to the computer connected to the tap).

To capture all traffic to and from a single computer plugged into a switch,

follow these steps:

1. Unplug the computer from the switch.
2. Plug one end of a network cable into the computer, and plug the other end into the tap’s “in” port.
3. Plug one end of another network cable into the tap’s “out” port, and plug the other end into the network switch.
4. Plug one end of a third network cable into the tap’s “monitor A” port, and plug the other end into one NIC on the computer that is acting as your sniffer.
5.  Plug one end of a final cable into the tap’s “monitor B” port, and plug the other end into a second NIC on the computer that is acting as your sniffer.

The nonaggregated tap should be connected as shown in Figure

Choosing a Network Tap

Given the difference between these two types of taps, which one is better? In most situations, aggregated taps are preferred, because they require less cabling and don’t need two NICs on your sniffer computer. However, in situations where you are capturing a high volume of traffic or care about traffic going in only one direction, nonaggregated taps are beneficial.

Hubbing a Swiched Network

In my previous article Sniffing a switched network i gave an introduction, on how a switched networked can be sniffed and what are the popular different techniques. In this article i am explaining one of the techniques i discussed in my previous  article.

Another way to capture the traffic through a target device on a switched network is by hubbing out. This is a technique by which you segment the target device and your analyser system on the same network segment by plugging them directly into a hub. Many people think of hubbing out as cheating, but it’s really a perfect solution in situations where you can’t perform port mirroring but still have physical access to the switch the target device is plugged into.

To hub out, all you need is a hub and a few network cables. Once you

have your hardware, connect it as follows:

1. Go to the switch the target device resides on and unplug the target fro the network.

1. Plug the target’s network cable into your hub.

1. Plug in another cable that connects your analyzer to the hub.

1. Plug in a network cable from your hub to the network switch to connect the hub to the network.

Now you have basically put the target device and your analyzer in the same broadcast domain, and all traffic from your target device will be broadcast so that the analyzer can capture those packets, as illustrated in Figure

In most situations, hubbing out will reduce the duplex of the target device from full to half. While this method isn’t the cleanest way to tap into the wire, it’s sometimes your only option when a switch does not support port mirroring. But keep in mind that your hub will also require a power

connection, which can be difficult to find in some instances.

Finding True Hub

When hubbing out, be sure that you’re using a true hub and not a falsely labeled switch. Several networking hardware vendors have a bad habit of marketing and selling a device as a hub when it actually functions as a low-level switch. If you aren’t working with a proven, tested hub, you will see only your own traffic, not that of the target device. When you find a hub, test it to make sure it really is a hub. If it is, it’s a keeper! The best way to determine whether or not a device is a true hub is to hook up a pair of computers to it and see if one computer can sniff traffic between the other computer

and various other devices on the network, such as another computer or a printer. If so, that’s a true hub. Since hubs are so antiquated, they are not really mass-produced anymore. It’s almost impossible to buy a true hub off the shelf, so you’ll need to be creative in order to find one.  eBay can be a good source of hubs, but be wary, as you may run into the same issue with switches mislabeled as hubs.