Hacking with Python #0

Its been a while since ive posted anything, and for that I apologise.

Typically, my programming experience is derived from what ive been taught, as opposed to what language I found best for the job. In school, I was taught Visual Basic, in Uni I was taught C#. However, as most hackers do I taught myself C (well, enough C to explore stack based attacks) and what little assembly I could understand before my brain melted. However, the past two months I have programmed solely in Python, and by god, what an experience.

Python has so many fantastic things associated with it, that I hardly know where to begin. To start with the most obvious Python code is generally substantially shorter than any of the 3rd/4th generation languages. This is in part thanks to the massive  range of libraries associated with it. Though this does bring in the disadvantage that if an application requires a specific 3rd party library to run, you must first install it before you can run the application. However, Python is still cross platform, and extremely easy to develop in. In addition, Python is also an Object Orientated language, though it is worth noting that Python is extremely strict on indentation, and all python indents should be 4 character space in length.

Python development is as easy as typing python into your terminal (Linux/Unix boxes utilise python scripts, therefore some version of python will already by installed on them)

rorie@boo:~$ python
Python 2.6.5 (r265:79063, Apr 16 2010, 13:09:56)
[GCC 4.4.3] on linux2
Type “help”, “copyright”, “credits” or “license” for more information.

this is the python interpreter, we can run commands straight from here, or we can save them with the .py extension and run it as a script

>>>print “hello”

hello

Ok, so that was easy. It was also pretty boring…

The really amazing thing about python is the amount of different frameworks and API’s built on top of it. I want to show you some of the cross platform frameworks built on top of python, and just how easy they are to use thanks to awesome pythonic coding.

Scapy – Scapy is a packet manipulation tool. It allows you to literally build a packet from the ground up, as well as send an receive them. If installed from the Ubuntu repository the set-up of the environment variables is done for you and we can jump right in.

rorie@boo:~$ sudo scapy
[sudo] password for rorie:
INFO: Can’t import python gnuplot wrapper . Won’t be able to plot.
INFO: Can’t import PyX. Won’t be able to use psdump() or pdfdump().
WARNING: No route found for IPv6 destination :: (no default route?)
Welcome to Scapy (2.0.1)
>>> IP(dst=”192.168.1.1″, src=”192.168.1.100″/TCP(dport=[80

We can ignore the info messages as what we are using scapy for does not require the additional packages. We can easily create a ping packet as follows:

>>>packet = IP(dst=”192.168.1.254″, src=”192.168.1.100″)/TCP(dport=[80])

and we can send it with

>>>sr(packet)
<IP  version=4L ihl=5L tos=0x0 len=44 id=0 flags=DF frag=0L ttl=64 proto=tcp chksum=0xb619 src=192.168.1.254 dst=192.168.1.100 options=” |<TCP  sport=www dport=ftp_data seq=4256930905L ack=1 dataofs=6L reserved=0L flags=SA window=5840 chksum=0x6219 urgptr=0 options=[(‘MSS’, 1460)] |>>

You need to remembers that packets are build out of headers. Since TCP and IP are actually different headers, we need to create them separately and put them together. The source is the local machines IP, and in this case the destination is the local router.

Scapy’s sr (send an receive) function sends your packet, the waits for a reply.

Lets take a look at doing this again, but for IPv6.

>>> a = IPv6(dst=”fe80::20c:29ff:fe5f:f12″,src=”fe80::20c:29ff:fe51:5e07″)/ICMPv6EchoRequest()
>>> sr1(a)
Begin emission:
*Finished to send 1 packets.

Received 1 packets, got 1 answers, remaining 0 packets
<IPv6  version=6L tc=0L fl=0L plen=8 nh=ICMPv6 hlim=64 src=fe80::20c:29ff:fe5f:f12 dst=fe80::20c:29ff:fe51:5e07 |<ICMPv6EchoReply  type=Echo Reply code=0 cksum=0xbfd9 id=0x0 seq=0x0 |>>

This demonstration is by no means a detailed description of what scapy, or indeed python can do. But I hope it has been a nice little last of it. This is the first, in what will be a serious of tutorials I will release involving the use of python.

P.S – I am no way near done with Scapy, and there is alot more coming shortly!

 

Advertisements

About 1337hound

2nd Year Ethical Hacker at the University Of Abertay Dundee. President of Abertay's Ethical Hacking Society. Members of Abertay's Open Society. Member of TAYLUG. View all posts by 1337hound

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: