-
Notifications
You must be signed in to change notification settings - Fork 99
/
python-notes.txt
235 lines (151 loc) · 9.08 KB
/
python-notes.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
import subprocess
#subprocess is similar to import os module execute system command
subprocess.call("ifconfig",shell=True)
subprocess.call("ifconfig eth0",shell=True)
subprocess.call("ifconfig eth0;ls",shell=True)
this is not secure execation something hacker me manipulate commands ; && | to execute other command shell command
to avoid this we not using multiple command sequence in a single line we execute the command inside list one by one
we remove shell=True to avoid execute a single sequence of command
subprocess.call(["ifconfig","eth0"])
#we execute command one by one in list so their is no manipulation it return with error not execute other command
ifconfig_result = subprocess.check_output(["ifconfig",interface])
#we cannot save directly the result produced by the command rather we use subprocess.check_output to do the stuff
#we assign a variable to get the output produced by the command and then manipulate the variable to get our resulting output
----------------------------------------------------------------------------------------------------------------------------
import optparse
#to parse value as parameter in a commandline we use this module,it give a rich set feature in dealing with command line argments
python macchanger.py --interface eth0 --mac aa:bb:cc:dd:ee:ff
parser=optparse.OptionParser()
#create a parser object to use it on future code
parser.add_option("-i","--interface",dest="interface",help="Interface to change the mac address")
#adding the options like -i or --interface switches, dest this where the passed values get saved and help display the help msg python macchanger.py --help
parser.parse_args()
#this line tell the program to understand about argument passed in commandline
(options,arguments)=parser.parse_args()
#we save the passed argument into variable by assign a variable like this
#the parser.parse_args() funtion returns a value to this 2 varible options and arguments
#options is nothingbut the value passed in switch eg wlan0 and aa:bb:cc:dd:ee:ff
#arguments is nothingbut the switch itself eg --interface and --mac or -i and -m
if not options.interface:
parser.error("[-] Specify an Interface use python macchanger --help for more details")
#if their is an interface or value passed in commandline is not sufficient or not given we check the value if it is present,
#we leave it if it is not we through an error saying please specifiy an interface
---------------------------------------------------------------------------------------------------------------------------
import argparse
#successor of optparse updated version of optparse , optparse doesn't get upgrade so better shift to argparse to pass argument in command line
parser=argparse.ArgumentParser()
#create a parser object to use it on future code to do magic
parser.add_argument("-i","--interface",dest="interface",help="Interface to change the mac address")
#adding the options like -i or --interface switches, dest this where the passed values get saved and help display the help msg python macchanger.py --help
parser.parse_args()
#this line tell the program to understand about argument passed in commandline
options=parser.parse_args()
#we save the passed argument into variable by assign a variable like this
#the parser.parse_args() funtion returns a value to this 1 varible options but previous version optparse use two argument
#options is nothingbut the value passed in switch eg wlan0 and aa:bb:cc:dd:ee:ff
-----------------------------------------------------------------------------------------------------------------------
import re
#regular expression module which is super powerful to extract specify words in a content
ifconfig_result = subprocess.check_output(["ifconfig",interface])
current_mac = re.search(r"\w\w:\w\w:\w\w:\w\w:\w\w:\w\w",ifconfig_result)
#current_mac gets store the value which matches the pattern
#but the search method only returns the first occurence of the search pattern
print current_mac.group(0)
#only prints the first occurence of the search pattern due to search method
current_mac = re.findall(r"\w\w:\w\w:\w\w:\w\w:\w\w:\w\w",ifconfig_result)
print current_mac
#print all mac in type list
-------------------------------------------------------------------------------------------------------------------------
import scapy.all as scapy
#scapy is the ,ost powerful module to deal with raw ip packets , capture,create,generate, with the help of predefined protocols use to snif, inject packet,packet analysis and more. type ls(),lsc(),ls(Ether)
scapy.arping("192.168.43.1/24")
#simple 1-line command to perform arp request anf if the host is presented
we get a replay and represent in a easy way ,but we create a more robust code with many functionality
arp_request=scapy.ARP(pdst ="192.168.43.1/24")
#initialize a arp request packet with ip dst
#creating arp_request object with dst_ip=user_input_ip
arp_request.show()
#show the brief overview of Packet Structure
arp_request.summary()
#show just a summary of what the packet does in a one line
broadcast = scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
#create a broadcast object to have Ether frame property with dst_mac =ff:ff:ff:ff:ff:ff
arp_request_broadcast = broadcast/arp_request
#combine the Ether frame to arp_request to send
answered, unanswered = scapy.srp(arp_request_broadcast,timeout=1)
#scapy.srp to send the packet in layer2 Ether fram which returns 2 value answered,unanswered
#timeout=1 specify wait for 1 sec not till you getting replay
arp_respond = scapy.ARP(op=2,pdst="192.168.43.43",hwdst="08:00:27:70:92:1d",psrc="192.168.43.1")
#arp_respond = scapy.ARP(op="1 for request 2 for respond,pdst="victim-ip",hwdst="victim-mac",psrc="Router-ip")
print arp_respond.show()
#show the brief overview of Packet Structure
print arp_respond.summary()
#show just a summary of what the packet does in a one line
scapy.send(arp_respond)
#send the created arp packet to the specified destination
scapy.send(arp_respond,verbose=False,count=4)
#verbose is False to not display the verbose message on the screen and packet count is 4
scapy.sniff(iface = interface, store = False, prn = process_sniffed_packet)
def process_sniffed_packet(packet):
print packet
#scapy.sniff to sniff the packet in specified interface and said not to keep in buffer by store=False
#pwn meaning is owned or compromised what sniff the packet what functions to do we give process_sniffed_packet which just print the packet
packet.haslayer(scapy.Raw)
scapy_packet.haslayer(scapy.DNSRR):
#check if the packet has a layer Raw
packet[scapy.Raw].load
packet[http.HTTPRequest].Host + packet[http.HTTPRequest].Path
#return value of load in the packet
scapy_packet = scapy.IP(packet.get_payload())
#convert raw packet unreadable one into scapy packet
packet.set_payload(str(modified_packet))
#bulid a packet
del scapy_packet[scapy.IP].chksum
#del entry in the scapy packet to regenerate into new one
ack_list.append(scapy_packet[scapy.TCP].ack)
ack_list.remove(scapy_packet[scapy.TCP].seq)
#ack_list is list to store ack number in the packet
----------------------------------------------------------------------------------------------------------------------------
import time
#time module is the popular module use to calculate time of start of a program and end to sleep the program for particular time
time.sleep(2)
#program sleep for two seconds
----------------------------------------------------------------------------------------------------------------------------
import sys
#to execute sys command
sys.stdout.flush()
#flush the stdout saved in buffer
#because in thecase of dynamic printing all stdout are saved in buffer and will print after the program terminate
#this commands tells not to save in buffer print as it was
print "\r[+] send two packets "+str(count),
#this command overwrite the previous print statement and print again and again in the output by overwriting the previous value
---------------------------------------------------------------------------------------------------------------------------
Exception Handling
try:
if something error occurs except block execute
expect:
print "Error occured"
try:
a=1
while True:
print a
a=a+1
#a will be continuously printing in the output to cancelwe use ctrl+c
except KeyboardInterrupt:
print "Detected ctrl+c exiting"
----------------------------------------------------------------------------------------------------------------------------
import netfilterqueue
#pip install NetfilterQueue
#apt-get install build-essential python-dev libnetfilter-queue-dev
#capture the request packet from client and save to a queue using iptables and alter send or recieve modified packet
#convert the raw packet to scapy packet to modify the request
queue = netfilterqueue.NetfilterQueue()
#create a netfilterqueue instance
queue.bind(0,process_packet)
#blind the queue number 0 where we create a queue zero in iptables
queue.run()
#run the queue else it will not run
def process_packet(packet):
packet.accept()
#accept the packet to process else it is remains in queue forever
----------------------------------------------------------------------------------------------------------------------------