Learn Python (Part 1)
What Is Python? & Where Is Python Useful?
INFORMATION IN THIS Whole Article.
During a penetration test, we will likely encounter a situation where we need to quickly generate tools or modify exploits in order to perform network-based attacks. These attacks may occur over protocols such as Hypertext Transfer Protocol (HTTP), or they may require raw socket interaction. These are areas where Python
shines as an option in the penetration tester’s toolkit. Additionally, Python is frequently already installed on UNIX systems with most of the modules needed to interact with network services for information gathering or exploitation. In this chapter, we will leverage Python’s availability in BackTrack to demonstrate these concepts. We will use commonly installed modules to create a Web service status utility, a subnet calculator, and a basic password cracker, as well as explore Scapy, a Python tool designed to process and manipulate network
WHAT IS PYTHON?
Python is an easy-to-learn scripting language that has been gaining popularity since its origins in the early 1990s . It has become a common platform for security tools, since it is cross-platform, it is modular, and it comes with a large number of helper modules It is included in most modern Linux systems, as it has become
the backbone of numerous configuration tools and utilities. Python also has the capability to port scripts to other platforms without Python interpreters through tools such as py2exe, py2app, and cx_freeze.
Python deviates from many of the languages covered in this article, as it is whitespacesensitive.
That is to say, indentation matters, so you should be consistent.
Where do we get Python?
In this , the examples will reference the default Python modules available in the BackTrack Linux Live distribution. This is for ease of use and consistency if you want to follow along with the text, but using BackTrack is not required for an understanding of these concepts. Later versions of Python exist, but they are not as widely adopted and the differences will not be addressed by this text. Python is also available for a variety of other platforms. If you do not wish to use the BackTrack Linux Live distribution, and Python is not already installed, you can go to www.python.org to download Python or find out where to get a precompiled
Python interpreter for your platform.
WHERE IS PYTHON USEFUL?
One difference between a good penetration tester and a great penetration tester is the ability to quickly adjust to diverse situations. Python is excellent for building quick scripts to deliver exploits, manipulate well-known network protocols, and create custom network packets. The modules to create these types of scripts are widely
available, and tools such as Scapy and The Peach Fuzzing Framework provide frameworks for quickly creating custom packets and protocol fuzzing. These types of scripts can typically be written in fewer lines of code due to the minimal amount of setup required by many of the network modules, reducing the overhead for getting
started with Python network scripting. In addition, the code tends to be easy to read because proper indentation is required as part of the language.
While performing a penetration test, we may not always be working from within the context of our own operating system. By using Python’s operating-systemindependent modules for network and file interaction, we can typically perform the same tasks using the same script regardless of the host operating system. This can
save us frustration and valuable time during our penetration test.
Whether we’re testing a Web server and need to communicate via HTTP or we need to automate a task via File Transfer Protocol (FTP), Python has built-in modules to facilitate network interactions. These modules will handle all the internals of dealing with the protocols. All we’ll have to do is set up the commands and process the structured responses for what we’re trying to do. Here’s an example:We want to verify that a Web server is responding at a certain Uniform Resource Locator (URL). With Python, we can use the HTTP module in order to formulate an HTTP request for that URL. Python will return data that will allow us to determine the HTTP response code without having to do text matching or other parsing of the response.
Python ships with more than 1,000 modules and there are many repositories for finding others to install. In addition, if we build our own code, and it could be useful to others, Python makes it easy to bundle our code into a module we can share.
PyPI, The Python Package Index, at http://pypi.python.org/pypi, can be used to find additional
Python modules. Python modules can be searched, downloaded, extended, and contributed
back. When we create modules that can benefit others, this is a great place to contribute back
to the Python community.
In the BackTrack Live distribution, go to the /usr/lib/python2.5 directory to see all the available Python modules.
Reusable code that is easy to create
Code reuse is critical to productive scripting, and Python includes a number of ways to do this easily with functions, classes, and modules. Functions allow small sections of code to be reused within a particular
script, and they can be constructed so that they can be copied easily from script to script.
Classes can be created to have a set data structure with functions to deal with that data structure. These classes can be copied from one script to another in some cases, while others may be large enough that they are required to be in their own module. By using classes, we can keep our functions and data portable without worrying about what functions we might have missed. Modules usually encompass one or more classes and the functions that are required to work with them. By using a module, we don’t need to copy code at all. If
the module is installed, we have everything we need to work with the classes in that module. We also use modules to share code with others.
On a Next part we will discuss PYTHON BASICS