Pub. Date:
Elsevier Science
Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers

Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers

by TJ O'Connor


View All Available Formats & Editions
Current price is , Original price is $49.95. You
Select a Purchase Option
  • purchase options
    $38.64 $49.95 Save 23% Current price is $38.64, Original price is $49.95. You Save 23%.
  • purchase options


Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers

Violent Python shows you how to move from a theoretical understanding of offensive computing concepts to a practical implementation. Instead of relying on another attacker’s tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts. It also shows how to write code to intercept and analyze network traffic using Python, craft and spoof wireless frames to attack wireless and Bluetooth devices, and how to data-mine popular social media websites and evade modern anti-virus.

  • Demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts
  • Write code to intercept and analyze network traffic using Python. Craft and spoof wireless frames to attack wireless and Bluetooth devices
  • Data-mine popular social media websites and evade modern anti-virus

Product Details

ISBN-13: 9781597499576
Publisher: Elsevier Science
Publication date: 11/22/2012
Pages: 288
Sales rank: 225,829
Product dimensions: 7.50(w) x 9.10(h) x 0.70(d)

About the Author

TJ O’Connor is a Department of Defense expert on information security and a US Army paratrooper. While assigned as an assistant professor at the US Military Academy, TJ taught undergraduate courses on forensics, exploitation and information assurance. He twice co-coached the winning team at the National Security Agency’s annual Cyber Defense Exercise and won the National Defense University’s first annual Cyber Challenge. He has served on multiple red teams, including twice on the Northeast Regional Team for the National Collegiate Cyber Defense Competition.

TJ holds a Master of Science degree in Computer Science from North Carolina State, a Master of Science degree in Information Security Engineering from the SANS Technical Institute, and a Bachelor of Science degree in Computer Science from the US Military Academy. He has published technical research at USENIX workshops, ACM conferences, security conferences, the SANS Reading Room, the Internet Storm Center, the Army Magazine, and the Armed Forces Journal. He holds expert cyber security credentials, including the prestigious GIAC Security Expert (GSE) and Offensive Security Certified Expert (OSCE). TJ is a member of the elite SANS Red and Blue Team Cyber Guardians.

TJ O'Connor is an active duty Army Major and former faculty member at the United States Military Academy, where he taught courses on forensics, exploitation, and information assurance. He has published research at USENIX workshops, ACM Conferences, and spoken at various security conferences, including ShmooCon. He has participated in numerous cyber defense exercises, including winning the National Defense University Cyber Challenge, coaching the winning team at the National Security Agency's Cyber Defense Exercise and working as a red team member of the Northeast Regional Collegiate Cyber Defense Competition. He has earned the SANS Certifications GIAC Gold certifications in GCFA, GCIH, GSEC, GCIA, and holds other GIAC certifications.

Read an Excerpt

Violent Python

A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers

By TJ. O'Connor

Elsevier Science

Copyright © 2013 Elsevier, Inc.
All rights reserved.
ISBN: 978-1-59749-964-4


<h2>CHAPTER 1</h2> <p>Introduction</p> <br> <p>CONTENTS<br> <br> Introduction:<br> A Penetration Test<br> with Python 1<br> Setting Up Your<br> Development<br> Environment 2<br> <i>Installing Third Party<br> Libraries 3<br> Interpreted Python<br> Versus Interactive<br> Python 5</i><br> The Python<br> Language 6<br> <i>Variables 7<br> Strings 7<br> Lists 8<br> Dictionaries 9<br> Networking 9<br> Selection 10<br> Exception Handling 10<br> Functions 12<br> Iteration 14<br> File I/O 16<br> Sys Module 17<br> OS Module 18</i><br> Your First Python<br> Programs 20<br> <i>Setting the Stage for<br> Your First Python<br> Program:<br> The Cuckoo's Egg 20<br> Your First Program, a<br> UNIX Password<br> Cracker 21<br> Setting the Stage for<br> Your Second Program:<br> Using Evil for Good 24<br> Your Second Program,<br> a Zip-File Password<br> Cracker 24</i><br> Chapter Wrap-Up 29<br> References 29<br></p> <br> <p><b>INFORMATION IN THIS CHAPTER:</b></p> <p>* Setting up a Development Environment for Python</p> <p>* Introduction to the Python Programming Language</p> <p>* An Explanation of Variables, Data types, Strings, Lists, Dictionaries, Functions</p> <p>* Work with Networking, Iteration, Selection, Exception Handling and Modules</p> <p>* Write Your First Python Program, a Dictionary Password Cracker</p> <p>* Write Your Second Python Program, a Zipfile Brute-Force Cracker</p> <br> <p>To me, the extraordinary aspect of martial arts lies in its simplicity. The easy way is also the right way, and martial arts is nothing at all special; the closer to the true way of martial arts, the less wastage of expression there is. – Master Bruce Lee, Founder, Jeet Kune Do</p> <br> <p><b>INTRODUCTION: A PENETRATION TEST WITH PYTHON</b></p> <p>Recently, a friend of mine penetration tested a Fortune 500 company's computer security system. While the company had established and maintained an excellent security scheme, he eventually found a vulnerability in an unpatched server. Within a few minutes, he used open source tools to compromise the system and gained administrative access to it. He then scanned the remaining servers as well as the clients and did not discover any additional vulnerabilities. At this point his assessment ended and the true penetration test began.</p> <p>Opening the text editor of his choice, my friend wrote a Python script to test the credentials found on the vulnerable server against the remainder of the machines on the network. Literally, minutes later, he gained administrative access to over one thousand machines on the network. However, in doing so, he was subsequently presented with an unmanageable problem. He knew the system administrators would notice his attack and deny him access so he quickly used some triage with the exploited machines in order to find out where to install a persistent backdoor.</p> <p>After examining his pentest engagement document, my friend realized that his client placed a high level of importance on securing the domain controller. Knowing the administrator logged onto the domain controller with a completely separate administrator account, my friend wrote a small script to check a thousand machines for logged on users. A little while later, my friend was notified when the domain administrator logged onto one of the machines. His triage essentially complete, my friend now knew where to continue his assault.</p> <p>My friend's ability to quickly react and think creatively under pressure made him a penetration tester. He forged his own tools out of short scripts in order to successfully compromise the Fortune 500 Company. A small Python script granted him access to over one thousand workstations. Another small script allowed him to triage the one thousand workstations before an adept administrator disconnected his access. Forging your own weapons to solve your own problems makes you a true penetration tester.</p> <p>Let us begin our journey of learning how to build our own tools, by installing our development environment.</p> <br> <p><b>SETTING UP YOUR DEVELOPMENT ENVIRONMENT</b></p> <p>The Python download site (<b></b>) provides a repository of Python installers for Windows, Mac OS X, and Linux Operating Systems. If you are running Mac OS X or Linux, odds are the Python interpreter is already installed on your ssystem. Downloading an installer provides a programmer with the Python interpreter, the standard library, and several built-in modules. The Python standard library and built-in modules provide an extensive range of capabilities, including built-in data types, exception handling, numeric, and math moddules, file-handling capabilities, cryptographic services, interoperability with the operating system, Internet data handling, and interaction with IP protocols, among many other useful modules. However, a programmer can easily install any third-party packages. A comprehensive list of third-party pacccckages is available at <b>http://pypi.</b></p> <br> <p><b>Installing Third Party Libraries</b></p> <p>In Chapter two, we will utilize the python-nmap package to handle parsing of nmap results. The following example depicts how to download and install the python-nmap package (or any package, really). Once we have saved the package to a local file, we uncompress the contents and change into the uncompressed directory. From that working directory, we issue the command <i>python install</i>, which installs the python-nmap package. Installing most third-party packages will follow the same steps of downloading, uncompressing, and then issuing the command <i>python install</i>.</p> <p>programmer:# wget<br> map.tar.gz<br> —2012-04-24 15:51:51—<br> python-nmap-0.2.4.tar.gz<br> Resolving ...<br> Connecting to||:80 ... connected.<br> HTTP request sent, awaiting response ... 200 OK<br> Length: 29620 (29K) [application/x-gzip]<br> Saving to: 'nmap.tar.gz'<br> 100%[==================================================<br> =======================================================<br> =============>] 29,620 60.8K/s in 0.5s<br> 2012-04-24 15:51:52 (60.8 KB/s) - 'nmap.tar.gz' saved [29620/29620] programmer:# tar -xzf nmap.tar.gz<br> programmer:# cd python-nmap-0.2.4/<br> programmer:/python-nmap-0.2.4# python install<br> running install<br> running build<br> running build_py<br> creating build<br> creating build/lib.linux-x86_64-2.6<br> creating build/lib.linux-x86_64-2.6/nmap<br> copying nmap/ -> build/lib.linux-x86_64-2.6/nmap<br> copying nmap/ -> build/lib.linux-x86_64-2.6/nmap<br> copying nmap/ -> build/lib.linux-x86_64-2.6/nmap<br> running install_lib<br> creating /usr/local/lib/python2.6/dist-packages/nmap<br> copying build/lib.linux-x86_64-2.6/nmap/ -> /usr/local/lib/<br> python2.6/dist-packages/nmap<br> copying build/lib.linux-x86_64-2.6/nmap/ -> /usr/local/lib/<br> python2.6/dist-packages/nmap<br> copying build/lib.linux-x86_64-2.6/nmap/ -> /usr/local/lib/<br> python2.6/dist-packages/nmap<br> byte-compiling /usr/local/lib/python2.6/dist-packages/nmap/<br> to __init__.pyc<br> byte-compiling /usr/local/lib/python2.6/dist-packages/nmap/<br> to example.pyc<br> byte-compiling /usr/local/lib/python2.6/dist-packages/nmap/ to<br> nmap.pyc<br> running install_egg_info<br> Writing /usr/local/lib/python2.6/dist-packages/python_nmap-0.2.4.egginfo<br></p> <br> <p>To make installing Python packages even easier, Python setuptools provides a Python module called easy_install. Running the easy installer module followed by the name of the package to install will search through Python repositories to find the package, download it if found, and install it automatically.</p> <p>programmer: # easy_install python-nmap<br> Searching for python-nmap<br> Reading<br> Reading<br> Best match: python-nmap 0.2.4<br> Downloading<br> Processing python-nmap-0.2.4.tar.gz<br> Running python-nmap-0.2.4/ -q bdist_egg —dist-dir /tmp/easy_<br> install-rtyUSS/python-nmap-0.2.4/egg-dist-tmp-EOPENs<br> zip_safe flag not set; analyzing archive contents ... <br> Adding python-nmap 0.2.4 to easy-install.pth file<br> Installed /usr/local/lib/python2.6/dist-packages/python_nmap-0.2.4py2.6.egg<br> Processing dependencies for python-nmap<br> Finished processing dependencies for python-nmap<br></p> <br> <p>To rapidly establish a development environment, we suggest you download a copy of the latest BackTrack Linux Penetration Testing Distribution from <b></b>. The distribution provides a wealth of tools for penetration testing, along with forensic, web, network analysis, and wireless attacks. Several of the following examples will rely on tools or libraries that are already a part of the BackTrack distribution. When an example in the book requires a third-party package outside of the standard library and built-in modules, the text will provide a download site.</p> <p>When setting up a developmental environment, it may prove useful to download all of these third-party modules before beginning. On Backtrack, you can install the additional required libraries with easy_install by issuing the following command. This will install most of the required libraries for the examples under Linux.</p> <p>programmer: # easy_install pyPdf python-nmap pygeoip mechanize BeautifulSoup4</p> <br> <p>Chapter five requires some specific Bluetooth libraries that are not available from easy_install. You can use the aptitude package manager to download and install these librariers.</p> <p>attacker# apt-get install python-bluez bluetooth python-obexftp<br> Reading package lists ... Done<br> Building dependency tree<br> Reading state information ... Done<br> <..SNIPPED..> <br> Unpacking bluetooth (from ... /bluetooth_4.60-0ubuntu8_all.deb)<br> Selecting previously deselected package python-bluez.<br> Unpacking python-bluez (from .../python-bluez_0.18-1_amd64.deb)<br> Setting up bluetooth (4.60-0ubuntu8) ...<br> Setting up python-bluez (0.18-1) ...<br> Processing triggers for python-central .<br></p> <br> <p>Additionally, a few examples in Chapter five and seven require a Windows installation of Python. For the latest Python Windows Installer, visit <b>http://</b>.</p> <p>In recent years, the source code for Python has forked into two stable branches-2.x, and 3.x. The original author of Python, Guido van Rossum, sought to clean up the code to make the language more consistent. This action intentionally broke backward compatibility with the Python 2.x release. For example, the author replaced the print statement in Python 2.x with a print() function that required arguments as parameters. The examples contained in the following chapter are meant for the 2.x branch. At the time of this book's publication, BackTrack 5 R2 offered Python 2.6.5 as the stable version of Python.</p> <p>programmer# python -V<br> Python 2.6.5<br></p> <br> <p><b>Interpreted Python Versus Interactive Python</b></p> <p>Similar to other scripting languages, Python is an interpreted language. At runtime an interpreter processes the code and executes it. To demonstrate the use of the Python interpreter, we write print "Hello World" to a file with a .py extension. To interpreter this new script, we invoke the Python interpreter followed by the name of the newly created script.</p> <p>programmer# echo print \"Hello World\" ><br> programmer# python<br> Hello World<br></p> <br> <p>Additionally, Python provides interactive capability. A programmer can invoke the Python interpreter and interact with the interpreter directly. To start the interpreter, the programmer executes python with no arguments. Next, the interpreter presents the programmer with a >>> prompt, indicating it can accept a command. Here, the programmer again types print <i>"Hello World."</i> Upon hitting return, the Python interactive interpreter immediately executes the statement.

Excerpted from Violent Python by TJ. O'Connor. Copyright © 2013 by Elsevier, Inc.. Excerpted by permission of Elsevier Science.
All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.

Table of Contents

1. Introduction

2. Penetration Testing with Python

3. Forensic Investigations with Python

4. Network Traffic Analysis with Python

5. Wireless Mayhem with Python

6. Web Recon with Python

7. Antivirus Evasion with Python

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews