Hey guys I’m making a post on Devember. which if you guys don’t know what that is already you can check out the post around the form about it. In essence we’re going to do something with code it doesn’t matter what it is it just matters that we are learning something. I’m not going to be developing anything revolutionary here so if that’s what you were looking for I would tune out. I’m here to learn something and learn a lot about a very very powerful language that I have largely missed the chance of learning while I was in university. To be clear the academic environment is great but it has a lot of shortcomings especially on the computer science end and they don’t really teach you so much mathematics and algorithms as much as they teach you programming and good syntax. Largely most universities will attack the ladder because it’s important to establish good coding practices and they assume that you’ll learn the rest on your own. It’s a rather bad assumption because it’s nice to be able to learn those kinds of things in an academic environment however I digress and that’s not the point of this post.
All credit goes to @admindev for showing me these.
Gray Hat Python: Python Programming for Hackers and Reverse Engineers https://www.amazon.com/dp/1593271921/ref=cm_sw_r_other_apa_i_nYA6DbSNNPQ2A
Black Hat Python: Python Programming for Hackers and Pentesters https://www.amazon.com/dp/1593275900/ref=cm_sw_r_other_apa_i_p0A6DbRN889A3
Before I say anything further I want to preface that this is purely for educational reasons and I’m performing all programming internally and it does not leave my own network. Talking about actually attacking machines or machines that aren’t ours are things that would be against forum rules. I will not tolerate this behavior in this post. We’re not here to go ultra l33t hacker mode. Which unfortunately the term hacker has been warped by the media. Anyways not the point of this post again .
This is not my first programming language so I’m not going to start at the ultra new beginner level of python. well I don’t know Python very well and I’m just beginning with Python I’ve got skills and a lot of other languages already especially the low level so I’m not too particularly worried about picking up good coding skills or good practices. That said those are important and I want you to realize this.
So why did I decide to do this? well I’ve used penetration testing tools before but to really understand what you’re doing to a system and to enumerate it effectively and to mount an effective attack you should really understand the underlying mechanisms behind your tools.
This post is going to follow my journey through these books and unfortunately with that journey comes me posting what is within the books however I am not going to post their text because I feel that that’s really undercutting the books since they are up for sale. However you wish to acquire it is your own deal. please do not link free PDFs to the books I know they exist but again it’s against forum rules.
The layout of this post is going to be blog style anybody may chime in at any point during the coding but at least once a day or at least, I will strive to do once a day is a post within or a reply within this post to show my progress through this learning journey. It’s also to partially hold myself accountable so that I do something everyday. After all if you want to learn something you got to form a habit of attacking it a little by little everyday.
So let me talk a little bit about penetration testing for those who don’t know. Penetration testing usually incorporates about five stages in the entire process at least that’s how I view it. Your first stage is your cyber reconnaissance stage. Your second stage is to probe and enumerate a system because you want to understand how a target system will respond to intrusions. of course the next step after this is to gain access to the system and there are a variety of methods and vulnerabilities that you can use to exploit the system. A lot of the times today we’re seeing more and more phishing attacks and these are considered web application or social engineering type attacks. In any case whatever method you use that’s your third step. Your fourth step is finding a way to maintain your access to the target system. The problem is when you gain access any good sysadmin will be able to mitigate and lock you out and make sure that you can’t get back in so you want to see if there are any further vulnerabilities that allow you to maintain access to that system.
And finally your fifth step depending on the side of the hat you’re on and what I mean by this is whether you’re white gray or black we’re not talking about black here… Irregardless you’ll want to jot down the specific vulnerabilities that we’re exploited, The sensitive data that was accessed and the amount of time you took to do it
This sounds completely frivolous if you’re just learning by yourself like me but here’s the deal If you ever want to take these skills to the private sector or to your job or whatever job opportunity you may be looking at this is something you’re going to have to do. Especially as a role is the gray hat (security consultant red team) or as the white hat (blue team) penetration tester.
So now you get a very brief idea of what this industry involves. Let’s attack specifically why I think learning a language for this purpose is also important.
There’s actually a very good utility that the book itself references and that’s netcat. The book calls this tool the utility knife of networking and this is a very true statement. So if there’s a tool out there why do I care to program it?
Well what the system you’re attacking doesn’t have it and you’ve maintained access to this system so you want to exploit other systems within the internal network. Well the only way you’re going to be able to do that especially if you don’t want it logged is to not have to use a utility on the server that requires sudo. Downloading and installing applications require sudo. So why not create the tool within Python and run the Python script?
That’s what these books are about Black hat gets a little darker and it gets a WAY more illegal if you’re not doing it on your own systems. Gray hat is hit or miss legality wise, BUT AGAIN THIS IS FOR EDUCATIONAL PURPOSES AND YOU DO IT ON YOUR OWN SYSTEM
I’m going to use these books as if I’m a beginner. I want to learn it well. Admindev feel free to completely point out how I’m wrong in every way about things I just said. And if you want point me out everywhere I go wrong throughout December . I’d rather learn the right way then to go on a false premise.
Without further ado let me begin this post with creating sockets within a python script. And also replacing netcat but I may not likely get to this tonight!
December 5th//Thursday//2000 TANGO
So we need a python development environment. Im very traditional, a terminal and a compiler work for me. Ive gotten good at debugging assembly code so LOL. no IDE is not scary to me.
The book uses python 2 so I am going to as well. In order to install this on ubuntu you will require the python-minimal package. This is how it should go on Ubuntu 18.04
heimdallr@rig:~$ sudo apt install python-minimal
[sudo] password for heimdallr:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
libpython-stdlib python python2.7 python2.7-minimal
Suggested packages:
python-doc python-tk python2.7-doc binfmt-support
The following NEW packages will be installed:
libpython-stdlib python python-minimal python2.7 python2.7-minimal
0 upgraded, 5 newly installed, 0 to remove and 7 not upgraded.
Need to get 176 kB/1,710 kB of archives.
After this operation, 4,984 kB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://mirror.enzu.com/ubuntu bionic/main amd64 python-minimal amd64 2.7.15~rc1-1 [28.1 kB]
Get:2 http://mirror.enzu.com/ubuntu bionic/main amd64 libpython-stdlib amd64 2.7.15~rc1-1 [7,620 B]
Get:3 http://mirror.enzu.com/ubuntu bionic/main amd64 python amd64 2.7.15~rc1-1 [140 kB]
Fetched 176 kB in 0s (648 kB/s)
Selecting previously unselected package python2.7-minimal.
(Reading database ... 372814 files and directories currently installed.)
Preparing to unpack .../python2.7-minimal_2.7.15-4ubuntu4~18.04.2_amd64.deb ...
Unpacking python2.7-minimal (2.7.15-4ubuntu4~18.04.2) ...
Selecting previously unselected package python-minimal.
Preparing to unpack .../python-minimal_2.7.15~rc1-1_amd64.deb ...
Unpacking python-minimal (2.7.15~rc1-1) ...
Selecting previously unselected package python2.7.
Preparing to unpack .../python2.7_2.7.15-4ubuntu4~18.04.2_amd64.deb ...
Unpacking python2.7 (2.7.15-4ubuntu4~18.04.2) ...
Selecting previously unselected package libpython-stdlib:amd64.
Preparing to unpack .../libpython-stdlib_2.7.15~rc1-1_amd64.deb ...
Unpacking libpython-stdlib:amd64 (2.7.15~rc1-1) ...
Setting up python2.7-minimal (2.7.15-4ubuntu4~18.04.2) ...
Linking and byte-compiling packages for runtime python2.7...
Setting up python-minimal (2.7.15~rc1-1) ...
Selecting previously unselected package python.
(Reading database ... 372871 files and directories currently installed.)
Preparing to unpack .../python_2.7.15~rc1-1_amd64.deb ...
Unpacking python (2.7.15~rc1-1) ...
Setting up python2.7 (2.7.15-4ubuntu4~18.04.2) ...
Setting up libpython-stdlib:amd64 (2.7.15~rc1-1) ...
Setting up python (2.7.15~rc1-1) ...
Processing triggers for desktop-file-utils (0.23-1ubuntu3.18.04.2) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for gnome-menus (3.13.3-11ubuntu1.1) ...
Processing triggers for mime-support (3.60ubuntu1) ...
Verify the version:
heimdallr@rig:~$ python --version
Python 2.7.15+
heimdallr@rig:~$
Alright cool lets step and not tread on the snake (unintention anpython joke).
Let make sure its working: lol
yay. Lame I know but its always good.
For the record if you want to do this the wget way and compile/make way you will need to export your path in bash if this doesnt work
Alright so the book instructs on how to create a TCP client. However for beginners it doesnt tell you why we are doing certain things.
Here is the code I used from the book albeit slightly modified so not to copy it verbatim. Again please pay for it. I did its only 20 bucks you can too!
The simple TCP client is as follows but me being curious I extended this by creating an HTTPS client which will follow. I have commented the code more to explain what the parameters are. Furthermore why not try an extend it to AF_INET6? IPV6 will be a thing sooner or later. I will make you type it by showing screenshots of the code.
Output:
Cool we got the reponses we accepted. Also we learned duck duck go still accepts IE8+ requests in 2019 LOOOL! Ever wonder how those catches work for your browser. Theres the code in doctype
Onto SSL
So before we get SSL working which is the basis for HTTPS we need to realize that python 2.7 is unlikely compiled with support for it. So please engage my guess and check below to get it working. I no kidding spit ball sometimes because I have been on too many distros and cant remember. So Ill post the un-edited terminal for your LOL pleasure.
heimdallr@rig:~/Heimasnake$ sudo pip install pyopenssl
[sudo] password for heimdallr:
sudo: pip: command not found
heimdallr@rig:~/Heimasnake$ sudo apt install pip
pipebench pipenightdreams-data pipsi
pipemeter pipewalker
pipenightdreams pipexec
heimdallr@rig:~/Heimasnake$ sudo apt install pip
pipebench pipenightdreams-data pipsi
pipemeter pipewalker
pipenightdreams pipexec
heimdallr@rig:~/Heimasnake$ sudo apt install pip
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package pip
heimdallr@rig:~/Heimasnake$ sudo apt install pyth
Display all 6202 possibilities? (y or n)
heimdallr@rig:~/Heimasnake$ sudo apt install python-pi
python-picklable-itertools python-pil.imagetk-dbg
python-pickleshare python-pilkit
python-piggyphoto python-pint
python-pika python-pint-doc
python-pika-doc python-pip
python-pika-pool python-pip-whl
python-pil python-pisock
python-pil-dbg python-pisock-dbg
python-pil-doc python-piston-mini-client
python-pil.imagetk python-pivy
heimdallr@rig:~/Heimasnake$ sudo apt install python-pi
python-picklable-itertools python-pil.imagetk-dbg
python-pickleshare python-pilkit
python-piggyphoto python-pint
python-pika python-pint-doc
python-pika-doc python-pip
python-pika-pool python-pip-whl
python-pil python-pisock
python-pil-dbg python-pisock-dbg
python-pil-doc python-piston-mini-client
python-pil.imagetk python-pivy
heimdallr@rig:~/Heimasnake$ sudo apt install python-pip
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
libexpat1-dev libpython-all-dev libpython-dev libpython2.7-dev python-all
python-all-dev python-asn1crypto python-cffi-backend python-crypto
python-cryptography python-dbus python-dev python-enum34 python-gi
python-idna python-ipaddress python-keyring python-keyrings.alt
python-pip-whl python-pkg-resources python-secretstorage python-setuptools
python-six python-wheel python-xdg python2.7-dev
Suggested packages:
python-crypto-doc python-cryptography-doc python-cryptography-vectors
python-dbus-dbg python-dbus-doc python-enum34-doc python-gi-cairo
libkf5wallet-bin gir1.2-gnomekeyring-1.0 python-fs python-gdata
python-keyczar python-secretstorage-doc python-setuptools-doc
The following NEW packages will be installed:
libexpat1-dev libpython-all-dev libpython-dev libpython2.7-dev python-all
python-all-dev python-asn1crypto python-cffi-backend python-crypto
python-cryptography python-dbus python-dev python-enum34 python-gi
python-idna python-ipaddress python-keyring python-keyrings.alt python-pip
python-pip-whl python-pkg-resources python-secretstorage python-setuptools
python-six python-wheel python-xdg python2.7-dev
0 upgraded, 27 newly installed, 0 to remove and 7 not upgraded.
Need to get 32.1 MB of archives.
After this operation, 53.6 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://mirror.enzu.com/ubuntu bionic-updates/main amd64 libexpat1-dev amd64 2.2.5-3ubuntu0.2 [122 kB]
Get:2 http://mirror.enzu.com/ubuntu bionic-updates/main amd64 libpython2.7-dev amd64 2.7.15-4ubuntu4~18.04.2 [28.3 MB]
Get:3 http://mirror.enzu.com/ubuntu bionic/main amd64 libpython-dev amd64 2.7.15~rc1-1 [7,684 B]
Get:4 http://mirror.enzu.com/ubuntu bionic/main amd64 libpython-all-dev amd64 2.7.15~rc1-1 [1,092 B]
Get:5 http://mirror.enzu.com/ubuntu bionic/main amd64 python-all amd64 2.7.15~rc1-1 [1,076 B]
Get:6 http://mirror.enzu.com/ubuntu bionic-updates/main amd64 python2.7-dev amd64 2.7.15-4ubuntu4~18.04.2 [276 kB]
Get:7 http://mirror.enzu.com/ubuntu bionic/main amd64 python-dev amd64 2.7.15~rc1-1 [1,256 B]
Get:8 http://mirror.enzu.com/ubuntu bionic/main amd64 python-all-dev amd64 2.7.15~rc1-1 [1,100 B]
Get:9 http://mirror.enzu.com/ubuntu bionic/main amd64 python-asn1crypto all 0.24.0-1 [72.7 kB]
Get:10 http://mirror.enzu.com/ubuntu bionic/main amd64 python-cffi-backend amd64 1.11.5-1 [63.4 kB]
Get:11 http://mirror.enzu.com/ubuntu bionic/main amd64 python-crypto amd64 2.6.1-8ubuntu2 [244 kB]
Get:12 http://mirror.enzu.com/ubuntu bionic/main amd64 python-enum34 all 1.1.6-2 [34.8 kB]
Get:13 http://mirror.enzu.com/ubuntu bionic/main amd64 python-idna all 2.6-1 [32.4 kB]
Get:14 http://mirror.enzu.com/ubuntu bionic/main amd64 python-ipaddress all 1.0.17-1 [18.2 kB]
Get:15 http://mirror.enzu.com/ubuntu bionic/main amd64 python-six all 1.11.0-2 [11.3 kB]
Get:16 http://mirror.enzu.com/ubuntu bionic-updates/main amd64 python-cryptography amd64 2.1.4-1ubuntu1.3 [221 kB]
Get:17 http://mirror.enzu.com/ubuntu bionic/main amd64 python-dbus amd64 1.2.6-1 [90.2 kB]
Get:18 http://mirror.enzu.com/ubuntu bionic-updates/main amd64 python-gi amd64 3.26.1-2ubuntu1 [197 kB]
Get:19 http://mirror.enzu.com/ubuntu bionic/main amd64 python-secretstorage all 2.3.1-2 [11.8 kB]
Get:20 http://mirror.enzu.com/ubuntu bionic/main amd64 python-keyring all 10.6.0-1 [30.6 kB]
Get:21 http://mirror.enzu.com/ubuntu bionic/main amd64 python-keyrings.alt all 3.0-1 [16.7 kB]
Get:22 http://mirror.enzu.com/ubuntu bionic-updates/universe amd64 python-pip-whl all 9.0.1-2.3~ubuntu1.18.04.1 [1,653 kB]
Get:23 http://mirror.enzu.com/ubuntu bionic-updates/universe amd64 python-pip all 9.0.1-2.3~ubuntu1.18.04.1 [151 kB]
Get:24 http://mirror.enzu.com/ubuntu bionic/main amd64 python-pkg-resources all 39.0.1-2 [128 kB]
Get:25 http://mirror.enzu.com/ubuntu bionic/main amd64 python-setuptools all 39.0.1-2 [329 kB]
Get:26 http://mirror.enzu.com/ubuntu bionic/universe amd64 python-wheel all 0.30.0-0.2 [36.4 kB]
Get:27 http://mirror.enzu.com/ubuntu bionic/universe amd64 python-xdg all 0.25-4ubuntu1 [31.3 kB]
Fetched 32.1 MB in 2s (14.9 MB/s)
Selecting previously unselected package libexpat1-dev:amd64.
(Reading database ... 372923 files and directories currently installed.)
Preparing to unpack .../00-libexpat1-dev_2.2.5-3ubuntu0.2_amd64.deb ...
Unpacking libexpat1-dev:amd64 (2.2.5-3ubuntu0.2) ...
Selecting previously unselected package libpython2.7-dev:amd64.
Preparing to unpack .../01-libpython2.7-dev_2.7.15-4ubuntu4~18.04.2_amd64.deb ...
Unpacking libpython2.7-dev:amd64 (2.7.15-4ubuntu4~18.04.2) ...
Selecting previously unselected package libpython-dev:amd64.
Preparing to unpack .../02-libpython-dev_2.7.15~rc1-1_amd64.deb ...
Unpacking libpython-dev:amd64 (2.7.15~rc1-1) ...
Selecting previously unselected package libpython-all-dev:amd64.
Preparing to unpack .../03-libpython-all-dev_2.7.15~rc1-1_amd64.deb ...
Unpacking libpython-all-dev:amd64 (2.7.15~rc1-1) ...
Selecting previously unselected package python-all.
Preparing to unpack .../04-python-all_2.7.15~rc1-1_amd64.deb ...
Unpacking python-all (2.7.15~rc1-1) ...
Selecting previously unselected package python2.7-dev.
Preparing to unpack .../05-python2.7-dev_2.7.15-4ubuntu4~18.04.2_amd64.deb ...
Unpacking python2.7-dev (2.7.15-4ubuntu4~18.04.2) ...
Selecting previously unselected package python-dev.
Preparing to unpack .../06-python-dev_2.7.15~rc1-1_amd64.deb ...
Unpacking python-dev (2.7.15~rc1-1) ...
Selecting previously unselected package python-all-dev.
Preparing to unpack .../07-python-all-dev_2.7.15~rc1-1_amd64.deb ...
Unpacking python-all-dev (2.7.15~rc1-1) ...
Selecting previously unselected package python-asn1crypto.
Preparing to unpack .../08-python-asn1crypto_0.24.0-1_all.deb ...
Unpacking python-asn1crypto (0.24.0-1) ...
Selecting previously unselected package python-cffi-backend.
Preparing to unpack .../09-python-cffi-backend_1.11.5-1_amd64.deb ...
Unpacking python-cffi-backend (1.11.5-1) ...
Selecting previously unselected package python-crypto.
Preparing to unpack .../10-python-crypto_2.6.1-8ubuntu2_amd64.deb ...
Unpacking python-crypto (2.6.1-8ubuntu2) ...
Selecting previously unselected package python-enum34.
Preparing to unpack .../11-python-enum34_1.1.6-2_all.deb ...
Unpacking python-enum34 (1.1.6-2) ...
Selecting previously unselected package python-idna.
Preparing to unpack .../12-python-idna_2.6-1_all.deb ...
Unpacking python-idna (2.6-1) ...
Selecting previously unselected package python-ipaddress.
Preparing to unpack .../13-python-ipaddress_1.0.17-1_all.deb ...
Unpacking python-ipaddress (1.0.17-1) ...
Selecting previously unselected package python-six.
Preparing to unpack .../14-python-six_1.11.0-2_all.deb ...
Unpacking python-six (1.11.0-2) ...
Selecting previously unselected package python-cryptography.
Preparing to unpack .../15-python-cryptography_2.1.4-1ubuntu1.3_amd64.deb ...
Unpacking python-cryptography (2.1.4-1ubuntu1.3) ...
Selecting previously unselected package python-dbus.
Preparing to unpack .../16-python-dbus_1.2.6-1_amd64.deb ...
Unpacking python-dbus (1.2.6-1) ...
Selecting previously unselected package python-gi.
Preparing to unpack .../17-python-gi_3.26.1-2ubuntu1_amd64.deb ...
Unpacking python-gi (3.26.1-2ubuntu1) ...
Selecting previously unselected package python-secretstorage.
Preparing to unpack .../18-python-secretstorage_2.3.1-2_all.deb ...
Unpacking python-secretstorage (2.3.1-2) ...
Selecting previously unselected package python-keyring.
Preparing to unpack .../19-python-keyring_10.6.0-1_all.deb ...
Unpacking python-keyring (10.6.0-1) ...
Selecting previously unselected package python-keyrings.alt.
Preparing to unpack .../20-python-keyrings.alt_3.0-1_all.deb ...
Unpacking python-keyrings.alt (3.0-1) ...
Selecting previously unselected package python-pip-whl.
Preparing to unpack .../21-python-pip-whl_9.0.1-2.3~ubuntu1.18.04.1_all.deb ...
Unpacking python-pip-whl (9.0.1-2.3~ubuntu1.18.04.1) ...
Selecting previously unselected package python-pip.
Preparing to unpack .../22-python-pip_9.0.1-2.3~ubuntu1.18.04.1_all.deb ...
Unpacking python-pip (9.0.1-2.3~ubuntu1.18.04.1) ...
Selecting previously unselected package python-pkg-resources.
Preparing to unpack .../23-python-pkg-resources_39.0.1-2_all.deb ...
Unpacking python-pkg-resources (39.0.1-2) ...
Selecting previously unselected package python-setuptools.
Preparing to unpack .../24-python-setuptools_39.0.1-2_all.deb ...
Unpacking python-setuptools (39.0.1-2) ...
Selecting previously unselected package python-wheel.
Preparing to unpack .../25-python-wheel_0.30.0-0.2_all.deb ...
Unpacking python-wheel (0.30.0-0.2) ...
Selecting previously unselected package python-xdg.
Preparing to unpack .../26-python-xdg_0.25-4ubuntu1_all.deb ...
Unpacking python-xdg (0.25-4ubuntu1) ...
Setting up python-idna (2.6-1) ...
Setting up python-pip-whl (9.0.1-2.3~ubuntu1.18.04.1) ...
Setting up python-asn1crypto (0.24.0-1) ...
Setting up python-crypto (2.6.1-8ubuntu2) ...
Setting up python-wheel (0.30.0-0.2) ...
Setting up python-pkg-resources (39.0.1-2) ...
Setting up python-cffi-backend (1.11.5-1) ...
Setting up python-gi (3.26.1-2ubuntu1) ...
Setting up python-six (1.11.0-2) ...
Setting up python-enum34 (1.1.6-2) ...
Setting up libexpat1-dev:amd64 (2.2.5-3ubuntu0.2) ...
Setting up libpython2.7-dev:amd64 (2.7.15-4ubuntu4~18.04.2) ...
Setting up python-dbus (1.2.6-1) ...
Setting up python-ipaddress (1.0.17-1) ...
Setting up python-pip (9.0.1-2.3~ubuntu1.18.04.1) ...
Setting up python2.7-dev (2.7.15-4ubuntu4~18.04.2) ...
Setting up python-all (2.7.15~rc1-1) ...
Setting up python-xdg (0.25-4ubuntu1) ...
Setting up libpython-dev:amd64 (2.7.15~rc1-1) ...
Setting up python-setuptools (39.0.1-2) ...
Setting up python-dev (2.7.15~rc1-1) ...
Setting up libpython-all-dev:amd64 (2.7.15~rc1-1) ...
Setting up python-keyrings.alt (3.0-1) ...
Setting up python-all-dev (2.7.15~rc1-1) ...
Setting up python-cryptography (2.1.4-1ubuntu1.3) ...
Setting up python-secretstorage (2.3.1-2) ...
Setting up python-keyring (10.6.0-1) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
heimdallr@rig:~/Heimasnake$ sudo apt-get install libssl-dev libffi-dev
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
libssl-doc
The following NEW packages will be installed:
libffi-dev libssl-dev
0 upgraded, 2 newly installed, 0 to remove and 7 not upgraded.
Need to get 1,722 kB of archives.
After this operation, 8,208 kB of additional disk space will be used.
Get:1 http://mirror.enzu.com/ubuntu bionic-updates/main amd64 libssl-dev amd64 1.1.1-1ubuntu2.1~18.04.5 [1,566 kB]
Get:2 http://mirror.enzu.com/ubuntu bionic/main amd64 libffi-dev amd64 3.2.1-8 [156 kB]
Fetched 1,722 kB in 0s (3,774 kB/s)
Selecting previously unselected package libssl-dev:amd64.
(Reading database ... 373896 files and directories currently installed.)
Preparing to unpack .../libssl-dev_1.1.1-1ubuntu2.1~18.04.5_amd64.deb ...
Unpacking libssl-dev:amd64 (1.1.1-1ubuntu2.1~18.04.5) ...
Selecting previously unselected package libffi-dev:amd64.
Preparing to unpack .../libffi-dev_3.2.1-8_amd64.deb ...
Unpacking libffi-dev:amd64 (3.2.1-8) ...
Setting up libssl-dev:amd64 (1.1.1-1ubuntu2.1~18.04.5) ...
Setting up libffi-dev:amd64 (3.2.1-8) ...
Processing triggers for install-info (6.5.0.dfsg.1-2) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
heimdallr@rig:~/Heimasnake$ python
Python 2.7.15+ (default, Oct 7 2019, 17:39:04)
[GCC 7.4.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import socket
>>> socket.ssl
<function ssl at 0x7fec1fafe398>
>>>
Glad I some how fumbled through that. LOL sudo apt install pip
COME ON r00tz! Its never that easy. SMH
This part lent itself to being a ton easier with the use of libraries!
This should be your expected reponse.
Okay so we have built a TCP4 client and an HTTPS client. Pretty cool huh? Ignore my screw up of overwriting my last script in the terminal. Shit happens! LOL.
Time to take off the books training wheels!
Alright so how to make a TCP6 client. As you can guess it isnt that difficult. Lets take the code we learned in the original TCP client and expand it to TCP6 or better yet we can take it a step further and create something to maintain access (not really but could be useful). Lets expand our knowledge to create a TCP6 client-server and echo! on a localhost of course because this would be created on the target system
However I believe in self testing so I will not post how to test this. Please explore it yourself and how to create python defs
# lets try to be more elegant given dodgy IPv6 support
# IPv6 client are just simply more difficult
# The stack and the requirements to set one up definitely have more overhead
# It has its benefits and draw backs!
# So in good taste Ill setup an echo server and client :)
# You dont have to go this far
# I am vearing from the book
# There are plenty of tutorials for a basic client lol!
import threading
import socket
import time
def fetch_local_ipv6_address(port=10008):
# We need to detect whether IPv6 is supported at the present system and
# fetch the IPv6 address of host since we likely do not know it!
if not socket.has_ipv6:
# Throw an exception if we dont so we are not chasing our tails!
raise Exception("Your not future proof why no IP6 address?")
addrs = socket.getaddrinfo("localhost", port, socket.AF_INET6, 0, socket.SOL_TCP)
# we should expect an output similar to: [(23, 0, 6, '', ('::1', 10008, 0, 0))]
# Set conditional to raise explicit warning of no IPv6
if len(addrs) == 0:
raise Exception("This host is not configured for IP6")
entry0 = addrs[0]
sockaddr = entry0[-1]
return sockaddr
def ipv6_echo_server(sockaddr):
# Lets setup an echo server :D
s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
s.bind(sockaddr)
s.listen(1)
print ("server opened socket connection:", s, ", address: '%s'" % sockaddr[0])
conn, addr = s.accept()
time.sleep(1)
print ('Server: Connected by', addr)
if True: # Single Echo Request answer
data = conn.recv(1024)
conn.send(data)
conn.close()
def ipv6_echo_client(sockaddr):
# Echo client program
# use hostname or port number or use 'sockaddr' to open the connection
#HOST = 'localhost' -- or target system
#PORT = 10008 # The same port as used by the server setup above!
s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
#s.connect((HOST, PORT))
s.connect(sockaddr)
print ("client opened socket connection:", s.getsockname())
data = 'CAN uuu HeAr ME -> via IPv6 :-)'
print ('Client is sending:', repr(data))
s.send(data.encode())
data = s.recv(1024).decode()
s.close()
print ('Client received response:', repr(data))
try:
# fetch the local IPv6 address
local_ipv6_addr = fetch_local_ipv6_address()
t = threading.Thread(target=ipv6_echo_server, args=(local_ipv6_addr,))
t.start()
time.sleep(1)
ipv6_echo_client(local_ipv6_addr)
except Exception as e:
print ("Something went stupid: ", e)
print ("HASTA LA VISTA BAE BAE!")
The point was to show that you can change the parameter of the socket and even get more elegant. This demonstrates the domain parameters of the socket library.
Anyways lets get back on track. UDP is based on a datagram. Accord to the RFC 1594 a datagram is:
“A self-contained, independent entity of data carrying sufficient information to be routed from the source to the destination computer without reliance on earlier exchanges between this source and destination computer and the transporting network.”
Fancy words for saying that this is a connectionless reply aka there is no connection of fixed duration between the two communicating points as there is, for example, in most cell phone conversations. This is also why youll notice the protocol has far less overhead in a VPN . UDP is also unreliable since there is no verification of whether or not the data you sent is corrupted. So there are pros and cons.
What did we omit in the code this time?
My response due to a firewall that I am not disabling
heimdallr@rig:~/Heimasnake$ python SnakeCPSocketDATAGRAM.py
^CTraceback (most recent call last):
File “SnakeCPSocketDATAGRAM.py”, line 17, in
data, addr = client.recvfrom(4096)
KeyboardInterrupt
heimdallr@rig:~/Heimasnake$
However your response should be the message you sent and the response from the system. So if you get my response above you know why. Specifically this will be your response in Deny not Reject mode. Reject will give you a rejected response and since we did not specify a time out UDP will sit there and spin to my knowledge. Ctrl C will break it out.
Answer
If your answer was the connect and response coding you are correct. TCP requires a constant connection. UDP as mentioned above is connectionless.
For more information on the structure of an IP datagram. Here is a website that explains it effectively without me taking energy out of my own reading.
http://mars.netanya.ac.il/~unesco/cdrom/booklet/HTML/NETWORKING/node020.html
Cool so lets create a generic TCP server. This will involve thread and not time like our TCP6 echo server that I went off topic on.
Run it and cool its working! ignore my screwups from before LOL. You can see why I dont need an IDE the terminal tells me whats wrong . Lets do something cool. Lets take the TCP code from earlier and modify it to connect and verify it works
I sent data and it can show what we recieved on the server end so I sent it four times.
Hey cool we got an acknowledgment. What did we see on the otherside?
Exactly what we sent on various ports. Now you know how this works. The book has its methods and creates its own test but I value using code created verbatim.
Tomorrow we will replace netcat! I have to get up at 4 am so sorry for the initially boring post I’m sure it will get more interesting