Python Scripting for Hackers
Python has some important features that make it particularly useful for hacking, but probably most importantly, it has some pre-built libraries that provide some powerful functionality. Python ships with over 1,000 modules and many more are available in various other repositories. This isn't to say that scripting languages like BASH, Perl, and Ruby can't do the same things as Python, but building those capabilities are much easier using Python.
Adding Python Modules
The Python standard library and modules provide an extensive range of capabilities including built-in data types, exception handling, numeric and math modules, file handling, cryptographic services, Internet data handling, and interaction with Internet protocols (IPs).
Despite all of the power offered by these standard libraries and modules, we may need or want additional third-party modules. The third-party modules available for Python are extensive and is probably the reason most hackers prefer Python for scripting. You can find a comprehensive list of third-party modules at PyPI: The Python Package Index.
If we need to install a third-party module, we can simply use wget to download it from the repository, uncompress the module, then run the python setup.py install command. As an example, let's download and install the Nmap python module from a small repository at xael.org.
First, let's download the module from xael.org:
kali > wget http://xael.org/norman/python/python-nmap/python-nmap-0.3.4.tar.gz
After we have downloaded the new module, we need to uncompress it with tar:
kali > tar -xzf python-nmap-0.3.4.tar.gz
Then, change directories to the newly created directory:
kali > cd python-nmap-.03.4/
Finally, we need to install the new module by typing:
kali > python setup.py install
Search Python nmap to find out more details. Now let's create a simple FTP password cracker in Python. Let's open a text editor in Kali (I'm using Leafpad) and enter the following script below.
Note that we import the socket, re, and sys modules (Lines 3-7), then create a socket that attempts to connect to specified IP address on port 21 (lines 11-15), then create a variable username which is assigned "NullByte" (Line 33), then create a list called "passwords" with potential passwords (Line 35), then create a for loop trying each password until it receives a code 230 or exhausts the password list.
Of course, you can change the values in this script to any that you want and are appropriate to your circumstances. In future tutorials, we will modify this password cracker to give it even greater usability and versatility.
Save it as "ftpcracker.py" and give yourself execute permissions, then run the script against an FTP server.
kali > chmod 755 ftpcracker.py
kali > ./ftpcracker.py
If it finds the password, it will print the message 'Password found: <password>" (Line 43).
Keep coming back, my novice hackers, as we continue to expand our scripting skills to the level of a pro hacker!