Join Malcolm Shore for an in-depth discussion in this video Refreshing your Python skills, part of Penetration Testing Essential Training.
- [Teacher] Python is an interpretive programming language and the interpreter can be found for both Windows and Linux at the main Python site shown here. There are various versions of Python and scripts are not always compatible. So modifying Python scripts that you may pick up to do testing is sometimes necessary. You'll need to install Python on Windows, but it comes built in to most Linux distributions. We'll use Carly to refresh ourselves on Python. One of the useful documents to have when programming in Python is the library reference, which provides details of all the built in calls that you can make to do things in Python.
As a pen tester, you'll be using the networking calls extensively. There are graphical interfaces for Python, but for our purposes, we'll run at the command line. Once you've got Python installed, you check it's working by entering the command python. This will put you in the interactive interpreter. You can enter commands here and get the response immediately. And you can use control D to quit. We can also use an editor and create a text file containing the Python script and we can run it as a command line argument.
For example, let's create helloworld.py. (keys clicking on keyboard) And we can run that. (keys clicking on keyboard) Python provides us with string and numeric variables, which can be integer and floating point. We can also use Boolean variables. We can assign values to a variable, which takes on the type that used in the assignment.
So let's use the interpreter to see how this works. I'll set the variable port to 8080 and I can use the function type to check what type port is and we can see that port is in fact an integer. I'll set exploited to true (keys clicking on keyboard) and I'll check it's type, which is Boolean.
I'll set username to the string Malcolm and we can see the type of username is string. And when I set value to 12.43, it's type is floating point. We of course have the normal mathematical and string concatenation operators. If I print 12+7, I get 19. Let me search a couple of strings.
String one is my name is. String two equals Malcolm. And when I print string one plus string two, we get the concatenated string, my name is Malcolm. There are more complex ways of managing data in Python. The first is lists, which we can create using square brackets. Let's look at a list of IP addresses. I've created a list called active host and I'll append a value to it.
I'll append another value. (keys clicking on keyboard) And then I can print one of the values by using print activehost and use the subscript three. We get the value of the fourth entry. If we print activehost zero, we get the value of the first entry. A similar construct to a list is a dictionary, for which we use curly brackets.
This is where we can associate a value with a label. Let's create a list of hosts and host names. (keys clicking on keyboard) I'll set the dictionary host name to a pair values, 184.108.40.206 and I'll call the host name munless.com.ch. And I'll put the second entry in the dictionary.
220.127.116.11 and I'll give that the name mail.munless.com.ch. Now if I print the length of host name and this shows that we have two entries in the dictionary. We can print the value of an individual entry in the dictionary by using the expression print hostname and give it the key 18.104.22.168 and it gives us the associated value.
We can look through a dictionary using the special term key. So we'll do a full loop for key in hostname. Print key and it prints out the keys for us. We can add more entries to the dictionary with the update method. (keys clicking on keyboard) And if we just type hostname, we can see that the new entry's been added.
We can create multiple dictionaries which we can then reference using subscripts. Let's remake host name as a multiple dictionary. (keys clicking on keyboard) I've created the first dictionary and by putting a comma and continuing with new curly brackets it creates a second dictionary. (keys clicking on keyboard) Now we can reference an element in either dictionary with it's subscript, starting again at zero.
This will select the first dictionary and I can look for the value with the key 22.214.171.124. Let's move onto conditionals. We can use if, else statements to conditionally execute code. I'll set numb to five and I'll put a conditional if numb less than 10, print (keys clicking on keyboard) single digit number, which it is.
We can also use the for statement to execute a block of code a number of times. For x in the range one up to five, print Repetition +str(x). And note that we only print four entries. The repetition stops when the final value is reached, not after it. Note also that the scope of the conditional or repetition statements extends to all indented lines following it.
Python is sensitive to where you start your line of code. We've used the string function here to convert an integer into a string. Python provides many such functions to make scripting easy. Some more examples include the set of string manipulation functions, upper, lower, replace, and find. Let's see how we use the upper function. (keys clicking on keyboard) I'll select an entry in our dictionary and they'll display it as an upper case.
I won't go into the vast array of functions that Python offers, but you can review them in the library reference documentation.
Cybersecurity expert Malcolm Shore reviews popular pen testing tools, as well as the Bash and Python scripting skills required to be able to acquire, modify, and re-use exploit code. He also provides a refresher on Kali Linux and introduces techniques for testing web services. At the end of this course, you'll be prepared to take more advanced training, and to pursue the popular Offensive Security Certified Professional (OSCP) certification.
- Pen testing overview
- Pen testing tools
- Bash scripting
- Python scripting
- Kali and Metasploit
- Web testing
- Finding exploit code