What you need to run this Basic Port Scanning lab:
While you could probably do this better on a Kali Linux box,, I'm going to document this for a Windows platform running with an installation of Cygwin and Python 2.7. Note: you can run this in Python3.x, but you need to fix the print() This lab can be run on a real or virtual machine.Purpose
Learn very basic Python networking techniques.Making A Very Simple Banner Grabber
In a Cygwin Terminal window, (or open a new Notepad++ file and save it as grabSocket.py)cat > grabSocket.py
import socket
s = socket.socket()
s.connect(("attackdirect.samsclass.info", 22))
print s.recv(1024)
s.close()
Explanation
The first line imports the "socket" library, which contains networking functions.The second line creates a socket object named "s".
The third line connects to the server "attackdirect.samsclass.info" on port 22.
The fourth line receives data from the server and prints it, up to a maximum of 1024 characters.
The fifth line closes the connection.
Running the Grabber python script
In the Cygwina Terminal window, execute this command:python grab.py
You should see an SSH banner, as shown below:
Adding a Timeout to the port request Python scrip
Open the grabSocket.py script in an editor again.Change the port number from 22 to 80, as shown below, and save the modified file.
Run the script again. What happened? HTTP servers typically don't return a banner, and is actually waiting for a correctly formed port request, so it just freezes up, waiting for a banner. It can take a long time to time out. To stop the script, press Ctrl+C.
You should see the following:
To make it timeout more quickly, add this line to your script, as shown below:
socket.setdefaulttimeout(2)
Run the script again. Now it times out, as shown below:
Using Variables in your Python script
Execute this command to copy your script to a new script named grabSocket2.py:cp grabSocket.py grabSocket2.py
Modify grabSocket2.py to use variables. Create for the target and tport variables. this is so that later you can more quickly change the port you are connecting to.
target = "attackdirect.samsclass.info"
tport = 80
s.connect((target, tport))
Your script should now look like this:
Save and run the script. It should time out in a few seconds, just as it did before.
Updating your Python script to accept User Input
Execute this command to copy your script to a new script named grabUserSocket.py:cp grabSocket2.py grabUserSocket.py
Modify the program grabUserSocket.py to input the target and port from the user, as shown below.
target = raw_input('Input Target URL: ')
tport = raw_input('Input Target Port: ')
Save and run the script. Enter a URL and port to scan.
What went wrong? The script halts with an error saying "TypeError: an integer is required".
This is a Python syntax issue. This is the case that the default for "raw_input" is to expect the input as a character string, and you have to explicitly type the input as an integer. To fix that , enclose the raw_input statement for tport in the int() function, as shown below.
tport = int(raw_input('Input Target Port: '))
Awesome... You now have a Python Port Scanning Script
Source: Sam Bowne, and AWESOME Cyber Security Instructor. I met him at the 2017 WIT Conference, and had to give him a hug, for all the cool Cyber Labs he has published on his site https://samsclass.info/ specifically the link to his WITC class Python Scripting for Cyber Security Professionals
No comments:
Post a Comment