Description: Part2:
*) Build a multithreaded Server
*) How to code a stable, reliable Server/Client
*) Sniff and send Packets in Scapy
*) Packet forging/manipulation in Scapy
The Source files (python 2.6) can be downloaded at:
https://github.com/piman/PyPrimer-for-Hackers
------------
Some key points we want to cover in the whole video series:
*) toolz often lie! code your own networking tools and get the correct feedback!
*) code your own networking environments
*) some network attacks
*) run your toolz on several machines and communicate with them
*) ...and other funny stuff ;)
------------
Please tell us what you like and what you don't like!
If you have ideas on what should be covered in future videos, please let us know! (ON SECURITYTUBE.NET)
We strongly disadvise from doing anything malicious! We just want to provide some knowledge for security tests and show developers how to code proper software.
Tags: python , scapy , hacker , hacking , coding , programming , network , lan , rene schallner , patrick schallner , server , client , threads , martian , packet ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
nice can you plies upload the rest of the Sires thank
Nice vids, i do not remember patrick but is it possible to discover if there's any rootkits running under my router with scapy?if so could you post a link where it has describe it!
ah remember the souce code
Thumb up & upper
Patrick where's the part 1 of the Group vids?
WHAT I FORGOT:
PLEASE LEAVE COMMENTS!!!
WE NEED SOME INPUT TO KNOW HOW TO CONTINUE OUR SERIES ;)!!!
@goes: Sorry, part two was recorded on Sunday/Monday... so we can't upload the rest of the series now.
Part 3 will be uploaded around next Monday.
@hazz:
If I get you right... no... there is no "step by step guide" in how to scan if "any rootkits are running" on some machine. You can of course discover a lot of stuff and maybe you will find traffic, open ports, or responses that "look malicious" but that's nothing compared to a rootkit scanner. And you really need to know what you are looking for and what you are doing.
It's kind of simmilar to "can you scan for a virus with the find command" ...of course you can... and in certain situations you have to... but you need to know what you are doing. You should stick on tools like chkrootkit and so on (don't know what kind of router you mean).
part1 was invisible because I changed the description and vivek had to newly approve it. It's back again.
Magic :-)
The Fin that committed a syn was finished..... :-)
Thank you guys. May 4th be with you :-)
Fascinating - thank you.
@Rene: your server coding was a bit beyond me but I'll watch it several times and hit google. There's little point in listening or watching if it's all material which is familiar because that won't make me learn anything. I guess it's rather like the "carrot and the donkey"!
@Patrick: in your Scapy segment, at around 40 minutes, you did some arping magic sending to addresses in the 192.168.1.0/24 network and you captured to a file. Arping reported that hosts 192.168.1.1 and 192.168.1.12 were up but, as far as I recall, your BT attacking VM was 192.168.1.112. Is that a bug? If so, what if there are other bugs that aren't so obvious?
You issued cap1.display() and it showed 258 packets (0 to 257). Why were there extra packets? I saw some had the word "Padding" in the display.
I'm looking forward to further videos, dealing perhaps with current attacks (and scripts) that DO work (you indicated that the SYN flood was very old). I realise that flooding a network is something that I must not do in a network that isn't mine or I don't have explicit permission to attempt the attack, otherwise there might be a knock on the door from the authorities!
Howya Ignatius!
Thx for your feedback and nice to see that you think about that stuff!
The host which does the arping doesn't show up in the result. The .12 was the address of my macbook (the .112 was the address of our BT-VM!)
according to the 258 packets:
You forget about "the other direction"... we sent out 256 packets. 2 hosts responded. so how many packets do we have? :)
according to the padding:
If you are interested in that, just google a bit.
hint: has to do something with the Ethernet Frame. ARP packets are really small. look at the content of the "padding" :)
@Blacky: thx mon!
thank you for the great infos.
waiting for the next, hope come soon
in the meantime i'll elaborate the instructions you gave.
Hey, thanks guys for your feedback! It's really highly appreciated and very valuable for us!
@Blackmarketeer: :-) Nice one - and yeah I sense a strong presence of the 4th, may it be with you, too! (no pun intended, but incidentally pt 4 is not too far from now)
@Ignatius: Thanks for your great feedback. If I understand you correctly then I probably didn't do too well in getting across my explanations? I am currently preparing Pt 3 and 4 so your feedback is very valuable to me. Don't want to come across as a "carrot and donkey" guy but I do appreciate it when ppl do their own research. Was it too pythonic (classes, objects) / too networky / thready - or too basic for you? I am not 100% keen on if I got you correctly.
@in0cula: one more instruction: have fun :-) -- aand dump core here if you're overloaded... :-)
@Patrick: OK - I thought that arping would report all hosts that were up, including "self", but I suppose it's logical to report only others because clearly "I" am up! It's a coincidence that you had 192.168.1.12 and 192.168.1.112 on the network. I thought that arping had misreported 1.112 as 1.12.
As far as the 258 vs 256 query is concerned, it's definitely a "doh!" from me! I'll look into the padding. Obviouly, I hadn't and simply threw it into the comment that I posted ealier today.
@ranamann: far from it, your explanation was perfect, line by line, as before. Whilst I am aware of the concept of threads, it was the first time that I had seen it implemented in code. I've done some C++ but virtually no python so it'll take me a little while to get my head around the syntax but I'll persist. As far as the "carrot and donkey" comment is concerned, I meant it as a good thing (I think you realised that) because, whilst your explanation and demonstrations were clear, there was enough that was just beyond my immediate reach to make me hit google and want to learn more. If you had gone away into much more complicated matters, I might have been tempted to say "no way, this isn't for me", and I would have taken up tiddly winks as a hobby!
@Patrick and ranamann: creation of a video series that is at exactly the right level for all viewers is impossible and I'm greatful for the time and effort that you've put in so far. If things are too basic for me then that's fine, but if they're too complicated but within reach, I'll be stimulated to background research. I'm happy so far and will play around with the content of this video until your next production is posted.
@Ignatius: people like you can make my day :-). thank you, I really appreciate your feedback! Maybe a threaded hint: The real magic happens where .start() is called in the main code. That automagically causes .run() to be executed in its own thread. Any constructional preparations that the thread creator needs to do, should go into .init(). I think you're on the right track and you'll soon have worked out python, subclassing in python, the "self" (like C++ "this") stuff, etc - if you haven't already...
Thanks again for your support and attitude!
@ranamann: I think introducing threads along with scapy and sockets was a bit much for this video. The first video seemed like a good place to start (what are sockets, what is scapy, how to use sockets, and how to use scapy). This one just seemed like way too much of a jump by introducing threads (which is a very advanced concept in itself).
@GTKlondike: Thank you for your feedback. You are right, threading is a heavy topic. The intention was to split the server into two short and easy to understand halves, with the additional benefit of allowing to be slow, even to sleep(). I viewed this as a very natural progression. I get your perfectly valid point, though, and I think in the upcoming videos we'll find a way to balance it all out much better. Thanks again for pointing this out!
Wow thanks a lot for this awesome video. Watching it now, interesting.
@patrick @ranamann,in my opinion,as you described on the videos python for hackers, it should mean that the topic will consists of about 15 or more videos is this correct? if not for my opinion just puts your hands on the matter that i presume many would like to see;to be concrete, vivek has done a tremendous work for the noobs.So do not be afraid if things are getting in your opinion difficult for the viewer,those topics are not easy to learn,but we're watching to learn.
Awesome, thanks for video.
@all:
we are really, really working on Part3 but we had a lot to do during the last week. We will upload it soon!
Hopefully all of you will spend the time to watch the whole series :)!
@m0ei and sqall: thx a lot!
@hazz:
We really don't know how long this series will become.
we want part 3, we want part 3
i can't wait
thx Patrick
i hope will be very longgg series
Ok let's put our hands in, at first i'm not a young guy neither one who works on the field,but i'm a professional nurses, and i see a lot of spuculative thing that are related to physiology and immunity system etc.
In scapy i haven't find any info about airpwn, the os detection with nmap 5 do not work how will u use it with 5.X version?The Raw data how will u decrypt using the regular expression, and how do u concatenate the various field of the packets i.e a=sniff.pak, a[0] & a[1]; how can u make a one line script instead of a python scripts,can u implements wap decryption inside scapy?
Thanks for answering back.
This article has helped so much with some aspects of python that I was having trouble with. No matter what you guys do I will be awaiting the next video with much anticipation. Any chance you might want to code a server that interacts with Scapy remotely?(kind of combine the 2 threads of the thread into a single topic)
Once again, your efforts are much appreciated.
Any news about part 3 ? :p
Awesome! I really like the informal yet very educational style of your teaching. Keep it up guys! looking forward to the next video in the series.
Just came across this on the EH forum- Google's Python Class
http://code.google.com/intl/ru/edu/languages/google-python-class/
=( I hope you guys don't let this series die away, I absolutely LOVED the first 2 vids.
In any case everyone might want to see this book:
http://learnpythonthehardway.org/
thx @all!
Sorry for the large delay! I'm really, really busy at the moment. And I didn't have the time to record something :(! Rene doesn't have a lot of time too (he has to finish his book at the moment).
I think we can upload part 3 at the end of the next week.
We will definitely continue our Primer!!!
In August I'm on vacation for 3 weeks (yeeaaah!), this should speed up the production of further videos ;)!
@Vivek: Thanks a lot buddy! It's really motivating to hear such a nice feedback from our "Master of Primers" :)!!!
@Rajah: thank you! that's a nice feedback ;)!
@WCNA: looks like you're really learning Python seriously now :)! nice to see that.
@rails: thank you!
So are yours holidays off or not yet, lucky you,we are waiting for the rest of the 15 videos more....Ciao
Great series of tutorials, keep em coming.
Patrick please continue the primer, i like it soo much, i hope you'll do very loong videoss