Wednesday, November 13, 2019

Hacking with Python

By now you have a basic idea of how Python works and how programs were created using this programming language. Now, you are ready to learn how you can use Python scripts to compromise websites, networks, and more.

Learning how to hack entails being able to setup the right environment that you can work in, in order to develop your own exploitation tools. Since you have already installed Python and the standard library that comes with it, you are pretty much set up for hacking. All you need to do now is to install other tools and libraries that you can use for the exploits.

Third party libraries are essentially libraries that do not come native with your installation of Python. All you need to do to get them is to download them from a targeted source, perform uncompressing on the package that you just downloaded, and then change into the target directory.

As you might have already guessed, third party libraries are extremely useful when it comes to developing your own tools out of the resources that are already created by someone else. Since Python is a highly collaborative programming language, you can use libraries that you may find from website sources such as GitHub or the Python website and incorporate them into your code. There
Once you are inside the directory, you can install the downloaded package using the command python setup.py install. Take a look at this example to see how it is done:



What just happened here is that you were able to install a package that will allow you to parse nmap results by downloading the python-nmap package.

Now lets make a password cracker program which will help us to  understand how to perform hacking. This Python program will not only teach you how you can crack passwords, but also help you learn how to embed a library in your code and get results that you want.

To write this password cracker, you will need to have a crypt() algorithm that will allow you to hash passwords that are in the UNIX format. When you launch the Python interpreter, you will actually see that the crypt library that you need for this code is already right in the standard library. Now, to compute for an encrypted hash of a UNIX password, all you need to do is to call the function crypt.crypt() and then set password and salt as parameters. The code should return with a string that contains the hashed password. Here is how it should be done:


Now, you can try hashing a target’s password with the function crypt(). Once you are able to import the necessary library, you can now send the parameters salt “HX” and the password “egg” to the function. When you run the code, you will get a hashed password that contains the string “HX9LLTdc/jiDE”. This is how the output should look like:


When that happens, you can simply write a program that uses iteration throughout an entire dictionary, which will try against each word that will be possibly yield the word used for the password.

Now, you will need to create two functions that you can use in the program that you are going to write, which are testPass and main. The main function will pull up the file that contains the encrypted password, which is password.txt, and will then read all the contents in the lines that the password file contains. Afterwards, it will then split the lines into the hashed password and its corresponding username. After that, the main function will call the testPass function to test the hashed passwords against the dictionary.

The testPass function will take the password that is still encrypted as a parameter and then will return after exhausting the words available in the dictionary or when it has successfully decrypted the password. This is how the program will look like:




When you run this code, you will be able to see this output:



Judging from these results, you will be able to deduce that the password for the username ‘victim’ is right in the dictionary that you have available. However, the password for the username ‘root’ is a word that your dictionary does not contain. This means that the administrator’s password in the system that you are trying to exploit is more sophisticated, but can possibly be contained in another dictionary type.

At this point, you are now able to set up an ideal hacking environment for Python and learn how to
make use of available resources from other hackers. Now that you are able to create your first hacking tool, it’s time for you to discover how you can make your own hacking scripts!
Share:

0 comments:

Post a Comment