Primal Security
Follow Primal Security on their other social channels!
About Us
Company Size:
Company Type:
Washington, D.C.
Primal Security is a blog and podcast dedicated to sharing knowledge within the information security community. Learn more about the Primal Security Team.
Read more
Promoted Content
Primal Security is not promoting any content right now
Python for InfoSec Professionals Use Case 4: CVE-2014-3704
Drupal announced on October 15th they had a critical pre-auth SQL Injection (SQLi) vulnerability – here. There is a pretty good write-up of the vulnerability here. This post will demonstrate another use case for Python by building up a script to exploit the SQLi flaw to add an administrative user. The script simply prompts the user for a username to append to the SQLi payload with a static password string of “password”. This script is invoked with the following syntax: ~$ python ...
Python for InfoSec Professionals Use Case 3: CVE-2012-3152
This quick snippet of code exploits CVE-2012-3152 Oracle Reports Local File Inclusion (LFI) vulnerability. To more easily interact with the vulnerable system the HTTP request exploiting the LFI is wrapped in an endless loop that feels like a command prompt. Here is a good write-up on the actual vulnerability. For this script we threw in a dash of color to the shell-like ouput using the Python module “termcolor” – Download here. #!/usr/bin/python import sys, urllib2 # Import the re ...
Python for InfoSec Professionals Use Case 2: CVE-2012-1823
This Proof of Concept (PoC) script exploits CVE-2012-1823 – PHP-CGI Remote Code Execution (RCE) vulnerability. It simply wraps an HTTP POST request in an endless loop that grabs input from the user as the command to run. The syntax demonstrated in this PoC script can be leveraged for other use cases because it demonstrates how to create HTTP requests in Python using custom HTTP headers. #!/usr/bin/python import sys, urllib2 # Import the required modules for the script if len ...
Python for InfoSec Professionals Use Case 1: CVE-2014-6271
This Python snippet is a very cool PoC because it drops the user into what feels like a command shell on the target. The intention is to make the user feel like they have a shell on the system. It will basically loop through sending requests to the server with a modified User-Agent sending the attack string. The commented code below wraps an HTTP request with an endless loop grabbing input from the user to pass as the payload. You can see how to make an HTTP request and modify the User-Ag ...
Python for InfoSec Professionals Part 13: Python Malware
This tutorial demonstrates some proof of concepts for creating malware using Python and PyInstaller. In a previous tutorial, we demonstrated how to compile a Python script as a Portable Executable(PE) using PyInstaller. Now let's demonstrate some quick proof of concept code to do some malicious actions on a Windows host. Coding the Malware: One of the most common things you’ll find with malware is it wanting to gain persistence on the victim. There are loads of ways to achieve persis ...
Python for InfoSec Professionals Part 12: Pseudo-Terminal
This tutorial will introduce some very quick Python Kung Fu to fix a raw shell. To fully understand the awesomeness of this little trick, you need to understand some of the challenges with a raw shell. A raw shell is a command shell (cmd.exe, /bin/sh) bound to a network socket and either thrown back to the attacker (reverse shell), or bound to a listening port. Raw shells don’t handle STDIN/STDOUT/STDERR the same way terminal access does (SSH access, directly at the keyboard, etc.). ...
Python for InfoSec Professionals Part 11: Python for Metasploit Automation
The Python module pymsf by Spiderlabs allows interaction between Python and Metasploit’s msgrpc. First you’ll need to load msfconsole and start the msgrpc service with the command: load msgrpc Pass= Interacting with msgrpc is similar to interaction with msfconsole. First you create an instance of the msfrpc class, login to the msgrpc server, and create a virtual console. Then you can start to craft multiple line strings containing the commands you want to execute on the virtual ...
Python for InfoSec Professionals Part 10: Command Automation
This tutorial will cover some Python techniques to automate OS commands. We will show two ways to execute commands using Python (os, subprocess). As you begin to create Python scripts you will likely find yourself leveraging os.system and subprocess.Popen because they let you run OS commands. The main difference between os.system and subprocess.Popen is that subprocess allows you to redirect STDOUT to a variable in Python. This is often quite useful if you want to fiddle with STDOUT fu ...
Python for InfoSec Professionals Part 9: Whois Automation
This tutorial will demonstrate some Kung Fu with Team Cymru’s Python whois module.  In both offensive and defensive roles within infosec you will need to do quite a lot of whois look ups and this python module can save you loads of time. Let's jump in and start to play with this module’s functionality. Once you installed the module you can import the module and checkout what functionality it offers: >>> from cymruwhois import Client >>> c = Client() >>> ...
Python for InfoSec Professionals Part 8: Web Scanning and Exploitation
This tutorial will demonstrate how to leverage Python to build a basic web scanner, and how to write simple exploits for web applications. Often times an exploit Proof of Concept(PoC) code can be released before scanning and exploitation tools have checks for the vulnerability. In this instance, it’s beneficial to spin up your own tool to check for the vulnerability across your enterprise. In Part 6 we showed how to make a basic web request. This tutorial will demonstrate two more ad ...

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge



Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?