2.3 Combining Python Modules for Active Info Gathering Part 2

00:00

Hello and welcome back

00:02

today we're gonna keep on building or python script. So if you don't know what this is all about, please make sure to wash the previous video for the prerequisites as well as the first part of creating your script.

00:13

As a reminder, we're creating a Python script that allows us to do active information gathering with and map.

00:20

And in the previous video, I showed you how the results of the map scanner can be parsed from the dictionary, as you can see here in the print screen. So what we're going to do now is to create variables to store the information and the used system module to save them to file.

00:38

We will also, that's the script to see how it all works together. So moving into the code editor here

00:46

that's actually display some output over here

00:49

while the Skinner is running. So we'll just say print

00:56

prints on a new line

01:00

running

01:00

Don't don't

01:03

and also go to a new line there. Adam Skinner is gonna be a dictionary. And let's save Ah, the Parsons from the dictionary to file. So first, what? What we did yesterday was to check if the host is up. So let's say a variable host is up,

01:21

then

01:22

actually do. The host

01:25

is

01:26

plus and em scanner.

01:30

Once again, make sure toe look at the previous video to understand

01:34

what we're doing here. So mm, Scanner scan. We look into the skin,

01:40

and then we're gonna look into the I p. And remember, the I P is actually the first argument that we pass in the command line. So it says RV one. Okay. And then we look into

01:55

the status and then into the state.

01:59

And let's also make sure that we move to

02:04

a new line, so dot and then go to a new line.

02:07

Okay? Now, uh, then we wanted to check the state of the port. So

02:13

let's call this variable Port

02:16

Oakland.

02:17

Okay. And let's just say the port 80 is

02:23

and then plus

02:25

was just copy this thing

02:29

and, um, scanners can Sisk r v one.

02:32

Uh, then we actually don't look into the status, but we're looking to the

02:40

TCP

02:43

so into the TCP, and then

02:46

we're looking to 80.

02:49

So Port 80

02:52

and then we actually look into the state of deport,

02:55

plus

02:58

a new line.

03:00

Okay,

03:01

then we'll look into the method of scanning. So let's a

03:06

math said

03:07

I was just same method skin.

03:10

And then the message

03:14

of scanning is

03:16

plus,

03:19

the enemy's scanner scans this RV one, and then instead of the status,

03:24

we'll look into the DCP

03:28

Port 80

03:30

and then we don't look into the state. But the reason.

03:34

Okay? And finally we make the guests for the operating system. So let's a guest

03:40

OS equals.

03:44

And now we're doing the string methods. So

03:47

there is a

03:51

percent asked percent

03:53

chance

03:55

that the

03:58

host is running

04:01

percent s

04:04

and then

04:09

we actually fill in with the values. So an M,

04:12

it's just based this NM scanner scan sis RV one and then we don't look into the status. But we actually look into the OS match, if you remember,

04:24

and then we go zero

04:28

and then we'll look into the accuracy,

04:31

okay?

04:33

And the 2nd 1

04:38

So, uh, this is the 1st 1 This is for the accuracy for the percent and the 2nd 1 for the name so is running. And here's where we're gonna fill in with the name. Let's just copy this

04:53

and I'm scanner.

04:55

So the 2nd 1

04:57

is not gonna be the accuracy,

05:00

but it's gonna be the name.

05:02

Okay? And then we close the branch asses

05:05

and then we looking to a new line

05:11

and we don't need that.

05:14

All right,

05:15

now that we have them safe. Two variables Let's actually write this variables toe to file to make the entire process more automated. So we'll say, with open

05:26

percent

05:30

percent as the T X t and then percent, it's goingto be cysts.

05:38

We actually don't need the parenthesis assist R V one.

05:42

Okay,

05:44

we opened the file to write it as f

05:47

will say just f

05:49

So here's where we actually write all the variables. F right Host is up

05:55

plus

05:57

fourth Copeland

05:59

Lus Methods scan Bless Guest OS.

06:03

Okay,

06:04

and that's it.

06:05

But let's also use the time module from Python to have a cool time stamp at the bottom off the file. So first will have to import time over here so imports time

06:16

and then s

06:18

right.

06:19

Let's go to a new line

06:23

and

06:24

report generated, and then we'll say plus

06:29

time as tr f time. So that's the method, and we'll look into the year

06:35

minus the month minus

06:39

percent day underscore

06:43

than our

06:46

minutes.

06:49

And also, let's also print a second so percent seconds in GMT. Okay, but this is all in quotes.

07:00

So gt mgmt

07:03

okay, And this We're actually going to display the time

07:08

in, uh, g m t time.

07:12

Okay, closing that one and closing that one.

07:15

All right.

07:16

That's also actually say print. New Line

07:20

Finished that thought Thought.

07:23

Okay, control, as now, Let's go ahead and quickly justice and see how it goes.

07:29

So, first, let's do a paying to google dot com to get the I P address

07:34

and then copy this I p address

07:40

and run the script over it.

07:44

And it should take

07:46

a matter of seconds to actually finish this

07:49

and have a file graded in the same directory

07:54

with the name of the I p dot Taxed.

07:58

Okay, so now let's look into the directory and we can see 1 72 and let's actually take a quick glance into it.

08:07

And as we can see, we have the host is up. The port is open the method of scanning Cenac, and there is an 8% chance that the host is running open. BSD 4.3

08:18

and there you have it.

08:20

Now, before we finish, let's do a quick knowledge check. How did we actually specify our target for this script?

08:28

Is it a as a command line argument? Be as a variable in the script or see as a separate file. Now this is actually really simple. We used assist, Module and sis are Vito Be ableto past the target as a command line arguments. So in this case, a is the right answer

08:46

now in review. In this and in the best lesson, we built a Python script for active information gathering. We use by phone and Mad library and other standard libraries such assists and time together and store information about the target.

09:01

This was a very basic example of the automation Pathan can give you. You can do much more than that. You could, for example, automate more steps of a typical penetration testing process.

09:13

First performance and maps can,

09:16

if board eighties open, do some fingerprinting than do directory brute forcing. If you find a WordPress installation, run W P scan over it, and so on and so forth. The possibilities are limitless. I want you to think about that for a second.

09:31

Now next, we're going to start writing a key logger in Python.