2.3 Combining Python Modules for Active Info Gathering Part 2
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
1 hour 12 minutes
Hello and welcome back
today we're gonna keep on building or python script. So if you don't know what this is all about, please make sure to wash the previous video for the prerequisites as well as the first part of creating your script.
As a reminder, we're creating a Python script that allows us to do active information gathering with and map.
And in the previous video, I showed you how the results of the map scanner can be parsed from the dictionary, as you can see here in the print screen. So what we're going to do now is to create variables to store the information and the used system module to save them to file.
We will also, that's the script to see how it all works together. So moving into the code editor here
that's actually display some output over here
while the Skinner is running. So we'll just say print
prints on a new line
and also go to a new line there. Adam Skinner is gonna be a dictionary. And let's save Ah, the Parsons from the dictionary to file. So first, what? What we did yesterday was to check if the host is up. So let's say a variable host is up,
actually do. The host
plus and em scanner.
Once again, make sure toe look at the previous video to understand
what we're doing here. So mm, Scanner scan. We look into the skin,
and then we're gonna look into the I p. And remember, the I P is actually the first argument that we pass in the command line. So it says RV one. Okay. And then we look into
the status and then into the state.
And let's also make sure that we move to
a new line, so dot and then go to a new line.
Okay? Now, uh, then we wanted to check the state of the port. So
let's call this variable Port
Okay. And let's just say the port 80 is
and then plus
was just copy this thing
and, um, scanners can Sisk r v one.
Uh, then we actually don't look into the status, but we're looking to the
so into the TCP, and then
we're looking to 80.
So Port 80
and then we actually look into the state of deport,
a new line.
then we'll look into the method of scanning. So let's a
I was just same method skin.
And then the message
of scanning is
the enemy's scanner scans this RV one, and then instead of the status,
we'll look into the DCP
and then we don't look into the state. But the reason.
Okay? And finally we make the guests for the operating system. So let's a guest
And now we're doing the string methods. So
there is a
percent asked percent
host is running
we actually fill in with the values. So an M,
it's just based this NM scanner scan sis RV one and then we don't look into the status. But we actually look into the OS match, if you remember,
and then we go zero
and then we'll look into the accuracy,
And the 2nd 1
So, uh, this is the 1st 1 This is for the accuracy for the percent and the 2nd 1 for the name so is running. And here's where we're gonna fill in with the name. Let's just copy this
and I'm scanner.
So the 2nd 1
is not gonna be the accuracy,
but it's gonna be the name.
Okay? And then we close the branch asses
and then we looking to a new line
and we don't need that.
now that we have them safe. Two variables Let's actually write this variables toe to file to make the entire process more automated. So we'll say, with open
percent as the T X t and then percent, it's goingto be cysts.
We actually don't need the parenthesis assist R V one.
we opened the file to write it as f
will say just f
So here's where we actually write all the variables. F right Host is up
Lus Methods scan Bless Guest OS.
and that's it.
But let's also use the time module from Python to have a cool time stamp at the bottom off the file. So first will have to import time over here so imports time
and then s
Let's go to a new line
report generated, and then we'll say plus
time as tr f time. So that's the method, and we'll look into the year
minus the month minus
percent day underscore
And also, let's also print a second so percent seconds in GMT. Okay, but this is all in quotes.
So gt mgmt
okay, And this We're actually going to display the time
in, uh, g m t time.
Okay, closing that one and closing that one.
That's also actually say print. New Line
Finished that thought Thought.
Okay, control, as now, Let's go ahead and quickly justice and see how it goes.
So, first, let's do a paying to google dot com to get the I P address
and then copy this I p address
and run the script over it.
And it should take
a matter of seconds to actually finish this
and have a file graded in the same directory
with the name of the I p dot Taxed.
Okay, so now let's look into the directory and we can see 1 72 and let's actually take a quick glance into it.
And as we can see, we have the host is up. The port is open the method of scanning Cenac, and there is an 8% chance that the host is running open. BSD 4.3
and there you have it.
Now, before we finish, let's do a quick knowledge check. How did we actually specify our target for this script?
Is it a as a command line argument? Be as a variable in the script or see as a separate file. Now this is actually really simple. We used assist, Module and sis are Vito Be ableto past the target as a command line arguments. So in this case, a is the right answer
now in review. In this and in the best lesson, we built a Python script for active information gathering. We use by phone and Mad library and other standard libraries such assists and time together and store information about the target.
This was a very basic example of the automation Pathan can give you. You can do much more than that. You could, for example, automate more steps of a typical penetration testing process.
First performance and maps can,
if board eighties open, do some fingerprinting than do directory brute forcing. If you find a WordPress installation, run W P scan over it, and so on and so forth. The possibilities are limitless. I want you to think about that for a second.
Now next, we're going to start writing a key logger in Python.
My name is Christian and I'm looking forward to seeing you in the next video.