introduction to information security python. python motivation python is to a hacker what matlab is...
Post on 18-Jan-2016
231 Views
Preview:
TRANSCRIPT
Introduction to Information
SecurityPython
Python motivation• Python is to a Hacker what Matlab is to an
engineer• Lots of built-in modules• Lots of 3rd party modules• IDA-Python!• Very popular language, very well supported• Has implementation in every OS.• Human readible• Its free
Python Diff• In this quick overview of python:• We will note the major differences between
python and other familiar languages.• And talk of some useful tools
White spacesif you can read this: it must be python!
- Python hierarchy is defined by whitespaces- Indentation has to be the same (3 spaces != 1
tab) for every nest within the chain.
Hello, WorldExample #1:#!/usr/bin/pythonprint “Hello, World!”
Example #2:#!/usr/bin/python
def main():print “Hello, World!”
if __name__ == ‘__main__’:main()
Datatype behaviorDatatypes behave differently in python:A = 5A = 6Now A is a different variable!Therefore if use:A = A + 5Now A is a new variable containing the result!
Basic functions• Using the interpreter allows us to view two basic
things:dir(object) – shows us the structure of the objecthelp(object) – shows help created by the developer of the object
Strings• Many builtin string machnisms.• A = “”• len(“123”) == 3• A[0] = “a” – not possible, strings are immutable.• A.find(“asd”) returns the location of asd in A• A.split()/A.join() , eg.: “\n”.join(data.split(“\n”)[0:-
1])• A.lower()• replace() – returns a new string with data• Uses regular indexing.
Lists and Tuples• A = (1, 2, 3)• A is of fixed length and is immutable.• A = [ 1, 2, 3]• A is mutable, and the length can be changed by
using append:• A.append(4)• print A results in:• [1, 2, 3, 4]• A is not a new variable.
Spans• Spans makes things very comfortable:A = “asd”A[0:] == “asd”A[1:] == “sd”A[0:-1] == “as”A[0:1] == “a”A[0:-2] == “a”A[:2] == “as”A[1:2] == “s”• Works on tuples, and lists!!
dict()s>>> b = dict()>>> b["hello"] = "world">>> b{'hello': 'world'}>>> b.keys()[‘hello’]
• [Demo dicts]
Mutable vs Immutable• MutableA = [1,2,3,4]B = AA.append(5)print B[1,2,3,4,5]• ImmutableA = “foo”B = AA = A + “bar”print B“foo”
Format conversion• print “%d %s 0x%08X” % (0xdeadbeef, “ == “
0xdeadbeef)• 5 / 3 == 1• 5 / 3.0 == 1.666666…• int(5/3.0) == 1• str(1) == “1”• ord(“0”) == 0x30• chr(0x30) == “c”
File operations• Reading from a file:f = file(“c:\\filename”) # file(“/tmp/filename”) for linuxbuf = f.read() # buf now contains entire file.lines = buf.split(“\r\n”) # lines contains a list with all lines excluding the “\r\n”f.close()• Writing to a file:file(“filename”, “wb”).write(data) # using returning
# object to write the data# if reference is lost file is automatically closed.
Functions• Functions can return arbitrary objects such as:
o stringso Tuples! (very common)o int o Etc.
global_var = 6def funcname(arg1, arg2):
local_var = 5return (var1, var2)
• Updating global variables needs special handling:globvar = 0def set_globvar_to_one():
global globvar # Needed to modify globvar globvar = 1
if,elseif 1:
print “always here”else:
print “never here”• switch case alternative:if key = “x”:
exit()elif key = “z”:
suspend()else:
print “default”
for, while• for (i=1; i < 10; i++) alternative:for i in range(1,10): # help(range) for more options
print A[i]
while 1:cmd = get_next_cmd()if cmd == “stop”:
breakelif cmd == “dothis”:
dothis()continue
print “always here ?!?”
import,reload• import– a way to import libraries, eg.: import sys• Access to variables is now through the
namespace:o sys.argv[1]
• Alternatively:• from sys import * • Now we can access in our namespace:
o argv[1] # direct access.
• If library was modified after import we can use reload, eg.: reload(sys)
Useful functions• Complex binary operations:
o import structo struct.pack(“L”, 0xdeadbeef) – result contains DEADBEEF in little endian
(EFBEADDE) (0xdeadbeef is treated as unsigned long)o (port) = struct.unpack(“>H”) - read unsigned short from a string
represented as bigendian
• OS operations:o import oso os.rename(old_name, new_name)o os.system(“run command”)
3rd party modules• You can install many modules by using pypi• On UNIX installing modules is very easy:
o sudo pip install [modulename]
• Also available easy_install• Useful imports:• scapy (packet manipulation lib works with
libpcap), numpy/scipy, pylab, pylib, hashlib, socket, sqllite, gzip, zip, bz2, html, json, wave/audioop (audio operations), PIL (image processing), wave, pygame
• Google: [something I need] python
ipython• Extended interpreter capabilities• Acts almost like a shell• Adds history• Adds file completion by tab.• + Many more features.
top related