Sunday, May 5, 2013

Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers 1st edition, TJ O'Connor



"A quick glance at [the authors] collective credentials and experience undoubtedly creates high expectations for this title. The end result is that the book demonstrates how powerful just a few dozen lines of Python code can be. useful tips and tricks will surely be acquired simply by working through the exercises."--The Ethical Hacker Network, February 27, 2013 "Violent Python is an excellent resource that develops and enhances a diverse set of security-related Python skills. The book also serves as a great reference, where recipes could be quickly implemented to address specific issues as they arise. Readers who are actively working in an InfoSec position will likely be able to put their newly acquired skills to use immediately, and those looking to break into the field will acquire skills that differentiate themselves from others who are dependent on prebuilt tools. This title is highly recommended for anyone who wants to improve his or her Python skills within the InfoSec realm."--The Ethical Hacker Network, February 27, 2013 "When it comes to Python and penetration testing, TJ O'Connor is the grand Python master. This is the book that keeps on giving. From building penetration testing Python scripts, to antivirus-evading penetration testing malware, to interrogating the Windows Registry and investigating other forensic artifacts...O'Connor masterfully walks the reader from basic to advanced penetration testing techniques with sample code throughout."--Ove Carroll, SANS Certified Instructor, Co-Author of SANS Forensics 408 - Windows In Depth "Violent Python is chalked full of practical examples and is for all security professionals. It covers the spectrum - knowledge for pen testers to forensic analysts, beginner to advanced and offensive to defensive tasks. If you are involved in information security and are looking for a Python book, this is an excellent source."--James Shewmaker, Security Analyst, Bluenotch Corporation "The best hackers know when to write their own tools. Violent Python is a very relevant collection of examples to seed your personal hacking toolbox. From offensive actions to digital forensics, this book has useful bits for everyone."--Raphael Mudge, Creator of Armitage

A lot of security folks have little to no development experience, complicating their jobs when they want to do something that's slightly different from what existing tools can do. Python provides a particularly useful tool for them because of its innate readability, support for multiple programming paradigms, and tremendous library of existing modules that can be adapted and connected to do new and interesting things. And for those of us with more extensive programming backgrounds in addition to our security skillsets, Python provides an excellent workbench for nearly any relevant task.

Violent Python does not pretend in any way to teach readers how to program. In fact, when kicking off the brief section introducing the language itself, it flat out refers to to the reader "as an experienced programmer" (p. 6). However, a motivated hacker with limited exposure to Python can still follow along and pick things up relatively quickly, as VP doesn't really use any particularly esoteric language features.

That said, it also does not necessarily require the reader to cover it linearly from page 1 to the end. The subtitle of the book, after all, calls it a "cookbook for hackers", and it handles its end of the bargain. VP does not go into great detail for these projects but illustrates how to accomplish them relatively simply, primarily as inspiration for the reader who can then use the ideas and code as building blocks for self-driven projects.

I rarely like getting technology books in electronic format, and so I have the paperback copy. Given the complete lack of diagrams in this book, however, it wouldn't matter as much in this case. The quality of the paper and printing seems relatively high; the papers have a smooth, creamy texture, and the book has wide margins that lend themselves very well to note taking and similar marginalia. While I'm not particularly a fan of the particular typeface used for code in the book, I didn't find it so distracting as to make it impossible to work. As has become sadly common these days, the book contains a number of typographical errors and I really wish the publisher had put it through one more review iteration to catch them.

Contents

Chapter 2, "Penetration Testing with Python", provides examples of how to perform a port scan (first using the socket API and then with nmap integration), brute forcing, using weaknesses in SSH key generation, injecting malicious IFRAMEs, interacting with Metasploit, and sending custom buffer overflow code over the network.

Chapter 3, "Forensic Investigations with Python", discusses analyzing the history of wireless access points in the Windows registry (including geolocation), investigation of the Recycle Bin, examining metadata in various document types, and using application artifacts like SQLite databases in Firefox and Skype or iTunes Mobile.

Chapter 4, "Network Traffic Analysis with Python", gets into better geolocation, packet parsing using dpkt and Scapy, KML generation, and analyzing various types of traffic like the LOIC DDOS tool, varying TTLs from spoofed port scans, and DNS fast-flux, and TCP sequence prediction. It also briefly covers generating packets to match IDS signatures.

Chapter 5, "Wireless Mayhem with Python", reviews mining WiFi traffic for personal information like payment cards and authentication credentials, analyzing 802.11 probes and beacons, intercepting and hijacking UAV command traffic, detecting Firesheep use, and manipulate Bluetooth networks.

Chapter 6, "Web Recon with Python", explains the Mechanize and BeautifulSoup libraries as well as using the Google and Twitter APIs, plus a small section on spear phishing.

Chapter 7, "Antivirus Evasion with Python", covers how to use Pyinstaller to obfuscate a Metasploit payload from antivirus as well as how to check your code automatically against AV scanners.

I'd been looking forward to this book for over a month so when it arrived last week I tented my hands like Mr. Burns. I finally finished chapter 1 and can officially declare this book to be awesome.

I was recommending it to a friend yesterday morning when he said "you didn't need the introduction to python chapter did you?" I started laughing and told him that in the "introduction" chapter you:

[+]Set up your development environment.
[+]Write and subsequently make several modifications to a vulnerability scanner.
[+]Write a password hash cracker and are then asked to go, on your own, to modify it to crack SHA512 hashes as well.
[+]Write a .zip file password cracker and then modify it so that it's multithreaded.

Any of those could have been final projects in a lot of books so that should give you an idea of how packed full of information this book is.

If you're python is limited (like mine) you'll be doing a decent amount of Google searches to look further into certain commands. If you're brand new to python I would zip through a free online course to get the basics of the language structure before you tackle this book.

While Violent Python is in the "We're going to do some cool stuff, keep up" style, I never once felt confused or frustrated. The code is clear, easy to understand and a quick trip to Google always filled in any gaps.

I usually wait until I'm finished with a book to review it but with this one that could take a while. I've found myself using the code in this book as building blocks for other similar ideas I have in my head so I've been building those before I move on. These modifications have helped me truly understand the topics presented rather than trying to knock out the book ASAP.

Check out the table of contents. If that looks like something you're interested in, do yourself a favor and grab the book.

Violent python is an introductory level book on python with a introductory look at security concepts in general. It is great for those who are new to the language and would like example use cases of simplistic security tools, but not for those who want to understand Python, deeply understand the security concepts covered, or using python for reliable tools.

Problems I had:

1.) This book is about python libraries and interacting with them and other programs. It is not about understanding the attack and implementing them in Python. Sure, some may be required for ease to the beginner when it comes to forensics, communicating with ssh, or integrating with other tools for complex protocols like SMB, but anything else is really not fair to those who may not be able to use the library, who have problems and need to understand why, or those who want to understand what is happening on a lower level. Examples:

1a.) Use ftplib for your ftp bruteforcer.
1b.) Use zipfile to crack zip archives.
1c.) Use os to send metasploit exploit code (your own 'conficker')/os to use msfpayload to bypass a/v.
1d.) Use smtplib to communicate with smtp (regardless of the functions being ironically similiar to the real commands).

The problem with this is it doesn't teach you how these libraries work. For example, one should show the person how to interact with FTP with the sockets library, what to send, what to look for, and then show them the easy libraries. As previosly stated, it also doesn't prepare them for issues (like programs that don't like complying with rfc standards).

2.) More exception handling. The socket code is not helpfully handled on all stages of attempted connection. Debugging why something isn't working for a beginner is going to be a nightmare especially later on for point 3. He talks about exception handling, but integrates it very loosely. This plays into many people's issues on other sites with the author's script quality. Good exception handling or even print statements should be covered if you're going to be teaching a new person and something breaks on them.

3.) Thread safety doesn't seem to be an issue that's handled. Because of the GIL (global interpreter lock) threads can not expand cores when using cython (the default python interpreter). This means that you have a thread limit on the process/core and this causes problems for speed and for thread handling when you start really using it. When doing a portscan or communicating to a server with threads, the host or port may go down, you may get blocked, etc. and the thread can die. It becomes a huge problem especially because it doesn't maintain state and doesn't resend a failed attempt. But violent python libraries strike again and you'll just integrate nmap scans for your portscans anyway.

------------------

Well, with the issues out of the way, let's talk about what this book does well. I do believe that the forensics sections of this book are good. The descriptions are more in-depth and I've always seen forensics as "what do I have in my toolbag", which makes sense when bringing in all of the thirdparty libraries for the forensics sections. Then it gets down to using scapy. Once he starts using scapy, everything is much more informative due to the level and quality of information. No longer are you using a library for....logging into an ftp server, but you start crafting and analyzing packets raw packets. This allows a much needed understanding of what is happening in the script and with the packets/network at the same time.

Product Details :
Paperback: 288 pages
Publisher: Syngress; 1 edition (November 22, 2012)
Language: English
ISBN-10: 1597499579
ISBN-13: 978-1597499576
Product Dimensions: 7.5 x 0.6 x 9.2 inches

More Details about Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers 1st edition

or

Download Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers 1st edition PDF Ebook

No comments:

Post a Comment