More notes.

30_raw_socket_struck_send.py

@@ -0,0 +1,18 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+import socket
+import struct
+
+rawSocket = socket.socket(socket.PF_PACKET, socket.SOCK_RAW, socket.htons(0x0800))
+
+#rawSocket.bind(("eth0", socket.htons(0x0800)))
+rawSocket.bind(("enp0s31f6", socket.htons(0x0800)))
+
+# layer 2 message, then data
+# src mac / dst mac / eth type
+inet_header = struct.pack("!6s6s2s", '\xaa\xaa\xaa\xaa\xaa\xaa', '\xbb\xbb\xbb\xbb\xbb\xbb','\x08\x00') # 14 bytes
+
+print len(inet_header)
+
+rawSocket.send(inet_header + "Anything")

31_scapy.py

@@ -0,0 +1,33 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+#import scapy
+from scapy.all import sniff
+
+# from intractive mode: conf, ls(), ls(IP)
+# note" conf.route.add(host="192.168.2.4", gw="192.168.2.5") / conf.route.resync() / etc...
+
+pkts = sniff(iface="enp0s31f6", count=5)
+
+print pkts[0]
+print pkts[0].show
+
+print hexdump(pkts[1])
+
+# wrpcap("test.pcap", pkts)  # write the packets into pcap file
+# read_pkts = rdpcap("test.pcap")  # read pcap
+# read_pkts[0]  # print pcap
+
+pkts_filtered = sniff(iface="enp0s31f6", filter="icmp", count=5) # BPS filters
+print pkts_filtered[1]
+
+pks_live = sniff(iface="enp0s31f6", filter="icmp", count=2, prn=lambda x: x.summary())
+
+
+# icmp_str = str(pkts[1])
+# recon = Ether(icmp_str)
+# print recon  # this is more for fun  / converting pkts to str and back using Ether
+
+# newPkt = export_object(icmp_str)  # packet into base64
+# import_object(newPkt)  # packet from base64
+# Ether(newPkt)  # and so on... :)

32_scapy_packet_injection.py

@@ -0,0 +1,32 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+#import scapy
+from scapy.all import Ether, IP, ICMP, TCP, sr, sr1
+
+pkt = IP(dst="gentoo.org")  # Simple packet creation
+#print pkt.show()
+
+pkt = IP(dst="gentoo.org")/ICMP()/"Not-Vivek was here"  # ICMP packet creation with message
+
+sr1(pkt)
+
+
+
+# More tricks / tips
+
+# sendp(Ether()/IP(dst="gentoo.org")/ICMP()/"any", iface="enp0s31f6", loop=1, inter=1) # Sending on layer 2 level, plus loop, but be carefule with that : ) + this is interactive command!
+
+
+# Layer 3 send and receive: sr() sr1()
+# Layer 2 send and receive: srp() srp1()
+
+#srp1(Ether()/IP(dst="gentoo.org", ttl=22)/ICMP/"any")
+
+#sr(IP(dst="gentoo.org", ttl=22)/ICMP()/"any")
+#response, no_response = _
+#print response[0]  # print answer
+
+
+#r1(IP(dst="gentoo.org"), timeout=4)
+

33_web_parsing_beautifulsoup.py

@@ -0,0 +1,44 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+import requests
+from bs4 import BeautifulSoup
+
+# GET with requests, then parse with BeautifulSoup
+r = requests.get("https://gentoo.org/")
+print r.content
+bt = BeautifulSoup(r.content, "lxml")  # It's recommended to use LXML, not the default html parser.
+print bt.title
+print bt.title.string
+
+
+# Find all metatags
+allMetaTags = bt.find_all('meta')
+print allMetaTags
+
+
+allMetaTags = bt.find_all('meta')
+print allMetaTags[2]
+
+#allMetaTags = bt.find_all('meta')
+#print allMetaTags[0]['content']  # Works in video, not here. wat?
+
+
+# Print all links from the site
+allLinks = bt.find_all('a')
+print len(allLinks) # How many links do we have?
+#print allLinks[1]
+print allLinks[4]['href']
+#print allLinks[1].string
+
+
+# Print all text output, could be great for password list generations
+print bt.get_text()
+
+
+#Print all links
+for link in allLinks:
+    print link['href']
+
+
+# print bt.meta.next.next.next.next.next.next  # Don't.

34_web_parsing_beautifulsoup_scraper.py

@@ -0,0 +1,22 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+import requests
+from bs4 import BeautifulSoup
+
+# GET with requests, then parse with BeautifulSoup
+#r = requests.get("https://gentoo.org/")
+#print r.content
+
+
+r = requests.get("http://securitytube.net/video/3000")
+
+bs = BeautifulSoup(r.content, "lxml")  # It's recommended to use LXML, not the default html parser.
+print bs.title
+
+videoLink = bs.find('iframe', {'title' : 'YouTube video player'})
+print videoLink
+print videoLink['src']
+
+# To Be Continued !
+

35_web_mechanize.py

@@ -0,0 +1,23 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+import mechanize
+
+br = mechanize.Browser()
+br.open('https://www.gentoo.org/donate')
+
+
+# Dump all forms from gentoo.org/donate
+for form in br.forms():
+    print form
+
+br.select_form(nr=0)  # 0 because of first form - it references to the first form.
+br.form['amount'] = 'thanks!'
+
+br.submit() # Done, submitted!
+# Better idea is to implement it with: https://searx.me/
+
+
+# Print list of links
+for link in br.links():
+    print link.url + ' : ' + link.text

36_web_mechanize_forms_click_links.py

@@ -0,0 +1,32 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+import mechanize
+
+# Note: mechanize takes care of cookies.
+
+br=mechanize.Browser()
+
+br.open('http://student.securitytube.net/login/index.php')
+
+for form in br.forms():
+    print form
+
+br.select_form(nr=0)
+
+br.form['username'] = 'demo-user'
+br.form['password'] = 'demouser1]M'  # It won't work ;)
+
+br.submit()
+print br.response().read
+
+for link in br.links():
+    print link.url + ' + ' + link.text
+
+# It's different url now, just for example:
+#new_link = br.click_link(text='moodle[IMG]Change Password')
+#br.open(new_link)
+#print br.response().read()
+
+#for form in br.forms():
+#    print form

37_immunity_debugger_simple.py

@@ -0,0 +1,25 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+# Place this file into PyCommands directory to use with Immunity Debugger.
+
+import immlib
+
+DESC = "This will be the Description in ID."
+
+def main(args):
+
+    imm = immlib.Debugger() # This is what we attach to.
+
+    imm.log("Write that into ID log window!")
+
+    imm.updateLog() # Any pending line will be printed immediately!
+
+
+    td = imm.createTable("Any name", ['PID', 'Name', 'Path', 'Services'])
+
+    psList = imm.ps()
+    for process in psList:
+        td.add(0, [ str(process[0], process[1], process[2], str(process[3]))])
+
+    return "Welcome to ID Scripting."