Book Image

Python Web Penetration Testing Cookbook

By : Benjamin May, Cameron Buchanan, Andrew Mabbitt, Dave Mound, Terry Ip
Book Image

Python Web Penetration Testing Cookbook

By: Benjamin May, Cameron Buchanan, Andrew Mabbitt, Dave Mound, Terry Ip

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Python Web Penetration Testing Cookbook
Benjamin May | Cameron Buchanan | Andrew Mabbitt | Dave Mound | Terry Ip
Jun, 2015 | 224 pages
No titles found
Table of Contents (16 chapters)
Python Web Penetration Testing Cookbook
Python Web Penetration Testing Cookbook
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Gathering Open Source Intelligence
Gathering Open Source Intelligence
Introduction
Gathering information using the Shodan API
Scripting a Google+ API search
Downloading profile pictures using the Google+ API
Harvesting additional results from the Google+ API using pagination
Getting screenshots of websites with QtWebKit
Screenshots based on a port list
Spidering websites
2
Enumeration
Enumeration
Introduction
Performing a ping sweep with Scapy
Scanning with Scapy
Checking username validity
Brute forcing usernames
Enumerating files
Brute forcing passwords
Generating e-mail addresses from names
Finding e-mail addresses from web pages
Finding comments in source code
3
Vulnerability Identification
Vulnerability Identification
Introduction
Automated URL-based Directory Traversal
Automated URL-based Cross-site scripting
Automated parameter-based Cross-site scripting
Automated fuzzing
jQuery checking
Header-based Cross-site scripting
Shellshock checking
4
SQL Injection
SQL Injection
Introduction
Checking jitter
Identifying URL-based SQLi
Exploiting Boolean SQLi
Exploiting Blind SQL Injection
Encoding payloads
5
Web Header Manipulation
Web Header Manipulation
Introduction
Testing HTTP methods
Fingerprinting servers through HTTP headers
Testing for insecure headers
Brute forcing login through the Authorization header
Testing for clickjacking vulnerabilities
Identifying alternative sites by spoofing user agents
Testing for insecure cookie flags
Session fixation through a cookie injection
6
Image Analysis and Manipulation
Image Analysis and Manipulation
Introduction
Hiding a message using LSB steganography
Extracting messages hidden in LSB
Hiding text in images
Extracting text from images
Enabling command and control using steganography
7
Encryption and Encoding
Encryption and Encoding
Introduction
Generating an MD5 hash
Generating an SHA 1/128/256 hash
Implementing SHA and MD5 hashes together
Implementing SHA in a real-world scenario
Generating a Bcrypt hash
Cracking an MD5 hash
Encoding with Base64
Encoding with ROT13
Cracking a substitution cipher
Cracking the Atbash cipher
Attacking one-time pad reuse
Predicting a linear congruential generator
Identifying hashes
8
Payloads and Shells
Payloads and Shells
Introduction
Extracting data through HTTP requests
Creating an HTTP C2
Creating an FTP C2
Creating an Twitter C2
Creating a simple Netcat shell
9
Reporting
Reporting
Introduction
Converting Nmap XML to CSV
Extracting links from a URL to Maltego
Extracting e-mails to Maltego
Parsing Sslscan into CSV
Generating graphs using plot.ly
Index
Index

Brute forcing passwords

Brute forcing may not be the most elegant of solutions, but it will automate what could be a potentially mundane task. Through the use of automation, you can get tasks completed much more quickly, or at least free yourself up to work on something else at the same time.

Getting ready

To be able to use this recipe, you will need a list of usernames that you wish to test and also a list of passwords. While this is not the true definition of brute forcing, it will lower the number of combinations that you will be testing.

Note

If you do not have a password list available, there are many available online, such as the top 10,000 most common passwords on GitHub here at https://github.com/neo/discourse_heroku/blob/master/lib/common_passwords/10k-common-passwords.txt.

How to do it…

The following code shows an example of how to implement this recipe:

#brute force passwords
import sys
import urllib
import urllib2

if len(sys.argv) !=3:
    print "usage: %s userlist passwordlist" %...
Previous Section
End of Section 8
Next Section