Book Image

Learning Penetration Testing with Python

By : Christopher Duffy
Book Image

Learning Penetration Testing with Python

By: Christopher Duffy

Overview of this book

Table of Contents (19 chapters)
Learning Penetration Testing with Python
Credits
Disclaimer
About the Author
Acknowlegements
About the Reviewers
www.PacktPub.com
Preface
Index

Automating the exploit train with Python


This exploit train is relatively simple, but we can automate a portion of this with the Metasploit Remote Procedure Call (MSFRPC). This script will use the nmap library to scan for active ports of 445, then generate a list of targets to test using a username and password passed via argument to the script. The script will use the same smb_enumusers_domain module to identify boxes that have the credentials reused and other viable users logged into them. First, we need to install SpiderLabs msfrpc library for Python. This library can be found at https://github.com/SpiderLabs/msfrpc.git.

Note

A github repository for the book can be found at https://github.com/funkandwagnalls/pythonpentest and within it is a setup file that can be run to install all the necessary packages, libraries, and resources.

The script we are creating uses the netifaces library to identify which interface IP addresses belong to your host. It then scans for port 445 the SMB port on...