Book Image

Effective Python Penetration Testing

By : Rejah Rehim
Book Image

Effective Python Penetration Testing

By: Rejah Rehim

Overview of this book

Penetration testing is a practice of testing a computer system, network, or web application to find weaknesses in security that an attacker can exploit. Effective Python Penetration Testing will help you utilize your Python scripting skills to safeguard your networks from cyberattacks. We will begin by providing you with an overview of Python scripting and penetration testing. You will learn to analyze network traffic by writing Scapy scripts and will see how to fingerprint web applications with Python libraries such as ProxMon and Spynner. Moving on, you will find out how to write basic attack scripts, and will develop debugging and reverse engineering skills with Python libraries. Toward the end of the book, you will discover how to utilize cryptography toolkits in Python and how to automate Python tools and libraries.
Table of Contents (16 chapters)
Effective Python Penetration Testing
About the Author
About the Reviewer

Metasploit scripting with MSGRPC

Metasploit is an open-source project that provides public resources for developing, testing, and executing exploits. It can also be used to create security testing tools, exploit modules, and as a penetration testing framework.

Metasploit is written in Ruby and it does not support modules or scripts written in Python.

However, Metasploit does have a MSGRPC, Bidirectional RPC (Remote Procedure Call) interface using MSGPACK. The pymetasploit Python module helps to interact between Python and Metasploit's msgrpc.

So before scripting, we have to load msfconsole and start the msgrpc service. Next, let's start Metasploit and the MSGRPC interface. We could start MSGRPC with msfrpcd in Metasploit. Here are the full options for msfrpcd:

$ ./msfrpcd

The output is as follows:

To start MSGRPC with the password 123456:

$ ./msfrpcd -P 123456 -n -f 

Now that Metasploit's RPC interface is listening on port 55553. We can proceed to write our Python script.

Interacting with MSGRPC...