Book Image

Python for Offensive PenTest

By : Hussam Khrais
Book Image

Python for Offensive PenTest

By: Hussam Khrais

Overview of this book

Python is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script. This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment. By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch.
Table of Contents (13 chapters)
Title Page
Copyright and Credits
Packt Upsell
Contributors
Preface
Index

Man in the browser


In this section, we will discuss a new method. As you may already know, all browsers offer to save your username and password when you submit the data into a login page. The next time you visit the same login page, you will see that your username and password are automatically filled in without typing a single letter. Also, there is dedicated third-party software such as LastPass, that can do the same job for you. The point here is that, if the target is using this method to log in, then neither the keylogger nor the clipboard methods will work.

Let's take a quick look. We'll be using the LastPass plugin on the Firefox browser. Open the browser here and go to the Gmail account. We will use the previous clipboard script before logging into the Gmail account:

# Python For Offensive PenTest

# Download Link https://pypi.python.org/pypi/pyperclip/1.5.11

# Clipboard Hijacking


import pyperclip
import time

list = [] # we create a list which will store the clipboard content...