Book Image

Python for Offensive PenTest

By : Hussam Khrais
Book Image

Python for Offensive PenTest

By: Hussam Khrais

Overview of this book

Python is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script. This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment. By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch.
Table of Contents (13 chapters)
Title Page
Copyright and Credits
Packt Upsell

Firefox API hooking with Immunity Debugger

Firefox uses a function called PR_Write to write data into a TCP socket. This function is located inside a DLL module called nss3.dll. For this demonstration, we need to prepare a Twitter account. Once that account is created and you are logged in, sign out of the account and then log in again. Since we use LastPass, the login credentials will already have been entered by LastPass. Once we click on the Log in button, what will happen behind the scenes?

Behind the scenes, Firefox will load the nss3.dll library and call the PR_Write function to submit the data (login ID and password). Once Firefox performs these steps, we'll set up a breakpoint and intercept traffic. Let's start by installing theImmunity Debuggersoftware from The installation part is quite straightforward. Immunity Debugger will get the process ID of the browser process and attach a debugger to the PID in one shot. We just need to attach...