Book Image

Python for Offensive PenTest

By : Hussam Khrais
Book Image

Python for Offensive PenTest

By: Hussam Khrais

Overview of this book

Python is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script. This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment. By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch.
Table of Contents (13 chapters)
Title Page
Copyright and Credits
Packt Upsell

Hybrid encryption key

At this point, you should be able to code and implement both the RSA asymmetric and the AES symmetric encryption, and integrate both of them over our TCP shell. So, now, we will implement a hybrid way to take advantage of both the algorithms. So let's quickly recap. The client will hold its own private key, and the server or the Kali machine will hold the target's public key. Once the TCP connection is started, the Kali machine will generate a random AES key and we will securely send this key to the target side. The reason that I say securely is because the transfer will happen via encryption or via encrypting the random AES key with a target's public key. Once the target gets that message, it will decrypt it using the target private key and extract the AES key back to clear text. At this point, both the Kali and the target machines have the same random generated AES keys which can, and will, be used for AES encryption. Now, the AES encryption at this point will be...