Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers Read Online Free PDF Page A

items in the list contain all the following command line arguments. Thus, if we are only passing one additional argument, sys.argv should contain two items.
     import sys
     if len(sys.argv)==2:
       filename = sys.argv[1]
       print “[+] Reading Vulnerabilities From: “+filename
    Running our code snippet, we see that the code successfully parses the command line argument and prints it to the screen. Take the time to examine the entire sys module for the wealth of capabilities it provides to the programmer.
     programmer$ python vuln-scanner.py vuln-banners.txt
     [+] Reading Vulnerabilities From: vuln-banners.txt
    OS Module
    The built-in OS module provides a wealth of OS routines for Mac, NT, or Posix operating systems. This module allows the program to independently interact with the OS environment, file-system, user database, and permissions. Consider, for example, the last section, where the user passed the name of a text file as a command line argument. It might prove valuable to check to see if that file exists and the current user has read permissions to that file. If either condition fails, it would be useful to display an appropriate error message to the user.
     import sys
     import os
     if len(sys.argv) == 2:
      filename = sys.argv[1]
      if not os.path.isfile(filename):
       print ‘[-] ‘ + filename + ‘ does not exist.’
       exit(0)
      if not os.access(filename, os.R_OK):
       print ‘[-] ‘ + filename + ‘ access denied.’
       exit(0)
      print ‘[+] Reading Vulnerabilities From: ‘ + filename
    To verify our code, we initially try to read a file that does not exist, which causes our script to print an error. Next, we create the specific filename andsuccessfully read it. Finally, we restrict permission and see that our script correctly prints the access-denied message.
     programmer$ python test.py vuln-banners.txt
     [-] vuln-banners.txt does not exist.
     programmer$ touch vuln-banners.txt
     programmer$ python test.py vuln-banners.txt
     [+] Reading Vulnerabilities From: vuln-banners.txt
     programmer$ chmod 000 vuln-banners.txt
     programmer$ python test.py vuln-banners.txt
     [-] vuln-banners.txt access denied.
    We can now reassemble all the various pieces and parts of our Python vulnerability-scanning script. Do not worry if it appears pseudo-complete, lacking the ability to use threads of execution or better command line option parsing. We will continue to build upon this script in the following chapter.
     Import socket
     import os
     import sys
     def retBanner(ip, port):
      try:
       socket.setdefaulttimeout(2)
       s = socket.socket()
       s.connect((ip, port))
       banner = s.recv(1024)
       return banner
      except:
       return
     def checkVulns(banner, filename):
      f = open(filename, ‘r’)
      for line in f.readlines():
       if line.strip(‘\n’) in banner:
        print ‘[+] Server is vulnerable: ‘ +\
         banner.strip(‘\n’)
     def main():
      if len(sys.argv) == 2:
       filename = sys.argv[1]
       if not os.path.isfile(filename):
        print ‘[-] ‘ + filename +\
         ‘ does not exist.’
        exit(0)
       if not os.access(filename, os.R_OK):
        print ‘[-] ‘ + filename +\
         ‘ access denied.’
        exit(0)
      else:
       print ‘[-] Usage: ‘ + str(sys.argv[0]) +\
        ‘ ’
       exit(0)
      portList = [21,22,25,80,110,443]
      for x in range(147, 150):
       ip = ‘192.168.95.’ + str(x)
       for port in portList:
        banner = retBanner(ip, port)
        if banner:
         print ‘[+] ‘ + ip + ‘: ‘ + banner
         checkVulns(banner, filename)
     if __name__ == ‘__main__’:
      main()

Your First Python Programs
    With an understanding how to build Python scripts, let us begin writing our first two programs. As we move forward, we will describe a few anecdotal stories that emphasize the need for our scripts.
    Setting