Using Dictionaries in Python
#using dictionaries in python
month_conversions = {
"jan" : "january",
"feb" : "feburary",
"mar" : "march",
}
print(month_conversions["feb"])
February 06, 2019 Davinder
#using dictionaries in python
month_conversions = {
"jan" : "january",
"feb" : "feburary",
"mar" : "march",
}
print(month_conversions["feb"])
code / conversion / dictionaries / month / pyth / python
February 06, 2019 Davinder
#advanced calculator
num1 = float(input("Enter your first number: "))
op = input("Enter the operator: ")
num2 = float(input("Enter the second number : "))
if op == "+":
print(num1 + num2)
elif op == "-":
print(num1 - num2)
elif op == "/":
print(num1 / num2)
elif op == "*":
print(num1 * num2)
else:
print("Invalid Operator")
advanced / all / calculator / code / easy / python / screenshots / with
February 06, 2019 Davinder
def max(num1, num2, num3):
if num1 >=num2 and num1 >=num3:
return num1
elif num2 >= num1 and num2 >=num3:
return num2
else:
return num3
print (max(7,9,2))
January 26, 2019 Davinder
Most of the people who are new to Linux are confused about directories and File structure on Linux. When you boot any Linux distribution ‘root partition’ is mounted at /. Every files and folder are mounted under /. You don’t find any drive name like (C, D) etc in Linux(if it is not dual booted). Moreover In Linux, program are located in different directories. For examples less command is located under /usr/bin directory. Therefore the directory structure of Linux/Unix is intimidating especially for the users who have migrated from windows.
In windows almost all the program files are installed in ‘program file” by default unless user specify the specific directory. In Linux directory system are categories on the basis of structure of program. For example configuration files are in /etc, all binary files are in /bin or /usr/bin or /usr/local/bin and so on.
\\Folder\\subfolder\\file.txt
1 | /Folder/subfolder/file.txt |
The basic difference is:
Linux/Unix always use forward slash to denote filesystem hierarchy whereas windows use backslash.
/bin:
/dev:
/etc
/home
/sbin
/usr
/usr/bin : Contains executable files for many Linux commands. It is not part of the core Linux operating system.
/usr/include : Contains header files for C and C++ programming languages
/usr/lib : Contains libraries for C and C++ programming languages.
/usr/local : Contains local files. It has a similar directories as /usr contains.
/usr/sbin : Contains administrative commands.
/usr/share : Contains files that are shared, like, default configuration files, images, documentation, etc.
/usr/src : Contains the source code for the Linux kernel.
/var
Includes user specific files such as mail message, database of installed programs, log files etc.
/var/cache: Storage area for cached data for applications.
/var/lib: Contains information related to the current state of applications. Programs modify this when they run.
/var/lock: Contains lock files which are checked by applications so that a resource can be used by one application only.
/var/log: Contains log files for different applications.
/var/mail: Contains users emails.
/var/opt: Contains variable data for packages stored in /opt directory.
/var/run: Contains data describing the system since it was booted.
/var/spool: Contains data that is waiting for some kind of processing.
/var/tmp: Contains temporary files preserved between system reboots
/tmp
/mnt
/proc
/lib
/opt
/root
/boot
January 26, 2019 Davinder
When you’re running a complex penetration test with a lot of targets, keeping
track of everything can be a challenge. Luckily, Metasploit has you covered
with expansive support for multiple database systems.
To ensure that database support is available for your system, you should
first decide which database system you want to run. Metasploit supports
MySQL and PostgreSQL; because PostgreSQL is the default, we’ll stick with
it in this discussion.
To start export the result >>
Use keywords -oX (mean output in XML)
This will create a XML file with name ResultNmap.XML
January 26, 2019 Davinder
nmap has a quite a few options, but you’ll use just a few of them for the most part.
One of our preferred nmap options is -sS. This runs a stealth TCP scan
that determines whether a specific TCP-based port is open. Another preferred option is -Pn, which tells nmap not to use ping to determine whether a system is running; instead, it considers all hosts “alive.” If you’re performing Internet based penetration tests, you should use this flag, because most networks don’t allow Internet Control Message Protocol (ICMP), which is the protocol that ping uses. If you’re performing this scan internally, you can probably ignore this flag.
Now let’s run a quick nmap scan against our target machine using
both the -sS and -Pn flags.
As you can see, nmap reports a list of open ports, along with a description
of the associated service for each.
For more detail, try using the -A flag. This option will attempt advanced
service enumeration and banner grabbing, which may give you even more
details about the target system. For example, here’s what we’d see if we were
to call nmap with the -sS and -A flags, using our same target system:
January 26, 2019 Davinder
The ftp/anonymous scanner will scan a range of IP addresses searching for FTP servers that allow anonymous access and determines where read or write permissions are allowed.
msf > use auxiliary/scanner/ftp/anonymous
msf auxiliary(anonymous) > show options
Module options:
Name Current Setting Required Description
---- --------------- -------- -----------
FTPPASS mozilla@example.com no The password for the specified username
FTPUSER anonymous no The username to authenticate as
RHOSTS yes The target address range or CIDR identifier
RPORT 21 yes The target port
THREADS 1 yes The number of concurrent threads
Configuring the module is a simple matter of setting the IP range we wish to scan along with the number of concurrent threads and let it run.
msf auxiliary(anonymous) > set RHOSTS 192.168.1.200-254
RHOSTS => 192.168.1.200-254
msf auxiliary(anonymous) > set THREADS 55
THREADS => 55
msf auxiliary(anonymous) > run
[*] 192.168.1.222:21 Anonymous READ (220 mailman FTP server (Version wu-2.6.2-5) ready.)
[*] 192.168.1.205:21 Anonymous READ (220 oracle2 Microsoft FTP Service (Version 5.0).)
[*] 192.168.1.215:21 Anonymous READ (220 (vsFTPd 1.1.3))
[*] 192.168.1.203:21 Anonymous READ/WRITE (220 Microsoft FTP Service)
[*] 192.168.1.227:21 Anonymous READ (220 srv2 Microsoft FTP Service (Version 5.0).)
[*] 192.168.1.204:21 Anonymous READ/WRITE (220 Microsoft FTP Service)
[*] Scanned 27 of 55 hosts (049% complete)
[*] Scanned 51 of 55 hosts (092% complete)
[*] Scanned 52 of 55 hosts (094% complete)
[*] Scanned 53 of 55 hosts (096% complete)
[*] Scanned 54 of 55 hosts (098% complete)
[*] Scanned 55 of 55 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(anonymous) >
The ftp_login auxiliary module will scan a range of IP addresses attempting to log in to FTP servers.
msf > use auxiliary/scanner/ftp/ftp_login
msf auxiliary(ftp_login) > show options
Module options (auxiliary/scanner/ftp/ftp_login):
Name Current Setting Required Description
---- --------------- -------- -----------
BLANK_PASSWORDS false no Try blank passwords for all users
BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5
DB_ALL_CREDS false no Try each user/password couple stored in the current database
DB_ALL_PASS false no Add all passwords in the current database to the list
DB_ALL_USERS false no Add all users in the current database to the list
PASSWORD no A specific password to authenticate with
PASS_FILE /usr/share/wordlists/fasttrack.txt no File containing passwords, one per line
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
RECORD_GUEST false no Record anonymous/guest logins to the database
RHOSTS yes The target address range or CIDR identifier
RPORT 21 yes The target port (TCP)
STOP_ON_SUCCESS false yes Stop guessing when a credential works for a host
THREADS 1 yes The number of concurrent threads
USERNAME no A specific username to authenticate as
USERPASS_FILE no File containing users and passwords separated by space, one pair per line
USER_AS_PASS false no Try the username as the password for all users
USER_FILE no File containing usernames, one per line
VERBOSE true yes Whether to print output for all attempts
This module can take both wordlists and user-specified credentials in order to attempt to login.
msf auxiliary(ftp_login) > set RHOSTS 192.168.69.50-254
RHOSTS => 192.168.69.50-254
msf auxiliary(ftp_login) > set THREADS 205
THREADS => 205
msf auxiliary(ftp_login) > set USERNAME msfadmin
USERNAME => msfadmin
msf auxiliary(ftp_login) > set PASSWORD msfadmin
PASSWORD => msfadmin
msf auxiliary(ftp_login) > set VERBOSE false
VERBOSE => false
msf auxiliary(ftp_login) > run
[*] 192.168.69.51:21 - Starting FTP login sweep
[*] 192.168.69.50:21 - Starting FTP login sweep
[*] 192.168.69.52:21 - Starting FTP login sweep
...snip...
[*] Scanned 082 of 205 hosts (040% complete)
[*] 192.168.69.135:21 - FTP Banner: '220 ProFTPD 1.3.1 Server (Debian) [::ffff:192.168.69.135]\x0d\x0a'
[*] Scanned 204 of 205 hosts (099% complete)
[+] 192.168.69.135:21 - Successful FTP login for 'msfadmin':'msfadmin'
[*] 192.168.69.135:21 - User 'msfadmin' has READ/WRITE access
[*] Scanned 205 of 205 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(ftp_login) >
As we can see, the scanner successfully logged in to one of our targets with the provided credentials.
The ftp_version module simply scans a range of IP addresses and determines the version of any FTP servers that are running.
msf > use auxiliary/scanner/ftp/ftp_version
msf auxiliary(ftp_version) > show options
Module options:
Name Current Setting Required Description
---- --------------- -------- -----------
FTPPASS mozilla@example.com no The password for the specified username
FTPUSER anonymous no The username to authenticate as
RHOSTS yes The target address range or CIDR identifier
RPORT 21 yes The target port
THREADS 1 yes The number of concurrent threads
To setup the module, we just set our RHOSTS and THREADS values and let it run.
msf auxiliary(ftp_version) > set RHOSTS 192.168.1.200-254
RHOSTS => 192.168.1.200-254
msf auxiliary(ftp_version) > set THREADS 55
THREADS => 55
msf auxiliary(ftp_version) > run
[*] 192.168.1.205:21 FTP Banner: '220 oracle2 Microsoft FTP Service (Version 5.0).\x0d\x0a'
[*] 192.168.1.204:21 FTP Banner: '220 Microsoft FTP Service\x0d\x0a'
[*] 192.168.1.203:21 FTP Banner: '220 Microsoft FTP Service\x0d\x0a'
[*] 192.168.1.206:21 FTP Banner: '220 oracle2 Microsoft FTP Service (Version 5.0).\x0d\x0a'
[*] 192.168.1.216:21 FTP Banner: '220 (vsFTPd 2.0.1)\x0d\x0a'
[*] 192.168.1.211:21 FTP Banner: '220 (vsFTPd 2.0.5)\x0d\x0a'
[*] 192.168.1.215:21 FTP Banner: '220 (vsFTPd 1.1.3)\x0d\x0a'
[*] 192.168.1.222:21 FTP Banner: '220 mailman FTP server (Version wu-2.6.2-5) ready.\x0d\x0a'
[*] 192.168.1.227:21 FTP Banner: '220 srv2 Microsoft FTP Service (Version 5.0).\x0d\x0a'
[*] 192.168.1.249:21 FTP Banner: '220 ProFTPD 1.3.3a Server (Debian) [::ffff:192.168.1.249]\x0d\x0a'
[*] Scanned 28 of 55 hosts (050% complete)
[*] 192.168.1.217:21 FTP Banner: '220 ftp3 FTP server (Version wu-2.6.0(1) Mon Feb 28 10:30:36 EST 2000) ready.\x0d\x0a'
[*] Scanned 51 of 55 hosts (092% complete)
[*] Scanned 52 of 55 hosts (094% complete)
[*] Scanned 53 of 55 hosts (096% complete)
[*] Scanned 55 of 55 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(ftp_version) >
January 25, 2019 Davinder