Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "User:Rorschach"

From NetSec
Jump to: navigation, search
(Undo revision 10766 by JtRIPper (talk))
 
(9 intermediate revisions by 2 users not shown)
Line 1: Line 1:
I am a self-taught programmer, I've been coding for several years now and am decently good at it. I code mainly in C/C++ and Python but know several other languages as well. My current project is a C++ fuzzer, if you're interested in the code or want to contribute ping me on IRC under rorschach. I hate talking about myself, so if you want to know more hit me up on IRC.
+
I am a self-taught programmer, I've been coding for several years now and am decently good at it. I code mainly in C/C++ and Python but know several other languages as well. My current project is a Python fuzzing library, if you're interested in helping, please hit me up on IRC! I hate talking about myself, so if you want to know more hit me up on IRC.
 +
 
 +
Contributions:
 +
* [[Arp_poisoning_with_scapy|ARP Poisoning With Scapy]]
 +
* [[User:Rorschach/Python|Python Talk]]
  
 
rorschach
 
rorschach
 
Python class logs:
 
 
<pre>
 
02:00 < rorschach> ok
 
02:00 < rorschach> here goes nothing
 
02:01 < rorschach> so if you want to run python there's two ways to do it
 
02:01 < rorschach> you can run straight into an interpreter
 
02:01 < rorschach> like so
 
02:01 < rorschach> rorschach@bastille:~$ python
 
02:01 < rorschach> Python 2.6.6 (r266:84292, Dec 26 2010, 22:31:48)
 
02:01 < rorschach> [GCC 4.4.5] on linux2
 
02:01 < rorschach> Type "help", "copyright", "credits" or "license" for more information.
 
02:01 < rorschach> >>> print "test"
 
02:01 < rorschach> test
 
02:01 < rorschach> >>>
 
02:01 < rorschach> or you can input a python file
 
02:02 < rorschach> rorschach@bastille:~$ cat test.py
 
02:02 < rorschach> print "test"
 
02:02 < rorschach> rorschach@bastille:~$ python test.py
 
02:02 < rorschach> test
 
02:02 < rorschach> rorschach@bastille:~$
 
02:02 < rorschach> I find directly into the interpreter handy for testing code or a quick calculator
 
02:03 -!- ctOph13 [[email protected]] has left #CSIII []
 
02:03 -!- ctOph13 [[email protected]] has joined #CSIII
 
02:03 < rorschach> to print in python < 3.0 you use 'print "string"'
 
02:03 < rorschach> in 3.0 < you use print("string")
 
02:03 < rorschach> to declare variables you
 
02:03 < rorschach> variable_name = ""
 
02:04 < rorschach> you don't state the variable type, and you can dynamically change them
 
02:04 < rorschach> >>> test = "test"
 
02:04 < rorschach> >>> test = 1
 
02:04 < rorschach> >>> print test
 
02:04 < rorschach> 1
 
02:04 < rorschach> >>>
 
02:04 < rorschach> python is reliant on whitespace
 
02:05 < rorschach> so instead of braces like in C, you use indentation (or spacing, it doesn't matter as long as it stays the same)
 
02:05 < rorschach> so an example of a conditional:
 
02:05 < rorschach> >>> if "test" == "test":
 
02:05 < rorschach> ...  print "test"
 
02:05 < rorschach> ... else:
 
02:05 < rorschach> ...  print "no"
 
02:05 < rorschach> ...
 
02:05 < rorschach> test
 
02:05 < rorschach> >>>
 
02:06 < rorschach> (the "..." are added by the interpreter)
 
02:06 < ktbonefish> 4 spaces = 1 tab, 1 tab = 1 whitespace generally?
 
02:06 < rorschach> no
 
02:06 < rorschach> whitespace could be 1 space
 
02:06 < rorschach> or it could be 3 tabs
 
02:07 < rorschach> it doesn't matter as long as in that block it remains the same
 
02:07 < ktbonefish> gotcha
 
02:07 < rorschach> example for good measure
 
02:07 < rorschach> >>> if "test" == "test":
 
02:07 < rorschach> ...    print "test"
 
02:07 < rorschach> ... else:
 
02:07 < rorschach> ...  print "no"
 
02:07 < rorschach> ...
 
02:07 < rorschach> test
 
02:07 < rorschach> >>>
 
02:07 < rorschach> a while loop would look like:
 
02:07 < rorschach> while a < 10:
 
02:08 < rorschach> so basically just like in C
 
02:08 < rorschach> you can even put () around the statements if that floats your boat
 
02:08 < rorschach> while (a < 10):
 
02:08 <@p00pi3> which do you primarily use, 2.7? or 3.0? i know they're different, and not many devs seem to like 3.0
 
02:08 < rorschach> is valid
 
02:08 < rorschach> I use < 3
 
02:08 < rorschach> just depends on what the distro comes with
 
02:09 < rorschach> I actually usually
 
02:09 < rorschach> mv /usr/bin/python /usr/bin/python3; ln -s /usr/bin/python27 /usr/bin/python
 
02:09 < rorschach> on a new install if it comes with python3 by default
 
02:09 < rorschach> a for loop is where it gets interesting
 
02:10 < rorschach> you would
 
02:10 < rorschach> (here's an example)
 
02:11 < rorschach> >>> # to iterate over a list with a for loop:
 
02:11 < rorschach> ...
 
02:11 < rorschach> >>> list_a = ("123", "abc", "456", "def")
 
02:11 < rorschach> >>> for a in list_a:
 
02:11 < rorschach> ...  print a
 
02:11 < rorschach> ...
 
02:11 < rorschach> 123
 
02:11 < rorschach> abc
 
02:11 < rorschach> 456
 
02:11 < rorschach> def
 
02:11 < rorschach> >>>
 
02:11 < rorschach> actually that's a tuple, but the point remains
 
02:12 < rorschach> if you want to declare a tuple or list you would:
 
02:12 < rorschach> >>> tuple_a = ()
 
02:12 < rorschach> >>> list_b = []
 
02:12 < rorschach> >>>
 
02:12 < rorschach> an empty one that is
 
02:12 -!- dem [[email protected]] has joined #CSIII
 
02:12 < ktbonefish> what is a tuple compared to a list?
 
02:12 < rorschach> you can declare them like I did above if you want (probably preferred)
 
02:12 < rorschach> umm
 
02:13 < rorschach> I think a tuple is an unordered list? but don't take my word for it
 
02:13 < rorschach> I'm not totally sure
 
02:13 < rorschach> (if someone does know, please jump in)
 
02:13 < ctOph13> http://tinyurl.com/tuplevslist
 
02:14 < rorschach> http://news.e-scribe.com/397
 
02:14 < ctOph13> pretty good description there
 
02:14 < rorschach> python also has dictionaries
 
02:14 < rorschach> which is a key:value set
 
02:15 < rorschach> example:
 
02:15 < rorschach> >>> dictionary_a = {"123":1, "abc":2, 3:"567"}
 
02:15 < rorschach> >>> print dictionary_a['123']
 
02:15 < rorschach> 1
 
02:15 < rorschach> >>> print dictionary_a[1]
 
02:15 < rorschach> Traceback (most recent call last): File "<stdin>", line 1, in <module>
 
02:15 < rorschach> KeyError: 1
 
02:15 < rorschach> >>> print dictionary_a['abc']
 
02:15 < rorschach> 2
 
02:15 < rorschach> >>>
 
02:16 < rorschach> note that trying to access the value like that triggers an error
 
02:16 < rorschach> do dictionaries make sense?
 
02:16 < ctOph13> do you need to use double quotes when declaring, and single quotes when accessing?
 
02:17 < rorschach> umm
 
02:17 < rorschach> pretty sure it doesn't matter
 
02:17 < ktbonefish> ^
 
02:17 < ctOph13> k
 
02:17 < rorschach> double quotes is probably better form though
 
02:17 < rorschach> >>> print dictionary_a['abc']
 
02:17 < rorschach> 2
 
02:17 < rorschach> >>> print dictionary_a["abc"]
 
02:17 < rorschach> 2
 
02:17 < rorschach> >>>
 
02:17 < rorschach> python don't give a shit
 
02:17 < rorschach> :3
 
02:17 < ctOph13> haha, cool
 
02:17 < rorschach> ok
 
02:17 < ktbonefish> what about quotes within quotes
 
02:17 < ktbonefish> isn't it single has to be outside?
 
02:17 < rorschach> for that
 
02:17 < rorschach> you could do single quotes (which is easier)
 
02:18 -!- Sparkles [[email protected]] has quit [client exited: :3]
 
02:18 < rorschach> or you can \"
 
02:18 < rorschach> escape the quote
 
02:18 < rorschach> single quotes makes it easier to read though
 
02:18 < ktbonefish> k
 
02:18 < rorschach> in the for loop example, you may have noticed the "in" operator
 
02:19 < rorschach> in a for loop
 
02:19 < rorschach> that will iterate through a list / tuple
 
02:19 < rorschach> and assign each value to that variable specified
 
02:19 < rorschach> so in:
 
02:19 < rorschach> for a in tuple_a:
 
02:20 < rorschach> each time it iterates a will contain the value of the element
 
02:20 < rorschach> that probably doesn't make sense
 
02:20 < rorschach> but look at the example of a for loop from above
 
02:20 < rorschach> in an if statement
 
02:20 < ctOph13> makes sense, kinda like for each statements
 
02:20 < rorschach> you can find a substring or an element
 
02:20 < rorschach> yeah basically ctOph13
 
02:21 < rorschach> so
 
02:21 < rorschach> >>> tuple_a = ("123", "abc", "456", "def")
 
02:21 < rorschach> >>> if "123" in tuple_a:
 
02:21 < rorschach> ...  print "\o/"
 
02:21 < rorschach> ...
 
02:21 < rorschach> \o/
 
02:21 < rorschach> >>> string_a = "blahblahtestblah"
 
02:21 < rorschach> >>> if "test" in string_a:
 
02:21 < rorschach> ...  print "\o/"
 
02:21 < rorschach> ...
 
02:21 < rorschach> \o/
 
02:21 < rorschach> >>>
 
02:21 < rorschach> get it?
 
02:22 < rorschach> it's a very handy operator once you get used to it
 
02:22 < rorschach> ok
 
02:22 < rorschach> string contatenation can be done with the + operator
 
02:23 < rorschach> you can also use += to append to the end
 
02:23 < rorschach> >>> string_a = "blahblahtestblah"
 
02:23 < rorschach> >>> string_a = "123" + string_a + "test"
 
02:23 < rorschach> >>> print string_a
 
02:23 < rorschach> 123blahblahtestblahtest
 
02:23 < rorschach> >>> string_a += "567"
 
02:23 < rorschach> >>> print string_a
 
02:23 < rorschach> 123blahblahtestblahtest567
 
02:23 < rorschach> >>>
 
02:24 < rorschach> if you want to add an int to a string
 
02:24 < rorschach> wrap it with str() before you do so
 
02:24 -!- bacq [[email protected]] has quit [Ping timeout]
 
02:24 < rorschach> >>> string_b = "abc"
 
02:24 < rorschach> >>> int_a = 1
 
02:24 < rorschach> >>> string_b += str(int_a)
 
02:24 < rorschach> >>> print string_b
 
02:24 < rorschach> abc1
 
02:24 < rorschach> >>>
 
02:25 < rorschach> to define a function in python
 
02:25 < rorschach> you use
 
02:25 < rorschach> def function_name(arg1, arg2):
 
02:25 < ktbonefish> question about int to string, can you pull a int out of a string and convert it to such easily?
 
02:25 < rorschach> (you don't have to specify a return type, either)
 
02:25 < rorschach> yes
 
02:26 < rorschach> >>> string_c = "1"
 
02:26 < rorschach> >>> int_a = int(string_c)
 
02:26 < rorschach> >>> print int_a
 
02:26 < rorschach> 1
 
02:26 < rorschach> >>>
 
02:26 < ktbonefish> gotcha
 
02:26 <@mutiny> How does python handle regular expressions?
 
02:26 < rorschach> import re
 
02:26 < rorschach> re.compile("regular_expression")
 
02:26 < mike> you have to important them? @_@
 
02:26 < rorschach> http://docs.python.org/library/re.html
 
02:26 < rorschach> yeah
 
02:27 < rorschach> import is the equivalent of an #include in c
 
02:27 < rorschach> for those who don't know
 
02:27 < mike> i don't use c
 
02:27 < mike> :)
 
02:27 < rorschach> :3
 
02:27 < rorschach> what do you use?
 
02:27 < mike> perl.
 
02:28 < rorschach> erm
 
02:28 < rorschach> one sec
 
02:28 <@mutiny> Perl's engine has regex built in.
 
02:28 < mike> yes.
 
02:28 < mike> exactly.
 
02:28 <@mutiny> mike: A lot of languages didn't have support for regex at first, and were later added into the engine
 
02:28 <@mutiny> Anyways, that's off track :3
 
02:28 < rorschach> it's like using
 
02:28 < rorschach> mike
 
02:29 < rorschach> I believe
 
02:29 < rorschach> I can't remember what the actually terminology would be
 
02:29 < rorschach> :3
 
02:29 < rorschach> err "use"
 
02:29 < rorschach> ok
 
02:29 < rorschach> classes
 
02:30 < mike> I would call that use.
 
02:30 < rorschach> let me write a quick class
 
02:30 <@mutiny> pastebin that code, for ease of use :3
 
02:30 <@mutiny> or put it on a wiki page or smth
 
02:30 < rorschach> yeah I will
 
02:30 < mike> like using a package/module?
 
02:30 < rorschach> yeah or a header file
 
02:33 < rorschach> http://pastie.org/private/sv4fspthmqu2mggelmw
 
02:33 < rorschach> every function in a class has to have the self variable pased to it
 
02:34 < rorschach> self contains all of the variables that you want to be accessed by any function in the class
 
02:34 < rorschach> but you have to set that variable in self like I did in the class
 
02:34 < mike> what's a class?
 
02:35 < rorschach> god dammit
 
02:35 < rorschach> :3
 
02:35 < rorschach> hold on
 
02:35 < mike> D: did I miss something
 
02:35 < rorschach> no
 
02:35 < rorschach> I can't think of a good explanation
 
02:35 <@mutiny> He's probably looking up the perl equivalent
 
02:35 < rorschach> hold on
 
02:35 < mike> It looks like a really complicated array the way you have it set up
 
02:36 < rorschach> http://en.wikipedia.org/wiki/Class_%28computer_programming%29
 
02:36 < rorschach> basically
 
02:36 < rorschach> fuck
 
02:36 < rorschach> I can't explain it
 
02:36 < rorschach> :3
 
02:36 < rorschach> just read the wikipedia article
 
02:37 <@mutiny> a class is an object
 
02:37 <@mutiny> that's the tl'dr
 
02:37 < rorschach> yeah
 
02:37 < rorschach> :3
 
02:37 < ctOph13> ^
 
02:37 < rorschach> is everyone following so far?
 
02:37 < ctOph13> yup
 
02:37 < corvus> yes
 
02:37 < mike> it's an object that does what
 
02:37 < mike> like hashes blew my mind at first
 
02:38 < mike> What circumstance would you use a class?
 
02:38 <@mutiny> If you don't know what an object is or why they are useful, we may arrange a class specifically to discuss OOP
 
02:38 < rorschach> do you need anymore explanation on syntax?
 
02:38 < rorschach> anyone?
 
02:38 < ctOph13> no looks good
 
02:38 < rorschach> mike
 
02:38 < rorschach> a class basically contains functions that are only accessible by an instance of that class
 
02:38 < rorschach> in this case
 
02:38 < rorschach> inst
 
02:39 < rorschach> it helps keep the code simple and organized
 
02:39 < mike> sort of like a subroutine?
 
02:39 < rorschach> you don't have to pass around shit tons of variables
 
02:39 < ctOph13> Lets see if I can kind of explain it
 
02:39 < ctOph13> Lets say you have a kitchen program
 
02:39 < rorschach> since they are all contained in a variable called self that is passed to each function in the class automatically
 
02:39 < ctOph13> in the kitchen you have stuff, like a microwave, a fridge, a stove, etc
 
02:39 < rorschach> mike: a subroutine is a function
 
02:40 < rorschach> :3
 
02:40 < ctOph13> each object would be a class, so like a microwave class, a fridge class, etc
 
02:40 < mike> so cascading it would be outside a subroutine
 
02:40 < ctOph13> because those things have their own properties (size, color, etc) you write them as their own seperate class or object. they can also perform routines/functions/methods
 
02:41 < mike> so if you had like a button that you wanted to do things independently
 
02:41 < mike> you'd give it a class
 
02:41 < ctOph13> right
 
02:41 < mike> understood.
 
02:41 < ctOph13> a button has a size, color, text
 
02:41 < rorschach> but a class can be for anything
 
02:41 < ctOph13> ^
 
02:42 < rorschach> I am writing a fuzzer
 
02:42 < rorschach> and I wrote a class for it
 
02:42 < rorschach> that holds all of the functions the fuzzer would need
 
02:42 < rorschach> all of the variables, etc
 
02:42 < rorschach> which simplifies passing around a shit load of variables to every function that it might not need
 
02:43 -!- raxen [[email protected]] has joined #CSIII
 
02:43 < rorschach> so within the fuzz class
 
02:43 < rorschach> there are functions for socket fuzzing
 
02:43 < rorschach> or debugging
 
02:43 < rorschach> whatever
 
02:43 < rorschach> that I can call when I need to
 
02:43 < rorschach> make sense, kinda?
 
02:43 < mike> but it won't touch the functions unless the class is called
 
02:43 < mike> saves effort
 
02:43 < rorschach> (OOP took me a while though)
 
02:43 < rorschach> yeah basically
 
02:44 < rorschach> ok so now the fun stuff
 
02:44 < mike> what are big languages that aren't object oriented?
 
02:44 < rorschach> umm
 
02:44 < rorschach> C
 
02:44 < mike> I thought
 
02:44 < mike> okay nevermind
 
02:44 < rorschach> C++ is object oriented, but C isn't
 
02:44 < mike> thanks lol
 
02:44 < mike> oooo kay
 
02:44 < mike> got it
 
02:44 < rorschach> np
 
02:44 < rorschach> other than that, I can't think of any
 
02:44 < rorschach> is PHP OOP?
 
02:44 < raxen> assembly.
 
02:45 < mike> lol assembly
 
02:45 < raxen> that is assembly isn't oop as well.
 
02:45 < rorschach> assembly
 
02:45 <@mutiny> I think most modern languages support OOP, though you always can choose not to use it :3
 
02:45 < rorschach> there you go
 
02:45 < mike> mutiny: that's what I was thinking.
 
02:45 < rorschach> I just barely started using classes
 
02:45 < rorschach> and most people call me a masochist because of it
 
02:45 < rorschach> :3
 
02:46 < ctOph13> haha
 
02:46 < rorschach> I also usually code in pure c
 
02:46 < rorschach> which also contributes to that title.
 
02:46 < rorschach> anywho
 
02:46 < rorschach> so there are some good packet capture libraries in python
 
02:46 < rorschach> they have libpcap for python
 
02:46 < rorschach> but you can also use scapy
 
02:47 < rorschach> which can basically do anything
 
02:47 < rorschach> here's a script that uses scapy for packet capture that I wrote a while back
 
02:48 < rorschach> http://pastebin.com/G0VydTHG
 
02:48 < rorschach> you'll see on line 157
 
02:48 < rorschach> the sniff() function
 
02:48 < rorschach> basically
 
02:49 < rorschach> sniff(prn=lambda pkt:takedownParse(pkt, ips), store=0)
 
02:49 < rorschach> it tells sniff not to store any packets
 
02:49 < rorschach> but everytime it receives one
 
02:49 < rorschach> to call takedownParse()
 
02:49 < rorschach> and prn= lambda pkt:
 
02:49 < rorschach> tells it that the packet is called pkt, so you can call you function and pass the argument
 
02:49 < rorschach> which is pretty simple
 
02:50 < rorschach> I wrote an icmp chat client with scapy as well
 
02:50 < rorschach> https://github.com/v0rbis-dev/ICMP-Chat
 
02:51 < rorschach> (this uses a class, too)
 
02:51 < rorschach> receive_message() on line 130 is sniffing
 
02:52 < rorschach> send_command() on line 140 constructs and sends an icmp packet
 
02:52 < rorschach> scapy is confusing at first but it's actually really simple
 
02:52 < rorschach> here's the scapy docs http://www.secdev.org/projects/scapy/doc/
 
02:52 < rorschach> and there's all sorts of things you can do with it
 
02:53 < rorschach> they have tons of examples here http://www.secdev.org/projects/scapy/doc/usage.html#recipes
 
02:53 < rorschach> another handy library is ip_addr by google
 
02:54 < rorschach> http://code.google.com/p/ipaddr-py/
 
02:54 < rorschach> the documentation is here: http://code.google.com/p/ipaddr-py/wiki/Using3144
 
02:54 < rorschach> and it's really straight forward
 
02:55 < rorschach> but say you want to make a list of every IP address in a given range
 
02:55 < rorschach> you can do
 
02:55 < rorschach> ipaddr.IPv4Network('192.168.0.1/24')
 
02:55 < rorschach> ip_list = ipaddr.IPv4Network('192.168.0.1/24')
 
02:55 < rorschach> then you could
 
02:55 < rorschach> for ip in ip_list:
 
02:55 < rorschach>  print ip
 
02:55 < rorschach> or do some kind of scan for every IP whatever
 
02:56 < rorschach> and it's a lot simpler than trying to calculate what a /32 might be
 
02:57 < rorschach> there's also pydbg
 
02:57 < rorschach> which I don't use because it's only for windows
 
02:57 < rorschach> unfortunately
 
02:57 < rorschach> but if you want to write a debugger in python on windows
 
02:57 < rorschach> http://wikisecure.net/security/pydbg-an-installation-guide
 
02:57 < rorschach> that's a great library
 
02:58 < rorschach> they do have ptrace for python though
 
02:58 < rorschach> http://pypi.python.org/pypi/ptrace/
 
02:58 < rorschach> but basically there are tons of great libraries for python
 
02:58 < rorschach> for everything you can imagine
 
02:59 < rorschach> those are the useful ones I can think of off teh top of my head
 
02:59 < rorschach> but yeah
 
02:59 < rorschach> any questions?
 
02:59 < rorschach> or did I lose you all? :p
 
03:00 < corvus> pretty interesting libraries, encouragement to play around with python more than I have
 
03:01 -!- hackerhousemom [[email protected]] has quit [client exited: hackerhousemom]
 
03:01 < rorschach> yeah they are interesting
 
03:01 < rorschach> and they have tons of them too
 
03:01 < rorschach> pretty much just google
 
03:01 < rorschach> python is annoying as fuck for writing any kind of interfaces though
 
03:01 < corvus> Thanks rorschach, glad I made it home intime for this! :3
 
03:02 < rorschach> :)
 
03:02 < rorschach> np
 
03:03 < rorschach> so if there's no more questions I'm gonna go have a smoke
 
03:06 < rorschach> by the way
 
03:06 < rorschach> scapy is in most repos
 
03:07 < rorschach> under scapy or python-scapy
 
03:12 < corvus> Thanks again, hope you enjoyed your smoke!! :)
 
03:14 <@p00pi3> scapy rules.
 
03:15 < rorschach> that i did ^.^
 
03:16 <@p00pi3> you wrote scapy?
 
03:17 <@p00pi3> i'll have to shake your hand one day. =)
 
03:20 < rorschach> o.o
 
03:20 < rorschach> no i didn't lol
 
</pre>
 

Latest revision as of 10:57, 21 April 2013

I am a self-taught programmer, I've been coding for several years now and am decently good at it. I code mainly in C/C++ and Python but know several other languages as well. My current project is a Python fuzzing library, if you're interested in helping, please hit me up on IRC! I hate talking about myself, so if you want to know more hit me up on IRC.

Contributions:

rorschach