Introduction to Information Security - TAU · White spaces if you can read this: it must be python!...
Transcript of Introduction to Information Security - TAU · White spaces if you can read this: it must be python!...
![Page 1: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/1.jpg)
Introduction to Information
Security Python
![Page 2: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/2.jpg)
Python motivation • Python is to a Hacker what Matlab is to an engineer
• Lots of built-in modules
• Lots of 3rd party modules
• IDA-Python!
• Very popular language, very well supported
• Has implementation in every OS.
• Human readible
• Its free
![Page 3: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/3.jpg)
Python Diff • In this quick overview of python:
• We will note the major differences between python
and other familiar languages.
• And talk of some useful tools
![Page 4: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/4.jpg)
White spaces if you can read this:
it must be python!
- Python hierarchy is defined by whitespaces
- Indentation has to be the same (3 spaces != 1 tab)
for every nest within the chain.
![Page 5: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/5.jpg)
Hello, World Example #1:
#!/usr/bin/python
print “Hello, World!”
Example #2:
#!/usr/bin/python
def main():
print “Hello, World!”
if __name__ == ‘__main__’:
main()
![Page 6: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/6.jpg)
Datatype behavior Datatypes behave differently in python:
A = 5
A = 6
Now A is a different variable!
Therefore if use:
A = A + 5
Now A is a new variable containing the result!
![Page 7: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/7.jpg)
Basic functions • Using the interpreter allows us to view two basic
things:
dir(object) – shows us the structure of the object
help(object) – shows help created by the developer
of the object
![Page 8: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/8.jpg)
Strings • Many builtin string machnisms.
• A = “”
• len(“123”) == 3
• A[0] = “a” – not possible, strings are immutable.
• A.find(“asd”) returns the location of asd in A
• A.split()/A.join() , eg.: “\n”.join(data.split(“\n”)[0:-1])
• A.lower()
• replace() – returns a new string with data
• Uses regular indexing.
![Page 9: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/9.jpg)
Lists and Tuples • A = (1, 2, 3)
• A is of fixed length and is immutable.
• A = [ 1, 2, 3]
• A is mutable, and the length can be changed by
using append:
• A.append(4)
• print A results in:
• [1, 2, 3, 4]
• A is not a new variable.
![Page 10: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/10.jpg)
Spans • Spans makes things very comfortable:
A = “asd”
A[0:] == “asd”
A[1:] == “sd”
A[0:-1] == “as”
A[0:1] == “a”
A[0:-2] == “a”
A[:2] == “as”
A[1:2] == “s”
• Works on tuples, and lists!!
![Page 11: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/11.jpg)
dict()s >>> b = dict()
>>> b["hello"] = "world"
>>> b
{'hello': 'world'}
>>> b.keys()
[‘hello’]
• [Demo dicts]
![Page 12: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/12.jpg)
Mutable vs Immutable • Mutable
A = [1,2,3,4]
B = A
A.append(5)
print B
[1,2,3,4,5]
• Immutable
A = “foo”
B = A
A = A + “bar”
print B
“foo”
![Page 13: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/13.jpg)
Format conversion • print “%d %s 0x%08X” % (0xdeadbeef, “ == “
0xdeadbeef)
• 5 / 3 == 1
• 5 / 3.0 == 1.666666…
• int(5/3.0) == 1
• str(1) == “1”
• ord(“0”) == 0x30
• chr(0x30) == “c”
![Page 14: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/14.jpg)
File operations • Reading from a file:
f = file(“c:\\filename”) # file(“/tmp/filename”) for linux
buf = f.read() # buf now contains entire file.
lines = buf.split(“\r\n”) # lines contains a list with all
lines excluding the “\r\n”
f.close()
• Writing to a file:
file(“filename”, “wb”).write(data) # using returning
# object to write the data
# if reference is lost file is automatically closed.
![Page 15: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/15.jpg)
Functions • Functions can return arbitrary objects such as:
o strings o Tuples! (very common) o int o Etc.
global_var = 6
def funcname(arg1, arg2):
local_var = 5
return (var1, var2) • Updating global variables needs special handling:
globvar = 0
def set_globvar_to_one():
global globvar # Needed to modify globvar globvar = 1
![Page 16: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/16.jpg)
if,else if 1:
print “always here”
else:
print “never here”
• switch case alternative:
if key = “x”:
exit()
elif key = “z”:
suspend()
else:
print “default”
![Page 17: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/17.jpg)
for, while • for (i=1; i < 10; i++) alternative:
for i in range(1,10): # help(range) for more options
print A[i]
while 1:
cmd = get_next_cmd()
if cmd == “stop”:
break
elif cmd == “dothis”:
dothis()
continue
print “always here ?!?”
![Page 18: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/18.jpg)
import,reload • import– a way to import libraries, eg.: import sys
• Access to variables is now through the namespace: o sys.argv[1]
• Alternatively:
• from sys import *
• Now we can access in our namespace: o argv[1] # direct access.
• If library was modified after import we can use
reload, eg.: reload(sys)
![Page 19: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/19.jpg)
Useful functions • Complex binary operations:
o import struct
o struct.pack(“L”, 0xdeadbeef) – result contains DEADBEEF in little endian
(EFBEADDE) (0xdeadbeef is treated as unsigned long)
o (port) = struct.unpack(“>H”) - read unsigned short from a string
represented as bigendian
• OS operations: o import os
o os.rename(old_name, new_name)
o os.system(“run command”)
![Page 20: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/20.jpg)
3rd party modules • You can install many modules by using pypi
• On UNIX installing modules is very easy: o sudo pip install [modulename]
• Also available easy_install
• Useful imports:
• scapy (packet manipulation lib works with libpcap),
numpy/scipy, pylab, pylib, hashlib, socket, sqllite,
gzip, zip, bz2, html, json, wave/audioop (audio
operations), PIL (image processing), wave, pygame
• Google: [something I need] python
![Page 21: Introduction to Information Security - TAU · White spaces if you can read this: it must be python! - Python hierarchy is defined by whitespaces - Indentation has to be the same (3](https://reader036.fdocuments.us/reader036/viewer/2022062604/5fbace68c581c61b4f30eb36/html5/thumbnails/21.jpg)
ipython • Extended interpreter capabilities
• Acts almost like a shell
• Adds history
• Adds file completion by tab.
• + Many more features.