Violent Python:Python in the dark sidedarkxPyCON.tw 2013
About● a.k.a. xatier● 平凡無奇的大學生● 喜好自由軟體和資訊安全技術● Python 只是輔助 (?)
工商服務晚點 18:00 BoF 八號場地強者我學長 Dr. Ken 大大●講題『Mining Interest Topics fromPlurk by using Python』http://j.mp/10VSNPt
工商服務晚點 18:00 BoF 八號場地強者我學長 Dr. Ken 大大●講題『Mining Interest Topics fromPlurk by using Python』http://j.mp/10VSNPt
最常拿 Python 來 ...
We Love Python●Easy to Learn●Easy to Read● Easy to Hack (?)●Cross platform●Builtin tools●Libraries
“This (Programming), of course, is thefundamental hacking skill. If you dont know anycomputer languages, I recommend start...
(compare to C) ….. “With todays machinesas powerful as they are, this is usually a badtradeoff — its smarter to use a lang...
小試身手
decrypt
decryptimport cryptcrypt.crypt(word, salt) -> stringword will usually be a users password. salt is a 2-character stringwhi...
● Dictionary Attack● /usr/share/dict/words● GGvxb.e7YgnIgdecrypt
decrypt
decrypt
Brute force● http://pvanhoof.be/files/bruteforce.c● import itertools
Brute force● http://pvanhoof.be/files/bruteforce.c● import itertoolsZ
APIs● socket API 跟 C 用起來幾乎一模一樣● ctypes 標準庫提供 C/dll/so 跨接的橋樑● 物件、流程控制等可省下更多時間
Hacking Skype●main.db● 你想要的通通都在這邊 (?● 聯絡人、聊天紀錄 ... 等● Unix like 系統很棒的
Lots of tools●http://www.dirk-loss.de/python-tools.htmscapydpktImmunity DebuggerIDAPythonLldb (llvms debugger)…...
python-nmap● http://xael.org/norman/python/python-nmap/● Nmap 工具的 Python binding● 搭配 IPython shell 一同服用● GPL licensed
Inspired by●Nicolle Neulist: Write your own tools withpython! Derbycon2012●Gray Hat Python: Python Programming forHackers ...
Thank you☺https://github.com/xatier/PyCON-demo
Upcoming SlideShare
Loading in …5
×

Violent python

648 views

Published on

http://tw.pycon.org/2013/zh/proposal/34/

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
648
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
9
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Violent python

  1. 1. Violent Python:Python in the dark sidedarkxPyCON.tw 2013
  2. 2. About● a.k.a. xatier● 平凡無奇的大學生● 喜好自由軟體和資訊安全技術● Python 只是輔助 (?)
  3. 3. 工商服務晚點 18:00 BoF 八號場地強者我學長 Dr. Ken 大大●講題『Mining Interest Topics fromPlurk by using Python』http://j.mp/10VSNPt
  4. 4. 工商服務晚點 18:00 BoF 八號場地強者我學長 Dr. Ken 大大●講題『Mining Interest Topics fromPlurk by using Python』http://j.mp/10VSNPt
  5. 5. 最常拿 Python 來 ...
  6. 6. We Love Python●Easy to Learn●Easy to Read● Easy to Hack (?)●Cross platform●Builtin tools●Libraries
  7. 7. “This (Programming), of course, is thefundamental hacking skill. If you dont know anycomputer languages, I recommend starting withPython. It is cleanly designed, well documented,and relatively kind to beginners. Despite being agood first language, it is not just a toy; it is verypowerful and flexible and well suited for largeprojects. ”– How to become a hacker (ESR)
  8. 8. (compare to C) ….. “With todays machinesas powerful as they are, this is usually a badtradeoff — its smarter to use a language thatuses the machines time less efficiently, but yourtime much more efficiently. Thus, Python.”– How to become a hacker (ESR)
  9. 9. 小試身手
  10. 10. decrypt
  11. 11. decryptimport cryptcrypt.crypt(word, salt) -> stringword will usually be a users password. salt is a 2-character stringwhich will be used to select one of 4096 variations ofDES. The charactersin salt must be either ".", "/", or an alphanumericcharacter. Returnsthe hashed password as a string, which will becomposed of characters fromthe same alphabet as the salt.
  12. 12. ● Dictionary Attack● /usr/share/dict/words● GGvxb.e7YgnIgdecrypt
  13. 13. decrypt
  14. 14. decrypt
  15. 15. Brute force● http://pvanhoof.be/files/bruteforce.c● import itertools
  16. 16. Brute force● http://pvanhoof.be/files/bruteforce.c● import itertoolsZ
  17. 17. APIs● socket API 跟 C 用起來幾乎一模一樣● ctypes 標準庫提供 C/dll/so 跨接的橋樑● 物件、流程控制等可省下更多時間
  18. 18. Hacking Skype●main.db● 你想要的通通都在這邊 (?● 聯絡人、聊天紀錄 ... 等● Unix like 系統很棒的
  19. 19. Lots of tools●http://www.dirk-loss.de/python-tools.htmscapydpktImmunity DebuggerIDAPythonLldb (llvms debugger)…...
  20. 20. python-nmap● http://xael.org/norman/python/python-nmap/● Nmap 工具的 Python binding● 搭配 IPython shell 一同服用● GPL licensed
  21. 21. Inspired by●Nicolle Neulist: Write your own tools withpython! Derbycon2012●Gray Hat Python: Python Programming forHackers and Reverse Engineers●Violent Python: A Cookbook for Hackers,Forensic Analysts, Penetration Testers andSecurity Engineers
  22. 22. Thank you☺https://github.com/xatier/PyCON-demo

×