Python tips and tricks

**Below snippets, tips, trick and concepts actively collecting from various web sites and stack-overflow questions.

**You can find some examples snippets and useful tools at my repo

Operations on String

1.Check the string s is alphanumeric or not s.isalnum()


os & sys Module

1.Kill process from python (The script should run with sudo)

def kill(proc, signum=signal.SIGTERM):
    os.killpg(proc.pid, signum)

2.Get pid of current script that is running:  os.getpid()

3.Give nice to the script that is running: os.nice(19)

4.Get the current python version: sys.version_info

5.Rename files: os.rename(src, dst)

6.Check file exists or not: os.path.exists("/path/to/file")

7.Get directory name of file: os.path.dirname(/path/to/file.txt)

8.Create directories recursively: os.makedirs("/dir1/dir2/")


List

1.Join list items with delimiter

>> days=["Sunday","Monday","Tuesday", "Wednesday","Thursday","Friday", "Saturday"]
>>> "-".join(days)
'Sunday-Monday-Tuesday-Wednesday-Thursday-Friday-Saturday'

Time

1.Print data and time. Find more at strftime.org

  • %H– 24 Hours hour
  • %I– 12 Hours hour
  • %M– Minutes
  • %S-Seconds
  • %d– Days
  • %m– Months
  • %Y– Year [4 Digits]
  • %j– Day of the year
  • %A– Day of the week (Name)
>>> import time
>>> 
>>> time.strftime("%H:%M:%S")
'17:47:17'
>>> 
>>> time.strftime("%d/%m/%Y %H:%M:%S")
'14/03/2017 17:47:26'
>>>

2. Epoch time: int(time.time()) https://www.epochconverter.com/


Reading and writing from/to different file formats

1.YAML Files

Reading

def read_yaml(file_name):
    if not os.path.exists(file_name):
        print "{} not found! Please check.".format(file_name)
        exit(1)
    with open(file_name) as f:
        data=yaml.load(f)
    return data

Writing

def write_yaml(data,yaml_file):
    with io.open(yaml_file, 'w', encoding='utf8') as outfile:
        yaml.dump(data, outfile, default_flow_style=False, allow_unicode=True)

Miscellaneous:

1. Know who is calling the function with inspect module (In-Built)

import inspect
def f1(): 
    print "Inside of function f1"    
    f2()
def f2():
    curframe = inspect.currentframe()
    calframe = inspect.getouterframes(curframe, 2)
    print 'Caller Name:', calframe[1][3]
f1()

--OUTPUT--
Inside of function f1
Caller Name: f1

 

2.Log rotate. (Include the below function in your script).

Arguments:

  1. message– Your information
  2. level– Log Level: debug, info, warning, error, critical
import logging
from logging.handlers import RotatingFileHandler

DEFAULT_LOG = '/var/log/script.log'
handler=RotatingFileHandler(DEFAULT_LOG, mode='a', maxBytes=20*1024*1024, backupCount=0, encoding=None, delay=0)
handler.setFormatter(logging.Formatter('%(asctime)s %(name)s[%(process)d] %(levelname)s: %(message)s'))
log =logging.getLogger('MyScript')
levels={"info":logging.INFO,
        "debug":logging.DEBUG,
        "warning":logging.WARNING,
        "error":logging.ERROR,
        "critical":logging.CRITICAL}

def log_it(level,message):
    log.setLevel(levels[level])
    log.addHandler(handler)
    handler.setLevel(levels[level])
    if level=="info":    
        log.info(message)    
    elif level=="debug":
        log.debug(message)
    elif level=="warning":
        log.warning(message)
    elif level=="error":
        log.error(message)
    elif level=="critical":
        log.critical(message)

log_it("warning","Something happened!")

--OUTPUT--
2017-03-14 12:19:53,391 MyScript[7602] WARNING: Something happened!;

3. Suppress all warnings in Python

import warnings
warnings.filterwarnings("ignore")
Advertisements

Linux, Python and other useful resource links

*Below links I found useful, collected from various sites.

    1. How to recover lost Python source code if it’s still resident in-memory
    2. Android Internals [PDF]  by Jonathan Levin: Talked about Linux vs Android, File system, Partitions, Boot, Backup & recovery, Init, Daemons
    3. USG is a firewall for your USB ports, protecting your computer from BadUSB
    4. CHIPSEC  A framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI)
    5. Cpython Internals: Codewalk through the Python interpreter source codes [Youtube Playlist]: Talked about Opcodes, Frames, Function calls, PyObjets, Python Datatypes, Iterators, Generators, Clases, etc
    6. Dive in to BPF: A list of reading materials for BPF
    7. Run Levels & How to make init scripts
    8. Simple BFP implementation in Python
    9. Problem Solving with Algorithms and Data Structures using Python [BOOK] By Brad Miller and David Ranum, Luther College: Talked about Basic Data Structures, Recursions, Sorting & Searching, Tree Algorithms and Graphs Algorithms
    10. Natural Language Processing with Python [BOOK] by Steven Bird, Ewan Klein, and Edward Loper: Talked about Processing Raw Text, Writing Structure Programs, Categorizing and Tagging words, Classify Text, Extract Info, Analyzing Sentences, Basic Grammars, Linguistic Data, etc
    11. Capturing Wireless LAN Packets on Ubuntu with tcpdump and Kismet
    12. BPF Compiler Collection [Github Repo] A toolkit for creating efficient kernel tracing and manipulation programs, and includes several useful tools and examples
    13. An Introduction to Linux Permissions
    14. htop explained visually with screenshot
    15. How to Make a Computer Operating System
    16. Python for Android
    17. DNS Queue – A Parallelised DNS Prober
    18. Python Cheat Sheets
    19. Where Am I[Git Repo] Uses WiFi signals and machine learning (sklearn’s RandomForest) to predict where you are. Even works for small distances like 2-10 meters.
    20. Explain Shell
    21. Infinite possibilities with the Scapy Module
    22. Learn VIM while playing
    23. BASH Cheat Sheet
    24. VirusTotalVirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.  
    25. Python Anti-Patterns – Best Python Coding Practices
    26. How Linux CPU Usage Time and Percentage is calculated
    27. Linux Memory Managment Frequently Asked Questions
    28. Live Hacking Attack Map
    29. Python Plays: Grand Theft Auto VBy sentdex : Self Driving Car, Neural Network Training Data for self-driving, Balancing self-driving training data ,etc
    30. https://pythonprogramming.net/
    31. Pythonic Data Structures and Algorithms
    32. Removing Your PDF Metadata & Protecting PDF Files
    33. https://ngrok.com/ – Secure tunnels to localhost
    34. Tool for in-depth analysis of USB HID devices communication
    35. An Illustrated Guide to the Kaminsky DNS Vulnerability
    36. Spear Phishing 101
    37. What is setiud, setgid and sticky bit in Linux?
    38. Set up your own malware analysis lab with VirtualBox, INetSim and Burp
    39. Step by step Metasploit walkthrough
    40. Linux Bridge – how it works
    41. SSH Check
    42. Shutit – An automation tool that models a user’s actions on a terminal.
    43. Phishing With a Rogue Wi-Fi Access Point
    44. Fuzzing proprietary protocols with Scapy, radamsa and a handful of PCAPs
    45. WiFi-Pumpkin[Github Repo] Framework for Rogue Wi-Fi Access Point Attack
    46. https://stackhackr.barkly.com/ – Creating your own malware in 5 minutes or less.
    47. Writing a Simple Operating System — from Scratch [PDF]
    48. A collective list of free JSON APIs for use in web development
    49. Learn Regular Expression in Easy Way
    50. fast DDoS analyzer with sflow/netflow/mirror
    51. Metadata: a hacker’s best friend
    52. A Python Package for creating backdoors!
    53. malware-traffic-analysis.net – A source for pcap files and malware samples
    54. 30 interesting commands for the Linux shell
    55. How security flaws work: The buffer overflow
    56. From SQL Injection to Shell
    57. Realmode Assembly – Writing bootable stuff
    58. Hardware Hacking & Circuitry: Part 2: Amount of electricity, Resistance, Power, AC/DC
    59. Understanding and generating the hash stored in /etc/shadow
    60. Blockchains: How They Work and Why They’ll Change the World
    61. Everything You Wanted To Know About Blockchains
    62. Build Your Own Blockchain
    63. Writing a Bootloader
    64. Using Python To Get A Shell Without A Shell
    65. China’s Man-on-the-Side Attack on GitHub

Automated Wifi De-authentication attack

A Wi-Fi deauthentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point.

Wikipedia

As you can see, this type of attack is pretty powerful and difficult  to detect who is attacking. There are some tools for this attack like “aircrack-ng”(You can check the commands here).

So, basically the concept is the attacker broadcasts a wifi management “De-authentication” frame to victim’s to tell deauthenticate. It is like, “Hey client! can you please deauthenticate and authenticate”.  Then the client will reconnect to AP(Access Point). These type of frames are supposed to send by valid “AP” to its clients, but the attacker can mimic these frames and broadcasts in the network.

Continue reading “Automated Wifi De-authentication attack”

What is ONE Installer?

The ONE Installer is an  automated script to install software/packages for Ubuntu 14. My self wrote this automated script in Python 2.7. The reason is simple, every time I install Ubuntu OS, I need some packages/software to be installed. You knew some are pretty simple like “apt-get install curl”, but some packages/software needs some other additional tweaking like for “Eclipse” we need to create “eclipse.desktop” with some entry in “/usr/share/application”(You can see the steps in this blog). So, it is little bit pain full to do this every time. This automated script will install packages one by one and configures the software.

Continue reading “What is ONE Installer?”