June 2021
Intermediate to advanced
512 pages
11h 12m
English
Content preview from Kali Linux Penetration Testing Bible
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
CHAPTER 18Pentest Automation with Python
Folks, congratulations! You just reached the end of this book. Rarely do people commit and stay until the end. If you're at this step, then hats off—you have all my respect, and I'm sure that your success in life is inevitable.
This chapter will focus on how to take a simple idea and then implement it in Python. Inventors start with a small idea, and from there, with willingness (after all the failures), they achieve their visions. In this chapter we will walk through how to take an automation idea and use it as a penetration tester. At this stage, you should know the basics of Python. If not, feel free to go back to the previous chapter and practice, because this chapter focuses on the application logic.
Penetration Test Robot
The application that we will use in this chapter is called the Penetration Test Robot (
pentest_robot.py
). This tool will take advantage of the remoting protocols in Windows and Linux OS. To access a Windows system, we can use RDP (port 3389), and to access a Linux OS remotely, we can use SSH (port 22). This tool aims to automate the process and scan a single IP or range and look for these two services. If they're up, then the tool will try to automate a dictionary attack.
Application Workflow
Successful developers often design their application before they start coding. Generally, I use Microsoft Visio for this purpose.
As you can see in Figure 18.1, the user will enter a single IP or a range (in CIDR format), ...