Python is really omnipotent! Even hack technology is going to use it! Do you know what technology to use?

Source: Internet
Author: User
Tags wrappers virtual environment

Network enthusiasts always have to master the programming language, which is recommended here: Python. Here's a look at what Python technology hackers will use!

Enter the group: 548377875 can get dozens of sets of PDFs Oh!

Install dependent packages

Many times readers will find that the personal tools written with the Python library in the large Python community can help us get results quickly. You can install these libraries through the Personal Software Management Pack or the available Python Package Manager, the most authoritative of which is the PIP tool. With PIP, you can install these dependent packages (#pip install) globally, or install them on a per-user basis (Pip install--user) or in a virtual environment ((VENV) $ pip install). Readers can manually use the personal distribution Package Manager, or install the PIP package based on the library provided by Python3.4.

If the reader needs to interact with HTTP services including Json/xml, I recommend that the requests relies on libraries that are particularly useful. The Python library can handle various types of operations that interact with Web pages, such as encoding, decoding, parameters, tagging, redirection, and so on. For example, the code to request and analyze a JSON resource is as follows:

Adding a TSL Encryption link is also very simple:

The above functions can also be implemented in a connection that is already in use:

You do not need these low-level service interactions, and some modules can provide high-level service interactions:

    • Smtplib
    • Ftplib
    • Poplib
    • Imaplib
    • Httplib (Python 3 or later HTTP client)
    • Nntplib
    • Telnetlib (applied to service development and subsequent need for interactive command line sessions)
    • Xmlrpclib (Python 3 or later version of XMLRPC client)


Binary operation or encoding

When developing scripts that interact with services or files, you often find it necessary to convert the data into different formats or encodings. In the python2.x version, strings are typically converted between different formats using the encode or Decode method.

Unfortunately, this shortcut was canceled in the python3.x version, and the Encode and decode methods can currently only implement character encodings, such as Utf-8, cp1250, iso8859, Big5, and so on.

Instead, you can now implement hexadecimal encoding using only two methods of the bytes type:

For BASE64 encoding, you need to use a different module (also available in the python2.x version):

URLs encoding or parsing can be implemented with the Urllib.parse module (python2.x version is urllib)

A generic conversion between Python common data types (such as INT,FLOAT,STR) and binary can be implemented in the Stuct module:

Python3.2 can also get the binary representation directly using the INT type:

The cTYPES module also has a particularly great feature, and if you use CPython as a translator (which is usually the case for everyone), you can have the ctypes. The structure structure describes the C language, obtaining their binary representations as if they were stored from a C application.

The cTYPES module is usually a bridge between the Python assembly and the C language library and does not require any Python wrappers to be written. With the cTYPES module, you can use any C language library and its output functions:

The structure type mentioned above is primarily used for the interaction of the C language library, passing through or fetching the structure during a function call.


Vulnerability development Tools

Many CTF groups offer their own CTF solution framework, and I find the pwntools framework from gallopsled particularly useful, especially when developing the remote Elf binary, which contains many handy functions such as displacement calculations (through cyclic mode), format string development (common data feeds and resulting formatted strings), jump combinations (based on Ropgadget parsing elf binaries and providing wrappers that generate simple jump combo calls) and all APIs for different transport channels (called pipelines). This allows the reader to develop GDB's compiled backend, while simply changing one line of code can be transferred to the target service.

Hackers with the good, but some things are forbidden, can not casually touch Oh!

Python is really omnipotent! Even hack technology is going to use it! Do you know what technology to use?

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.