Книга: Black Hat Python: Python Programming for Hackers and Pentesters
Назад: 11. Automating Offensive Forensics
Дальше: Copyright

for updates, errata, and other information.

More no-nonsense books from

WEB:

(see ARP cache poisoning)
AdjustTokenPrivileges function,
AF_INET parameter,
ARP (Address Resolution Protocol) cache poisoning, , , , ,
adding supporting functions,
coding poisoning script,
inspecting cache,
testing,

B

BHPFuzzer class,
Bing search engine, , , , , ,
defining extender class,
functionality to parse results,
functionality to perform query,
testing, ,
bing_menu function,
bing_search function,
Biondi, Philippe,
BitBlt function,
Browser Helper Objects,
brute force attacks, , , , , , , , , , , , , ,
in HTML form authentication, , , , , , , ,
administrator login form,
general settings,
HTML parsing class,
pasting in wordlist,
primary brute-forcing class,
request flow,
testing,
on directories and file locations, , , , , ,
applying list of extensions to test for,
creating list of extensions,
creating Queue objects out of wordlist files,
setting up wordlist,
testing,
build_wordlist function,
Burp Extender API, , , , , , , , , , , , , , , , , , , , , , , , ,
creating password-guessing wordlist, , , , ,
converting selected HTTP traffic into wordlist,
functionality to display wordlist,
testing, ,
creating web application fuzzers, , , , , , , , ,
accessing Burp documentation,
implementing code to meet requirements,
loading extension, ,
simple fuzzer,
using extension in attacks, , ,
installing, ,
interfacing with Bing API to show all virtual hosts, , , , , ,
defining extender class,
functionality to parse results,
functionality to perform query,
testing, ,
Jython standalone JAR file, ,
BurpExtender class,

C

Cain and Abel,
CANVAS, ,
channel method,
ClientConnected message,
code injection, ,
offensive forensics automation,
Windows privilege escalation,
config directory,
connect_to_github function,
Content-Length header,
count parameter,
createMenuItem function,
createNewInstance function,
CreateProcess function,
CredRequestHandler class,
ctypes module,

D

data directory,
Debug Probe tab, WingIDE,
Destination Unreachable message, ,
DirBuster project,
dir_bruter function,
display_wordlist function,

E

easy_install function,
El Jefe project,
encrypt_post function,
encrypt_string function,
environment setup, , , , , , , , , , , , , , , , , , , ,
Kali Linux, , , , , ,
default username and password,
desktop environment,
determining version,
downloading image,
general discussion,
WingIDE, , , , , , , , , , , , ,
accessing,
fixing missing dependencies,
general discussion,
inspecting and modifying local variables, ,
installing,
opening blank Python file,
setting breakpoints,
setting script for debugging, ,
viewing stack trace, ,
Errors tab, Burp,
exfiltrate function,
exfiltration, , , , , , ,
encryption routines,
key generation script,
login functionality,
posting functionality,
supporting functions,
testing,
Extender tab, Burp, , ,
extract_image function,

F

feed method,
Fidao, Chris,
FileCookieJar class,
filter parameter,
find_module function,
forward SSH tunneling, ,
Frisch, Dan,

G

GDI (Windows Graphics Device Interface),
GET requests,
GetAsyncKeyState function,
GetForeGroundWindow function,
getGeneratorName function,
GetLastInputInfo function,
getNextPayload function,
GetOwner function,
GetTickCount function,
GetWindowDC function,
GetWindowTextA function,
GetWindowThreadProcessId function,
get_file_contents function,
get_http_headers function,
get_mac function,
get_trojan_config function,
get_words function,
GitHub-aware trojans, , , , , , , ,
account setup,
building,
configuring,
creating modules,
hacking import functionality,
improvements and enhancements to,
testing,
github3 module,
GitImporter class,

H

handle_client function,
handle_comment function,
handle_data function, ,
handle_endtag function,
handle_starttag function,
HashDump object,
hashdump plugin,
hasMorePayloads function,
hex dumping function,
hivelist plugin,
HookManager class,
HTML form authentication, brute forcing, , , , , , , ,
administrator login form,
general settings,
HTML parsing class,
pasting in wordlist,
primary brute-forcing class,
request flow,
testing,
HTMLParser class, , ,
HTTP history tab, Burp, ,

I

IBurpExtender class, ,
ICMP message decoding routine, , , , , , ,
Destination Unreachable message, ,
length calculation,
message elements,
sending UDP datagrams and interpreting results,
testing,
IContextMenuFactory class,
IContextMenuInvocation class,
Iexplore.exe process,
iface parameter,
IIntruderPayloadGenerator class,
IIntruderPayloadGeneratorFactory class,
image carving script, , , , ,
adding facial detection code,
adding supporting functions,
coding processing script,
testing,
imageinfo plugin,
IMAP credentials, stealing, ,
Immunity Debugger, ,
imp module,
__init__ method,
inject_code function,
input tags,
input/output control (IOCTL), ,
Internet Explorer COM automation, , , , , , , , , , , , , , ,
exfiltration, , , , , , ,
encryption routines,
key generation script,
login functionality,
posting functionality,
supporting functions,
testing,
man-in-the-browser attacks, , , , , , ,
creating HTTP server,
defined,
main loop,
support structure for,
testing,
waiting for browser functionality,
Intruder tab, Burp, ,
Intruder tool, Burp,
IOCTL (input/output control), ,
IP header decoding routine, , , , ,
avoiding bit manipulation,
human-readable protocol,
testing,
typical IPv4 header structure,

J

Janzen, Cliff,
JSON format,
Jython standalone JAR file, ,

K

Kali Linux, , , , , ,
default username and password,
desktop environment,
determining version,
downloading image,
general discussion,
installing packages,
KeyDown event,
keylogging,
KeyStroke function,
Khrais, Hussam,
Kuczmarski, Karol,

L

LASTINPUTINFO structure,
load_module function,
login_form_index function,
login_to_tumblr function,
logout_form function,
logout_url function,

M

man-in-the-browser (MitB) attacks, , , , , , ,
creating HTTP server,
defined,
main loop,
support structure for,
testing,
waiting for browser functionality,
man-in-the-middle (MITM) attacks, , , , ,
adding supporting functions,
coding poisoning script,
inspecting cache,
testing,
mangle function,
Metasploit,
Microsoft, (see Bing search engine; Internet Explorer COM automation)
MitB attacks, (see man-in-the-browser attacks)
MITM attacks, (see man-in-the-middle attacks)
modules directory,
module_runner function,
mutate_payload function,

N

Nathoo, Karim,
netaddr module, ,
netcat-like functionality, , , , , , , , , , , ,
adding client code,
calling functions,
command execution functionality,
command shell,
creating main function,
creating primary server loop,
creating stub function,
file upload functionality,
importing libraries,
setting global variables,
testing,
network basics, , , , , , , , , , , , , , , , , , , , , , ,
creating TCP clients,
creating TCP proxies, , , , ,
hex dumping function,
proxy_handler function,
reasons for,
testing,
creating TCP servers,
creating UDP clients,
netcat-like functionality, (see netcat-like functionality)
SSH tunneling, , , , , , ,
forward, ,
reverse, , ,
testing,
SSH with Paramiko, , , , , ,
creating SSH server,
installing Paramiko,
key authentication,
running commands on Windows client over SSH,
testing,
network sniffers, , , , , , , , , , , , , , , , ,
discovering active hosts on network segments,
ICMP message decoding routine, , , , , , ,
Destination Unreachable message, ,
length calculation,
message elements,
sending UDP datagrams and interpreting results,
testing,
IP header decoding routine, , , , ,
avoiding bit manipulation,
human-readable protocol,
testing,
typical IPv4 header structure,
promiscuous mode,
setting up raw socket sniffer,
Windows versus Linux,
__new__ method,

O

offensive forensics automation, , , , ,
direct code injection,
installing Volatility,
profiles,
recovering password hashes,
online resources, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Bing API keys,
Burp,
Cain and Abel,
Carlos Perez,
creating basic structure for repo,
DirBuster project,
El Jefe project,
facial detection code,
generating Metasploit payloads,
hacking Python import functionality,
Hussam Khrais,
Immunity Debugger,
input/output control (IOCTL),
Joomla administrator login form,
Jython,
Kali Linux,
MessageBox shellcode,
netaddr module,
OpenCV,
Paramiko,
PortSwigger Web Security,
privilege escalation example service,
py2exe,
PyCrypto package,
PyHook library,
Python GitHub API library,
Python WMI page,
PyWin32 installer,
Scapy, ,
socket module,
SVNDigger,
VMWare Player,
Volatility framework,
Win32_Process class documentation,
Windows GDI,
WingIDE,
Wireshark,
OpenCV, ,
os.walk function,
owned flag,

P

packet capture file processing, (see PCAP processing)
packet.show() function,
Paramiko, , , , , ,
creating SSH server,
installing,
running commands on Windows client over SSH,
SSH key authentication,
testing,
password-guessing wordlist, , , , ,
converting selected HTTP traffic into wordlist,
functionality to display wordlist,
testing, ,
Payloads tab, Burp, ,
PCAP (packet capture file) processing, , , , , , ,
adding facial detection code,
adding supporting functions,
ARP cache poisoning results,
coding processing script,
image carving script,
testing,
Perez, Carlos,
pip package manager,
POP3 credentials, stealing, ,
populate_offsets function,
Port Unreachable error,
PortSwigger Web Security,
Positions tab, Burp, ,
post_to_tumblr function,
privilege escalation, , , , , , , , , , , , ,
code injection,
installing example service,
installing libraries,
process monitoring, , ,
testing,
with WMI,
token privileges, , ,
automatically retrieving enabled privileges,
outputting and logging,
winning race against code execution, , ,
creating file monitor,
testing,
prn parameter,
process monitoring, , ,
winning race against code execution, ,
testing,
with WMI,
process_watcher function,
--profile flag,
Proxy tab, Burp, ,
proxy_handler function,
PSList class,
py2exe,
PyCrypto package, ,
PyHook library, ,
Python GitHub API library,
PyWin32 installer,

Q

Queue objects, ,

R

random_sleep function,
ReadDirectoryChangesW function,
receive_from function,
recvfrom() function,
registerIntruderPayloadGeneratorFactory function,
RegistryApi class,
Repeater tool, Burp,
Request class,
request_handler function,
request_port_forward function,
reset function,
response_handler function,
restore_target function,
reverse SSH tunneling, , ,
reverse_forward_tunnel function,
run function,

S

sandbox detection,
Scapy library, , , , , , , , , , , , , , , , ,
ARP cache poisoning, , , , ,
adding supporting functions,
coding poisoning script,
inspecting cache,
testing,
installing,
PCAP processing, , , , , ,
adding facial detection code,
adding supporting functions,
ARP cache poisoning results,
coding processing script,
image carving script,
testing,
stealing email credentials, , , ,
applying filter for common mail ports,
creating simple sniffer,
testing,
Scope tab, Burp, ,
screenshots,
SeBackupPrivilege privilege,
Secure Shell, (see SSH)
SeDebugPrivilege privilege,
SelectObject function,
SeLoadDriver privilege, ,
sendto() function,
server_loop function,
SetWindowsHookEx function,
shellcode execution,
SimpleHTTPServer module,
Site map tab, Burp, ,
SMTP credentials, stealing, ,
sniff function,
socket module, , , , , ,
building TCP proxies,
creating TCP clients,
creating TCP servers,
creating UDP clients,
netcat-like functionality,
SOCK_DGRAM parameter,
SOCK_STREAM parameter,
SSH (Secure Shell), , , , , , , , , , , , ,
tunneling, , , , , , ,
forward, ,
reverse, , ,
testing,
with Paramiko, , , , , ,
creating SSH server,
installing Paramiko,
key authentication,
running commands on Windows client over SSH,
testing,
ssh_command function,
Stack Data tab, WingIDE,
start_monitor function,
store parameter,
store_module_result function,
strip function,
subprocess library,
SVNDigger,

T

TagStripper class,
tag_results dictionary,
Target tab, Burp, , ,
TCP clients, creating,
TCP proxies, , , , ,
creating,
hex dumping function,
proxy_handler function,
reasons for building,
testing,
TCP servers, creating,
TCPServer class,
test_remote function,
token privileges, , ,
automatically retrieving enabled privileges,
outputting and logging,
transport method,
trojans, , , , , , , , , , , , ,
GitHub-aware, , , , , , , ,
account setup,
building,
configuring,
creating modules,
hacking import functionality,
improvements and enhancements to,
testing,
Windows tasks, , , , ,
keylogging,
sandbox detection,
screenshots,
shellcode execution,
Tumblr,

U

UDP clients, creating,
udp_sender function,
urllib2 library, ,
urlopen function,

V

VMWare Player,
Volatility framework, , , , ,
direct code injection,
installing,
profiles,
recovering password hashes,

W

wait_for_browser function,
wb flag,
web application attacks, , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
brute-forcing directories and file locations, , , , , ,
applying list of extensions to test for,
creating list of extensions,
creating Queue objects out of wordlist files,
setting up wordlist,
testing,
brute-forcing HTML form authentication, , , , , , , ,
administrator login form,
general settings,
HTML parsing class,
pasting in wordlist,
primary brute-forcing class,
request flow,
testing,
GET requests, , , ,
mapping open source web app installations,
simple,
socket library,
using Request class,
web application fuzzers, , , , , , , , , ,
accessing Burp documentation,
implementing code to meet requirements,
loading extension, , ,
simple fuzzer,
using extension in attacks, , ,
win32security module,
Win32_Process class, ,
Windows Graphics Device Interface (GDI),
Windows privilege escalation, , , , , , , , , , , , ,
code injection,
installing example service,
installing libraries,
process monitoring, , ,
testing,
with WMI,
token privileges, , ,
automatically retrieving enabled privileges,
outputting and logging,
winning race against code execution, , ,
creating file monitor,
testing,
Windows trojan tasks, , , , ,
keylogging,
sandbox detection,
screenshots,
shellcode execution,
WingIDE, , , , , , , , , , , ,
accessing,
fixing missing dependencies,
general discussion,
inspecting and modifying local variables, ,
installing,
opening blank Python file,
setting breakpoints,
setting script for debugging, ,
viewing stack trace, ,
wordlist_menu function,
Wuergler, Mark,
Назад: 11. Automating Offensive Forensics
Дальше: Copyright

© RuTLib.com 2015-2018