{
"metadata": {
"name": "",
"signature": "sha256:ab9145412cc1d954b44b5802638f6fa3a50a8f2185f37d2e412214855f27824b"
},
"nbformat": 3,
"nbformat_minor": 0,
"worksheets": [
{
"cells": [
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"# 1. \uc18c\uac1c\n",
"\n",
"## [\ud574\ucee4\uc758 \uc5b8\uc5b4, \uce58\uba85\uc801 \ud30c\uc774\uc36c](http://www.yes24.com/24/goods/8433461)\n",
"\n",
"![](\"files/images/violent_python.jpeg\")
\n"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"1. \uc18c\uac1c\n",
"2. \uce68\ud22c \ud14c\uc2a4\ud2b8\n",
"3. \ud3ec\ub80c\uc2dd \uc218\uc0ac\n",
"4. \ub124\ud2b8\uc6cc\ud06c \ud2b8\ub798\ud53d \ubd84\uc11d\n",
"5. \ubb34\uc120 \uae30\uae30 \ud574\ud0b9\n",
"6. \uc815\ubcf4\uc218\uc9d1\n",
"7. \ubc31\uc2e0 \ud504\ub85c\uadf8\ub7a8 \uc6b0\ud68c"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"source": [
"- \uac1c\ubc1c \ud658\uacbd\n",
"- \ud30c\uc774\uc36c \uc5b8\uc5b4\n",
"- \uc720\ub2c9\uc2a4 \ud328\uc2a4\uc6cc\ub4dc \ud06c\ub798\ucee4\n",
"- \uc555\ucd95\ud30c\uc77c \ud328\uc2a4\uc6cc\ub4dc \ud06c\ub798\ucee4\n",
"\n",
"- \ud3ec\ud2b8 \uc2a4\uce90\ub108 \n",
"- SSH \ubd07\ub137\n",
"- \ucee8\ud53c\ucee4\n",
"- \uc81c\ub85c\ub370\uc774\n",
"\n",
"- \ud3ec\ub80c\uc2dd \uc218\uc0ac\n",
"- \ub808\uc988\uc2a4\ud2b8\ub9ac\uc758 \ubb34\uc120 AP \ubd84\uc11d\n",
"- \uc0ad\uc81c\ub41c \uc544\uc774\ud15c \ubcf5\uad6c\ud558\uae30\n",
"- \uba54\ud0c0\ub370\uc774\ud130\n",
"- \uc560\ud50c\ub9ac\ucf00\uc774\uc158 \uc0ac\uc6a9\ud754\uc801 \uc218\uc0ac\n",
"- iTunes \ubc31\uc5c5 \uc870\uc0ac\ud558\uae30\n",
"\n",
"- \ub124\ud2b8\uc6cc\ud06c \ud2b8\ub798\ud53d \ubd84\uc11d\n",
"- IP \ud2b8\ub798\ud53d\uc758 \ubaa9\uc801\uc9c0\ub294?\n",
"- \uc5b4\ub098\ub2c8\uba38\uc2a4\uac00 \uc815\ub9d0 \uc775\uba85\uc778 \uac83\uc77c\uae4c?\n",
"- TTL \ud544\ub4dc\n",
"- \ub3c4\uba54\uc778 \ud50c\ub7ed\uc2a4\n",
"- TCP \uc77c\ub828 \ubc88\ud638 \uc608\uce21 \uacf5\uaca9\n",
"- IDS \uacf5\uaca9\ud558\uae30\n",
"\n",
"- \ubb34\uc120 \uae30\uae30 \ud574\ud0b9\n",
"- WALL OF SHEEP\n",
"- \ub178\ud2b8\ubd81 \ucef4\ud4e8\ud130\ub97c \uc0ac\uc6a9\ud55c \uacf3\uc740?\n",
"- \ud30c\uc774\uc36c\uc73c\ub85c UAV \uc81c\uc5b4\ud558\uae30\n",
"- FIRESHEEP \ud0d0\uc9c0\ud558\uae30\n",
"- \ube14\ub8e8\ud22c\uc2a4\uc640 \ud30c\uc774\uc36c\uc73c\ub85c \uc2a4\ud1a0\ud0b9\ud558\uae30\n",
"\n",
"- \uc815\ubcf4\uc218\uc9d1\n",
"- \uc624\ub298\ub0a0\uc758 \uc0ac\ud68c\uacf5\ud559\uae30\ubc95\n",
"- MECHANIZE \ub77c\uc774\ube0c\ub7ec\ub9ac\ub85c \uc778\ud130\ub137 \uac80\uc0c9\n",
"- ANONBROWSER\ub85c \uc6f9 \ud398\uc774\uc9c0 \uc815\ubcf4 \uc218\uc9d1\n",
"- \uad6c\uae00 API \uc0ac\uc6a9\ud558\uae30\n",
"- \uc775\uba85\uc758 \uc774\uba54\uc77c\n",
"\n",
"- \ubc31\uc2e0 \ud504\ub85c\uadf8\ub7a8 \uc6b0\ud68c\n",
"\n",
"## \uc800\uc790 \uc18c\uac1c\n",
"\n",
"- \ubbf8 \uad6d\ubc29\ubd80\uc758 \uc815\ubcf4\ubcf4\uc548 \uc804\ubb38\uac00\n",
"\n",
"## \uc5ed\uc790\uc758 \uae00\n",
"\n",
"- \uce68\ud22c \ud14c\uc2a4\ud2b8 \ub610\ub294 \ubaa8\uc758 \ud574\ud0b9\uc744 \ud558\uae30 \uc704\ud574\uc11c\ub294 \ub9ce\uc740 \uc9c0\uc2dd \ud544\uc694\n",
"- \ubaa8\uc758 \ud574\ud0b9 \ubc29\ubc95\ub860\n",
"- \uc815\ubcf4 \uc218\uc9d1\n",
"- \uc5ec\ub7ec \ud574\ud0b9 \ud234 \uc0ac\uc6a9\ubc95\n",
"- \uc6b4\uc601\uccb4\uc81c\uc5d0 \ub300\ud55c \uc9c0\uc2dd\n",
"- \ub370\uc774\ud130\ubca0\uc774\uc2a4 \uba85\ub839\uc5b4\n",
"- \uc5ec\ub7ec \ud504\ub85c\uadf8\ub798\ubc0d \uc5b8\uc5b4\uc5d0 \ub300\ud55c \uc9c0\uc2dd\n",
"- \uace0\uae09 \uce68\ud22c \ud14c\uc2a4\ud130\uac00 \ub418\uae30 \uc704\ud574\uc11c\ub294 \ud55c\ub450 \uac00\uc9c0 \ud504\ub85c\uadf8\ub798\ubc0d \ub610\ub294 \uc2a4\ud06c\ub9bd\ud2b8 \uc5b8\uc5b4\ub97c \uc798 \ub2e4\ub8f0 \uc904 \uc54c\uc544\uc57c \ud568\n",
"- \ud30c\uc774\uc36c\uc758 \uac00\uc7a5 \ud070 \uc7a5\uc810\uc740 \ub9ce\uc740 \ub77c\uc774\ube0c\ub7ec\ub9ac\uac00 \uc874\uc7ac\n",
"- \uce68\ud22c \ud14c\uc2a4\ud2b8\ub294 \uc2dc\uac04\uacfc\uc758 \uc2f8\uc6c0\n",
"- \ud30c\uc774\uc36c \ub77c\uc774\ube0c\ub7ec\ub9ac\ub97c \uc0ac\uc6a9\ud558\uba74 \uc9e7\uc740 \ucf54\ub4dc\ub85c \uadf8\ub9ac\uace0 \ube60\ub978 \uc2dc\uac04 \ub0b4\uc5d0 \uc6d0\ud558\ub294 \ubaa9\uc801 \ub2ec\uc131\n",
"- \ud30c\uc774\uc36c\uc740 \uc27d\ub2e4.\n",
"- C\uac19\uc740\uc740 \uc5b8\uc5b4\ub294 \ud3ec\uc778\ud130\uc640 \uba54\ubaa8\ub9ac \ud560\ub2f9 \uac19\uc740 \ubd80\ubd84\uc744 \uc9c1\uc811 \ud504\ub85c\uadf8\ub798\ubc0d\ud574\uc57c \ud568\n",
"- \ud30c\uc774\uc36c\uc740 \uc2a4\ud06c\ub9bd\ud2b8 \uc5b8\uc5b4\uc774\uba74\uc11c \ucef4\ud30c\uc77c\uc744 \ud560 \uc218 \uc788\ub2e4\ub294 \uac83\n",
"- \uc9c4\uc815\ud55c \uc758\ubbf8\uc758 \ucef4\ud30c\uc77c\uc740 \uc544\ub2c8\uc9c0\ub9cc, \ucef4\ud30c\uc77c\uacfc \ub3d9\uc77c\ud55c \ud6a8\uacfc\ub97c \uc5bb\uc744 \uc218 \uc788\uc5b4 \ud30c\uc774\uc36c\uc774 \uc124\uce58\ub418\uc9c0 \uc54a\uc740 \uacf5\uaca9 \ub300\uc0c1\uc5d0\uc11c\ub3c4 \ud30c\uc774\uc36c \ucf54\ub4e4\ub974 \uc2e4\ud589\ud560 \uc218 \uc788\ub2e4\n",
"\n",
"\n",
"## \uc774 \uc7a5\uc5d0\uc11c \ub2e4\ub8e8\ub294 \ub0b4\uc6a9\n",
"\n",
"- \ud30c\uc774\uc36c \uac1c\ubc1c \ud658\uacbd \uad6c\uc131\n",
"- \ud30c\uc774\uc36c \ud504\ub85c\uadf8\ub798\ubc0d \uc5b8\uc5b4\uc5d0 \ub300\ud55c \uc18c\uac1c\n",
"- \ubcc0\uc218, \ub370\uc774\ud130 \ud0c0\uc785, \ubb38\uc790\uc5f4, \ub9ac\uc2a4\ud2b8, \ub515\uc154\ub108\ub9ac \uadf8\ub9ac\uace0 \ud568\uc218\uc5d0 \ub300\ud55c \uc124\uba85\n",
"- \ub124\ud2b8\uc6cc\ud06c, \ubc18\ubcf5\ubb38, \uc120\ud0dd, \uc608\uc678\ucc98\ub9ac \uadf8\ub9ac\uace0 \ubaa8\ub4c8 \uc791\uc5c5\n",
"- \uccab\ubc88\uc9f8 \ud30c\uc774\uc36c \ud504\ub85c\uadf8\ub7a8 - \ub515\uc154\ub108\ub9ac \ud328\uc2a4\uc6cc\ub4dc \ud06c\ub798\ucee4\n",
"- \ub450\ubc88\uc9f8 \ud30c\uc774\uc36c \ud504\ub85c\uadf8\ub7a8 - \uc555\ucd95\ud30c\uc77c \ubb34\ucc28\ubcc4\ub300\uc785 \ud06c\ub798\ucee4\n",
"\n",
"## \uac1c\ubc1c \ud658\uacbd \uad6c\uc131\ud558\uae30\n",
"\n",
"- \ud30c\uc774\uc36c \uc778\ud130\ud504\ub9ac\ud130, \ud45c\uc900 \ub77c\uc774\ube0c\ub7ec\ub9ac\n",
"- \uc790\uccb4 \ub370\uc774\ud130 \ud0c0\uc785\n",
"- \uc608\uc678 \ucc98\ub9ac\n",
"- \uc22b\uc790\uc640 \uc218\ud559 \ubaa8\ub4c8\n",
"- \ud30c\uc77c \ucc98\ub9ac\n",
"- \uc554\ud638\ud654 \uc11c\ube44\uc2a4\n",
"- \uc6b4\uc601\uccb4\uc81c\uc640\uc758 \uc0c1\ud638 \ud638\ud658\uc131\n",
"- \uc778\ud130\ub137 \ub370\uc774\ud130 \ucc98\ub9ac\n",
"- IP \ud504\ub85c\ud1a0\ucf5c \ucc98\ub9ac\n",
"\n",
"\n",
"- \uc190\uc27d\uac8c \uc678\ubd80 \ud328\ud0a4\uc9c0 \uc124\uce58"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"-----\n",
"\n",
"### Slide Show \uc6a9\uc5b4 \uad6c\ubd84\n",
"\n",
"- \\-: \uc544\ubb34\uac83\ub3c4 \uc548\ud574\ub3c4 \uadf8\ub0e5 \ubcf4\uc5ec\uc8fc\uae30\n",
"- Slide: \uba85\ud655\ud55c \uba85\uc81c\n",
"- Sub-Slide: Slide \uc548\uc5d0 \ud3ec\ud568\ub418\ub294 \ub0b4\uc6a9. \uadf8\ub7f0\ub370 \ubb38\uc81c\ub294 2\uc911\ub9cc \ud3ec\ud568\ub418\ub294 \ub0b4\uc6a9\uc774\ub77c\uba74 \ub531\uc774\uc9c0\ub9cc 3\uc911\uae4c\uc9c0 \ub0b4\ub824\uac00\ub2e4 \ubcf4\uba74 \uc124\uba85\ud558\uae30\uac00 \uaf64 \uc5b4\ub824\uc6c0\n",
"- Fragments: \ud074\ub9ad\ud558\uba74 \ubcf4\uc5ec\uc8fc\uae30. \uc870\uac01\n",
"- Skip: Slide show\uc5d0\uc11c \ubcf4\uc5ec\uc8fc\uc9c0 \uc54a\ub294\ub2e4.\n",
"-----"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"### \ud30c\uc774\uc36c \uc2e4\uc2b5\n",
"\n",
"- [PyCharm](http://www.jetbrains.com/pycharm/): IDE\ub85c\uc368 eclipse\uc758 pydev\ubcf4\ub2e4 \ud6e8\uc52c \uc88b\uc740\uac83 \uac19\ub2e4. eclipse\ub294 \ubd88\uc548\uc815\ud568. \ub0b4\uac00 \uc815\ud488\uc73c\ub85c \uad6c\ub9e4\ud574\uc11c \uc0ac\uc6a9\ud558\ub294 \uc81c\ud488"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"### \uc678\ubd80 \ub77c\uc774\ube0c\ub7ec\ub9ac \uc124\uce58\n",
"\n",
"- mac \uae30\uc900\n",
"- pip\uac00 \ud6e8\uc52c \uc26c\uc6b0\ub2c8 \uc774\uac78\ub85c \ub77c\uc774\ube0c\ub7ec\ub9ac \uc124\uce58\n",
"- [beautifulsoup4](http://www.crummy.com/software/BeautifulSoup/) \uc18c\ubb38\uc790\ub85c \uc791\uc131\n",
"\n",
"\n",
"> sudo pip install python-nmap pygeoip mechanize beautifulsoup4\n",
"\n",
"- [\uc708\ub3c4\uc6b0\uc5d0\uc11c easy_install, pip \uc0ac\uc6a9\ud558\uae30](http://amornatura.tistory.com/95)\n",
"- 5\uc7a5 \ube14\ub8e8\ud22c\uc2a4 \ub77c\uc774\ube0c\ub7ec\ub9ac \ud544\uc694\n",
"- 6, 7\uc7a5 \uc708\ub3c4\uc6b0 \ud30c\uc774\uc36c \ud544\uc694"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"### \ud30c\uc774\uc36c\uc758 \ub450 \uac00\uc9c0 \ubaa8\ub4dc\n",
"\n",
"1. .py \ud655\uc7a5\uc790\ub97c \uac00\uc9c4 \ud30c\uc77c \uc2e4\ud589\n",
"2. Interactive \ubaa8\ub4dc(\uc0c1\ud638 \uc791\uc6a9)"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# .py \ud655\uc7a5\uc790\ub97c \uac00\uc9c4 \ud30c\uc77c \uc2e4\ud589 \ubaa8\ub4dc\n",
"# >\ub294 \ub9ac\ub2e4\uc774\ub809\uc158 \uae30\ud638: \ud30c\uc77c \uc800\uc7a5\ud558\ub294 \uac83\n",
"!echo print \\\"Hello World\\\" > ch01/hello.py\n",
"!python ch01/hello.py"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Hello World\r\n"
]
}
],
"prompt_number": 1
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!cat ch01/hello.py"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"print \"Hello World\"\r\n"
]
}
],
"prompt_number": 2
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# Interactive \ubaa8\ub4dc. \n",
"# ipython notebook\uc774 \uc88b\uc740 \uc608\n",
"print 'Hello World1111'"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Hello World1111\n"
]
}
],
"prompt_number": 3
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"#### \ud568\uc218 \uc791\uc131\ubc95"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \ub2e4\uc74c \uc5ec\ub7ec\uc7a5\uc5d0 \uac78\uccd0 \ud30c\uc774\uc36c \uc608\ub97c \uc124\uba85\ud558\uba74\uc11c **\uba54\uc18c\ub4dc** \ub610\ub294 **\ud568\uc218**\ub77c\uace0 \ubd88\ub9ac\ub294 \ucf54\ub4dc \ube14\ub85d\uc744 \uc5ec\ub7ec \uac1c \uc0ac\uc6a9\ud558\uc5ec \uc2a4\ud06c\ub9bd\ud2b8\ub97c \uc791\uc131\ud560 \uac83"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \uac01 \uc2a4\ud06c\ub9bd\ud2b8\ub97c \ub9c8\ubb34\ub9ac\ud558\uba74\uc11c \uc774\ub7ec\ud55c **\uba54\uc18c\ub4dc\ub97c \uc5b4\ub5bb\uac8c \uc791\uc131\ud558\ub294\uc9c0**, \uadf8\ub9ac\uace0 **main() \uba54\uc18c\ub4dc\uc5d0\uc11c \uc5b4\ub5bb\uac8c \ud638\ucd9c\ud558\ub294\uc9c0** \ubcf4\uc5ec\uc904 \uac83"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \ud638\ucd9c\ud560 \uc218 \uc5c6\ub294 \ub3c5\ub9bd\ub41c \ud568\uc218\ub9cc \uc788\ub294 \uc2a4\ud06c\ub9bd\ud2b8\ub294 \uc544\ubb34\ub7f0 \ub3c4\uc6c0\uc774 \uc548\ub428"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \uc644\uc131\ub41c \uc2a4\ud06c\ub9bd\ud2b8\uc5d0\ub294 main() \ud568\uc218\uac00 \uc815\uc758\ub418\uc5b4 \uc788\uae30 \ub54c\ubb38\uc5d0 \ub300\ubd80\ubd84\uc758 \uacbd\uc6b0 \uc644\uc804\ud55c \uc2a4\ud06c\ub9bd\ud2b8\uac00 \ubb34\uc5c7\uc778\uc9c0 \ud55c\ub208\uc5d0 \uc54c\uc544\ubcfc \uc218 \uc788\uc744 \uac83"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"## \ud30c\uc774\uc36c \uc5b8\uc5b4\n",
"\n",
"- \ubcc0\uc218\n",
"- \ub370\uc774\ud130 \ud0c0\uc785\n",
"- \ubb38\uc790\uc5f4\n",
"- \ubcf5\uc7a1\ud55c \ub370\uc774\ud130 \uad6c\uc870\n",
"- \ub124\ud2b8\uc6cc\ud06c\n",
"- \uc120\ud0dd\n",
"- \ubc18\ubcf5\ubb38\n",
"- \ud30c\uc77c \ucc98\ub9ac\n",
"- \uc608\uc678 \ucc98\ub9ac\n",
"- \uc6b4\uc601\uccb4\uacc4\uc640\uc758 \uc0c1\ud638\uc6b4\uc601\uc131\n",
"- \uc124\uba85\ud560 \uac83\uc784\n",
"\n",
"- \uc774 \uc2a4\ud06c\ub9bd\ud2b8\ub294 TCP \uc18c\ucf13\uc5d0 \uc5f0\uacb0\ud558\uc5ec \uc11c\ube44\uc2a4\uc758 \ubc30\ub108\ub97c \uc77d\uace0, \uc774\ubbf8 \uc54c\ub824\uc9c4 \ucde8\uc57d\ud55c \uc11c\ube44\uc2a4 \ubc84\uc804\uc758 \ubc30\ub108\uc640 \uc77d\uc5b4\uc628 \ubc30\ub108\ub97c \ube44\uad50\ud558\ub294 \uac04\ub2e8\ud55c \ucde8\uc57d\uc810 \uc2a4\uce90\ub108"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"### \ubcc0\uc218\n",
"\n",
"- \ubcc0\uc218: \uba54\ubaa8\ub9ac\uc5d0 \uc800\uc7a5\ub418\uc5b4 \uc788\ub294 \ub370\uc774\ud130\n",
"- \uba54\ubaa8\ub9ac\uc5d0\ub294 \uc815\uc218, \uc2e4\uc218, \ubd88\ub9ac\uc5b8, \ubb38\uc790\uc5f4\ubfd0\ub9cc \uc544\ub2c8\ub77c \ub9ac\uc2a4\ud2b8\uc640 \ub515\uc154\ub108\ub9ac \uac19\uc774 \ub354 \ubcf5\uc7a1\ud55c \ub370\uc774\ud130\uae4c\uc9c0 \uc800\uc7a5 \uac00\ub2a5\n",
"- \ub450 \uac1c\uc758 \ubcc0\uc218\ub97c \ud558\ub098\ub85c \ud569\uce58\uae30 \uc704\ud574\uc11c\ub294 \ubc18\ub4dc\uc2dc \ub370\uc774\ud130 \ud615\uc744 \ub3d9\uc77c\ud558\uac8c \ub9de\ucdb0\uc918\uc57c \ud55c\ub2e4."
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"port = 21"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 4
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"port"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 5,
"text": [
"21"
]
}
],
"prompt_number": 5
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"banner = 'FreeFloat FTP Server'"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 6
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print '\\''"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"'\n"
]
}
],
"prompt_number": 7
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print '[+] Checking for ' + banner + ' on port ' + port"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"ename": "TypeError",
"evalue": "cannot concatenate 'str' and 'int' objects",
"output_type": "pyerr",
"traceback": [
"\u001b[0;31m---------------------------------------------------------------------------\u001b[0m\n\u001b[0;31mTypeError\u001b[0m Traceback (most recent call last)",
"\u001b[0;32m\u001b[0m in \u001b[0;36m\u001b[0;34m()\u001b[0m\n\u001b[0;32m----> 1\u001b[0;31m \u001b[0;32mprint\u001b[0m \u001b[0;34m'[+] Checking for '\u001b[0m \u001b[0;34m+\u001b[0m \u001b[0mbanner\u001b[0m \u001b[0;34m+\u001b[0m \u001b[0;34m' on port '\u001b[0m \u001b[0;34m+\u001b[0m \u001b[0mport\u001b[0m\u001b[0;34m\u001b[0m\u001b[0m\n\u001b[0m",
"\u001b[0;31mTypeError\u001b[0m: cannot concatenate 'str' and 'int' objects"
]
}
],
"prompt_number": 8
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print '[+] Checking for ' + banner + ' on port ' + str(port)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": []
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"source": [
"- \ud504\ub85c\uadf8\ub798\uba38\uac00 \ubcc0\uc218\ub97c \uc120\uc5b8\ud558\uba74 \ud30c\uc774\uc36c\uc740 \uba54\ubaa8\ub9ac\uc5d0 \uacf5\uac04\uc744 \ud655\ubcf4\n",
"- \uc5b4\ub5a4 \uc885\ub958\uc758 \ub370\uc774\ud130\ub97c \uc0ac\uc6a9\ud560 \uac83\uc778\uc9c0 \uba85\ud655\ud558\uac8c \uc120\uc5b8\ud558\uc9c0 \uc54a\uc544\ub3c4 \ub428\n",
"- \ub300\uc2e0\uc5d0 \ud30c\uc774\uc36c \uc778\ud130\ud504\ub9ac\ud130 \ubcc0\uc218\uac00 \uc5b4\ub5a4 \ub370\uc774\ud130 \ud0c0\uc785\uc778\uc9c0 \uadf8\ub9ac\uace0 \uba54\ubaa8\ub9ac\uc5d0\uc11c \uc5bc\ub9c8\ub098 \ub9ce\uc740 \uacf5\uac04\uc744 \ud655\ubcf4\ud560 \uac83\uc778\uc9c0 \uacb0\uc815\n",
"- C\uc5b8\uc5b4\ub294 \ubcc0\uc218 \uc120\uc5b8\ud560 \ub54c\ub9c8\ub2e4 \ub370\uc774\ud130 \ud615\uc744 \uc9c0\uc815\ud574 \uc918\uc57c \ub418\uc11c \uc9dc\uc99d\uc774\ub09c\ub2e4. \ud558\uc9c0\ub9cc \uc774 \ub370\uc774\ud130\ud615\uc744 \uc9c0\uc815\ud574 \uc8fc\ub294 \uac83\ub9cc\uc73c\ub85c\ub3c4 \uc18d\ub3c4 \ud5a5\uc0c1\uc5d0 \uc9c0\ub300\ud55c \uacf5\ud5cc\uc744 \ud55c\ub2e4. \uc2e4\uc81c\ub85c pypy\ub294 \ub370\uc774\ud130 \ud615\uc744 \ubbf8\ub9ac \uc9c0\uc815\ud574 \uc8fc\uc5b4 \ud30c\uc774\uc36c\uc758 \ub290\ub9b0 \uc18d\ub3c4\ub97c \uac1c\uc120\ud558\uc600\ub2e4. \uc7a5, \ub2e8\uc810\uc774 \uc874\uc7ac\ud55c\ub2e4."
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"type(banner)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 9,
"text": [
"str"
]
}
],
"prompt_number": 9
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"type(port)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 10,
"text": [
"int"
]
}
],
"prompt_number": 10
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"type(str(port))"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 11,
"text": [
"str"
]
}
],
"prompt_number": 11
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList = [21, 22, 80, 110] # A list"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"outputs": [],
"prompt_number": 12
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"type(portList)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 13,
"text": [
"list"
]
}
],
"prompt_number": 13
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList2 = [21, 22, 80, 110, 'string'] # A list\n",
"portList2"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 14,
"text": [
"[21, 22, 80, 110, 'string']"
]
}
],
"prompt_number": 14
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portOpen = True # A boolean"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 15
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"type(portOpen)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 16,
"text": [
"bool"
]
}
],
"prompt_number": 16
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"### \ubb38\uc790\uc5f4\n",
"\n",
"- \ud30c\uc774\uc36c \ubb38\uc790\uc5f4 \ubaa8\ub4c8\uc5d0\ub294 \uac15\ub825\ud55c \uba54\uc18c\ub4dc\ub4e4\uc774 \ud3ec\ud568\ub418\uc5b4 \uc788\uc74c\n",
"- \uc815\ud655\ud788 \uc5b4\ub5a4 \uba54\uc18c\ub4dc\ub4e4\uc774 \uc788\ub294\uc9c0 \ud655\uc778\ud558\uae30 \uc704\ud574\uc11c\ub294 [string](http://docs.python.org/library/string.html)\uc5d0 \uc788\ub294 \ud30c\uc774\uc36c \ubb38\uc11c\ub97c \uc77d\uc5b4\ubcf4\uc790\n",
"- upper(), lower(), replace(), find() \ub4f1\uc758 \uc720\uc6a9\ud55c \uba54\uc18c\ub4dc"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"banner"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 17,
"text": [
"'FreeFloat FTP Server'"
]
}
],
"prompt_number": 17
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# string\uc5d0\uc11c \uc5b4\ub5a4 \uba54\uc18c\ub4dc\ub4e4\uc744 \uc0ac\uc6a9\ud560 \uc218 \uc788\ub294\uc9c0 \uc54c\ub824\uc90c\n",
"dir(banner)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 18,
"text": [
"['__add__',\n",
" '__class__',\n",
" '__contains__',\n",
" '__delattr__',\n",
" '__doc__',\n",
" '__eq__',\n",
" '__format__',\n",
" '__ge__',\n",
" '__getattribute__',\n",
" '__getitem__',\n",
" '__getnewargs__',\n",
" '__getslice__',\n",
" '__gt__',\n",
" '__hash__',\n",
" '__init__',\n",
" '__le__',\n",
" '__len__',\n",
" '__lt__',\n",
" '__mod__',\n",
" '__mul__',\n",
" '__ne__',\n",
" '__new__',\n",
" '__reduce__',\n",
" '__reduce_ex__',\n",
" '__repr__',\n",
" '__rmod__',\n",
" '__rmul__',\n",
" '__setattr__',\n",
" '__sizeof__',\n",
" '__str__',\n",
" '__subclasshook__',\n",
" '_formatter_field_name_split',\n",
" '_formatter_parser',\n",
" 'capitalize',\n",
" 'center',\n",
" 'count',\n",
" 'decode',\n",
" 'encode',\n",
" 'endswith',\n",
" 'expandtabs',\n",
" 'find',\n",
" 'format',\n",
" 'index',\n",
" 'isalnum',\n",
" 'isalpha',\n",
" 'isdigit',\n",
" 'islower',\n",
" 'isspace',\n",
" 'istitle',\n",
" 'isupper',\n",
" 'join',\n",
" 'ljust',\n",
" 'lower',\n",
" 'lstrip',\n",
" 'partition',\n",
" 'replace',\n",
" 'rfind',\n",
" 'rindex',\n",
" 'rjust',\n",
" 'rpartition',\n",
" 'rsplit',\n",
" 'rstrip',\n",
" 'split',\n",
" 'splitlines',\n",
" 'startswith',\n",
" 'strip',\n",
" 'swapcase',\n",
" 'title',\n",
" 'translate',\n",
" 'upper',\n",
" 'zfill']"
]
}
],
"prompt_number": 18
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"banner"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 19,
"text": [
"'FreeFloat FTP Server'"
]
}
],
"prompt_number": 19
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \ub300\ubb38\uc790\ub85c \ubcc0\uacbd\n",
"print banner.upper()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"FREEFLOAT FTP SERVER\n"
]
}
],
"prompt_number": 20
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \uc18c\ubb38\uc790\ub85c \ubcc0\uacbd\n",
"print banner.lower()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"freefloat ftp server\n"
]
}
],
"prompt_number": 21
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \ubb38\uc790\uc5f4 \ubcc0\uacbd\n",
"print banner.replace('FreeFloat', 'Ability')"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Ability FTP Server\n"
]
}
],
"prompt_number": 22
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### \ubb38\uc790\uc5f4 \uba54\uc18c\ub4dc\uc911 find, index \ucc28\uc774\uc810\n",
"\n",
"- find\uc640 index\ub294 \ubb38\uc790\uc5f4\ub0b4\uc5d0\uc11c \ud574\ub2f9\ud558\ub294 \ubb38\uc790\ub97c \ucc3e\uc558\uc744 \ub54c\ub294 index \uac12\uc744 \ub3cc\ub824\uc900\ub2e4.\n",
"- \ud558\uc9c0\ub9cc \uc5c6\ub294 \ubb38\uc790\uc5f4\uc77c \ub54c\ub294 find\ub294 -1\uc744 index\ub294 ValueError\ub97c \uc54c\ub824\uc900\ub2e4.\n",
"- \uc774 \ud2b9\uc9d5\uc744 \uc778\uc9c0\ud558\uace0 \ud544\uc694\uc5d0 \ub530\ub77c\uc11c \ud65c\uc6a9"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \ubb38\uc790\uc5f4 \ucc3e\uae30\n",
"print banner.find('FTP')"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"10\n"
]
}
],
"prompt_number": 23
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \ubb38\uc790\uc5f4\uc744 \ucc3e\uc9c0 \ubabb\ud588\uc744 \ub54c\n",
"print banner.find('FTP2')"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"-1\n"
]
}
],
"prompt_number": 24
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print banner.index('FTP')"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"10\n"
]
}
],
"prompt_number": 25
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print banner.index('FTP2')"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"ename": "ValueError",
"evalue": "substring not found",
"output_type": "pyerr",
"traceback": [
"\u001b[0;31m---------------------------------------------------------------------------\u001b[0m\n\u001b[0;31mValueError\u001b[0m Traceback (most recent call last)",
"\u001b[0;32m\u001b[0m in \u001b[0;36m\u001b[0;34m()\u001b[0m\n\u001b[0;32m----> 1\u001b[0;31m \u001b[0;32mprint\u001b[0m \u001b[0mbanner\u001b[0m\u001b[0;34m.\u001b[0m\u001b[0mindex\u001b[0m\u001b[0;34m(\u001b[0m\u001b[0;34m'FTP2'\u001b[0m\u001b[0;34m)\u001b[0m\u001b[0;34m\u001b[0m\u001b[0m\n\u001b[0m",
"\u001b[0;31mValueError\u001b[0m: substring not found"
]
}
],
"prompt_number": 26
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"### \ub9ac\uc2a4\ud2b8\n",
"\n",
"- \ub9ac\uc2a4\ud2b8 \ub370\uc774\ud130 \uad6c\uc870\ub294 \uac1d\uccb4\ub97c \ubc30\uc5f4\ub85c \uc800\uc7a5\ud558\uae30\uc5d0 \ub9e4\uc6b0 \uc88b\uc740 \uc218\ub2e8\n",
"- \ubaa8\ub4e0 \ub370\uc774\ud130 \ud0c0\uc785\uc758 \ub9ac\uc2a4\ud2b8\ub97c \ub9cc\ub4e4 \uc218 \uc788\uc74c\n",
"- \ucd94\uac00, \uc0bd\uc785, \uc81c\uac70, \uc778\ub371\uc2a4\ud654, \uce74\uc6b4\ud2b8, \uc815\ub82c \uac19\uc740 \uc791\uc5c5\uc744 \ud558\uae30 \uc704\ud55c **\uc790\uccb4 \uba54\uc18c\ub4dc\uac00 \uc774\ubbf8 \uc874\uc7ac**"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList = []"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 27
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 28,
"text": [
"[]"
]
}
],
"prompt_number": 28
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList.append(21)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 29
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 30,
"text": [
"[21]"
]
}
],
"prompt_number": 30
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList.append(80)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 31
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList.append(443)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 32
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList.append(25)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 33
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 34,
"text": [
"[21, 80, 443, 25]"
]
}
],
"prompt_number": 34
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \uc774 list \uc790\uccb4\uac00 \uc815\ub82c\uc774 \ub418\ubc84\ub824\uc11c \ub0b4\uac00 \uc6d0\ud558\ub294 \uc791\uc5c5\uc744 \ud560\uc9c0 \ubabb\ud560 \ub54c\uac00 \uc788\ub2e4.\n",
"# \uc774 \ub54c\ub294 slice\ub97c \uc774\uc6a9\ud574\uc11c \ubcf5\uc0ac\ud574\uc57c \ud55c\ub2e4.\n",
"portList.sort()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 35
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 36,
"text": [
"[21, 25, 80, 443]"
]
}
],
"prompt_number": 36
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"source": [
"------"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### List\uc758 \uac1d\uccb4 \ucc38\uc870\uc640 \ubcf5\uc0ac\uc758 \ucc28\uc774\uc810"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList10 = [21, 80, 443, 25]\n",
"portList10"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 37,
"text": [
"[21, 80, 443, 25]"
]
}
],
"prompt_number": 37
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList11 = portList10\n",
"portList11"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 38,
"text": [
"[21, 80, 443, 25]"
]
}
],
"prompt_number": 38
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \uac1d\uccb4\uc758 \ucc38\uc870\uac00 \ubcf5\uc0ac\ub418\uc5b4\uc11c \ubaa8\ub450 \ub3d9\uc2dc\uc5d0 \ubc14\ub00c\ub294 \uac83\uc744 \uc54c \uc218 \uc788\ub2e4.\n",
"# \uc27d\uac8c \uc774\uc57c\uae30\ud558\uba74 \uac1d\uccb4\uc758 \uc8fc\uc18c\uac00 \uc804\ub2ec\ub418\uc5b4 portList11\uacfc portList10\uc774 \ub3d9\uc77c\ud55c \uac1d\uccb4\ub97c \uac00\ub974\ud0a4\uac8c \ub418\ub294\uac83\n",
"portList11.sort()\n",
"print 'portList11 ', portList11\n",
"print 'portList10 ', portList10"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"portList11 [21, 25, 80, 443]\n",
"portList10 [21, 25, 80, 443]\n"
]
}
],
"prompt_number": 39
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList2 = [21, 80, 443, 25]\n",
"portList2"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 40,
"text": [
"[21, 80, 443, 25]"
]
}
],
"prompt_number": 40
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# slice \uc5f0\uc0b0\uc790\uc778 :\ub97c \uc0ac\uc6a9\ud558\uba74 \ubcf5\uc0ac\uac00 \uc774\ub8e8\uc5b4\uc9c4\ub2e4.\n",
"portList3 = portList2[:]\n",
"portList3.sort()\n",
"print 'portList3 ', portList3\n",
"print 'portList2 ', portList2"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"portList3 [21, 25, 80, 443]\n",
"portList2 [21, 80, 443, 25]\n"
]
}
],
"prompt_number": 41
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList2[:]"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 42,
"text": [
"[21, 80, 443, 25]"
]
}
],
"prompt_number": 42
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# slice \n",
"# \uc2dc\uc791 index(\ud3ec\ud568): \ub05d index(\ubbf8\ud3ec\ud568)\n",
"portList2[0:2]"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 43,
"text": [
"[21, 80]"
]
}
],
"prompt_number": 43
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"![](\"files/images/quiz.png\")
\n",
"#### Quiz\n",
"\n",
"- portList2[1:3]\uc758 \ucd9c\ub825\uac12\uc740?"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList2"
],
"language": "python",
"metadata": {},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 44,
"text": [
"[21, 80, 443, 25]"
]
}
],
"prompt_number": 44
},
{
"cell_type": "code",
"collapsed": true,
"input": [
"portList2[1:3]"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 45,
"text": [
"[80, 443]"
]
}
],
"prompt_number": 45
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"source": [
"------"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# sorting \ub418\uc5b4\uc9c4 \uc0c1\ud0dc\n",
"portList"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 46,
"text": [
"[21, 25, 80, 443]"
]
}
],
"prompt_number": 46
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"pos = portList.index(80)\n",
"pos"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 47,
"text": [
"2"
]
}
],
"prompt_number": 47
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"type(pos)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 48,
"text": [
"int"
]
}
],
"prompt_number": 48
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print '[+] There are ' + str(pos) + ' ports to scan before 80.'"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] There are 2 ports to scan before 80.\n"
]
}
],
"prompt_number": 49
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print '[+] There are ' + pos + ' ports to scan before 80.'"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"ename": "TypeError",
"evalue": "cannot concatenate 'str' and 'int' objects",
"output_type": "pyerr",
"traceback": [
"\u001b[0;31m---------------------------------------------------------------------------\u001b[0m\n\u001b[0;31mTypeError\u001b[0m Traceback (most recent call last)",
"\u001b[0;32m\u001b[0m in \u001b[0;36m\u001b[0;34m()\u001b[0m\n\u001b[0;32m----> 1\u001b[0;31m \u001b[0;32mprint\u001b[0m \u001b[0;34m'[+] There are '\u001b[0m \u001b[0;34m+\u001b[0m \u001b[0mpos\u001b[0m \u001b[0;34m+\u001b[0m \u001b[0;34m' ports to scan before 80.'\u001b[0m\u001b[0;34m\u001b[0m\u001b[0m\n\u001b[0m",
"\u001b[0;31mTypeError\u001b[0m: cannot concatenate 'str' and 'int' objects"
]
}
],
"prompt_number": 50
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 51,
"text": [
"[21, 25, 80, 443]"
]
}
],
"prompt_number": 51
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList.remove(443)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 52
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print portList"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[21, 25, 80]\n"
]
}
],
"prompt_number": 53
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"cnt = len(portList)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [],
"prompt_number": 54
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"help(len)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Help on built-in function len in module __builtin__:\n",
"\n",
"len(...)\n",
" len(object) -> integer\n",
" \n",
" Return the number of items of a sequence or mapping.\n",
"\n"
]
}
],
"prompt_number": 55
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"len?"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 56
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print '[+] Scanning ' + str(cnt) + ' Total Ports.'"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] Scanning 3 Total Ports.\n"
]
}
],
"prompt_number": 57
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"### \ub515\uc154\ub108\ub9ac\n",
"\n",
"- \ub515\uc154\ub108\ub9ac: \ud30c\uc774\uc36c \uac1d\uccb4\ub97c \uc800\uc7a5\ud560 \uc218 \uc788\ub294 \ud574\uc26c \ud14c\uc774\ube14\uc744 \uc81c\uacf5\n",
"- \ub515\uc154\ub108\ub9ac\ub294 \ud0a4\uc640 \uac12\uc73c\ub85c \uad6c\uc131\ub418\uc5b4 \uc788\uc74c\n",
"- \ubcf8 \ucde8\uc57d\uc810 \uc2a4\uce90\ub108 \uc608\ub97c \uc774\uc6a9\ud558\uc5ec \ud30c\uc774\uc36c\uc758 \ub515\uc154\ub108\ub9ac\ub97c \uacc4\uc18d \uc0b4\ud3b4\ubcfc \uac83\n",
"- \ud2b9\uc815 TCP \ud3ec\ud2b8\ub97c \uc2a4\uce90\ub2dd\ud560 \ub54c \uac01 \ud3ec\ud2b8\uc5d0\uc11c \uc77c\ubc18\uc801\uc73c\ub85c \uc0ac\uc6a9\ud558\ub294 \uc11c\ube44\uc2a4 \uc774\ub984\uc744 \ub515\uc154\ub108\ub9ac\ub85c \uc800\uc7a5\ud574\ub450\uba74 \uc720\uc6a9\ud560 \uac83\n",
"- \ub515\uc154\ub108\ub9ac\ub97c \ub9cc\ub4e4\uc5b4\uc11c ftp\uc624 \uac19\uc740 \ud0a4\ub85c \uac80\uc0c9\ud558\uba74 \uadf8 \ud3ec\ud2b8\uc758 \uac12\uc778 21\uc744 \ubc18\ud658\n",
"- \ub515\uc154\ub108\ub9ac\ub97c \ub9cc\ub4e4 \ub54c\uc5d0\ub294 \uac01 \ud0a4\uc640 \uac12\uc744 \ucf5c\ub860\uc73c\ub85c \uad6c\ubd84\ud558\uace0, \uac01 \uc544\uc774\ud15c\ub4e4\uc740 \ucf64\ub9c8\ub85c \ubd84\ub9ac\n",
"\n",
"![](\"files/images/dict.png\")
"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# key: value\n",
"# \ucf64\ub9c8\ub97c \uae30\uc900\uc73c\ub85c \ub098\ub25c\ub2e4.\n",
"services = {'ftp': 21,\n",
" 'ssh': 22,\n",
" 'smtp': 25,\n",
" 'http': 80}"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 58
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \uc815\ub82c\uc774 \ub4a4\uc8fd\ubc15\uc8fd\uc774 \ub418\uc5b4 \uc788\uc2b5\ub2c8\ub2e4.\n",
"# \ub0b4\ubd80\uc801\uc73c\ub85c \ud574\uc26c\uac12\uc73c\ub85c \uc800\uc7a5\uc774 \ub418\uae30 \ub54c\ubb38\uc5d0 \uc0ac\uc6a9\uc790\ub4e4\uc774 \uc5b4\ub5bb\uac8c \ud560 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4.\n",
"services"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 59,
"text": [
"{'ftp': 21, 'http': 80, 'smtp': 25, 'ssh': 22}"
]
}
],
"prompt_number": 59
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"type(services)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 60,
"text": [
"dict"
]
}
],
"prompt_number": 60
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"services.keys()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 61,
"text": [
"['ftp', 'smtp', 'ssh', 'http']"
]
}
],
"prompt_number": 61
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"services.values()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 62,
"text": [
"[21, 25, 22, 80]"
]
}
],
"prompt_number": 62
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# items\ub97c \uc0ac\uc6a9\ud558\uba74 key, value\ub97c \ud29c\ud50c \ud615\ud0dc\ub85c \ub3cc\ub824\uc900\ub2e4.\n",
"services.items()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 63,
"text": [
"[('ftp', 21), ('smtp', 25), ('ssh', 22), ('http', 80)]"
]
}
],
"prompt_number": 63
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"\n",
"\n",
"#### Quiz\n",
"\n",
"#### list vs tuple \ucc28\uc774\uc810\uc740?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \uac70\uc758 \ub611\uac19\uc740 \uc5ed\ud560\ub85c \ubcc0\uc218\ub4e4\uc744 \ub2f4\ub294 \ubc14\uad6c\ub2c8 \uc5ed\ud560\n",
"- list\ub294 \uadf8 \uc548\uc5d0 \uc788\ub294 \uc694\uc18c\ub4e4\uc744 **\ubcc0\uacbd \uac00\ub2a5**\n",
"- tuple\uc740 \uadf8 \uc548\uc5d0 \uc788\ub294 \uc694\uc18c\ub4e4\uc744 **\ubcc0\uacbd \ubd88\uac00\ub2a5**"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"#### \uadf8\ub7fc \uc65c \ubcc0\uacbd \uac00\ub2a5\uacfc \ubd88\uac00\ub2a5\uc744 \uc4f0\ub290\ub0d0?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \ud504\ub85c\uadf8\ub798\uba38\uac00 \uc2e4\uc218\ub97c \ud560 \uc218 \uc788\uae30 \ub54c\ubb38\uc5d0 \ud30c\uc774\uc36c\uc5d0\uc11c \uc9c0\uc6d0\ud574\uc8fc\ub294 \ubcc0\uacbd \ubd88\uac00\ub2a5 \uae30\ub2a5\uc744 \uc0ac\uc6a9\ud55c\ub2e4.\n",
"- \uc608\ub97c \ub4e4\uba74 \uc808\ub300\ub85c \ubcc0\uacbd\ub418\uc9c0 \uc54a\uc544\uc57c \ud558\ub294 \uac12\uc774 \uc788\ub294\ub370 \ud504\ub85c\uadf8\ub798\uba38\uc758 \uc2e4\uc218\ub85c \uadf8 \uac12\uc744 \ub36e\uc5b4\uc50c\uc6cc \ubc84\ub9ac\uba74 \uc548\ub418\uae30 \ub54c\ubb38\uc5d0 \ubcc0\uacbd \ubd88\uac00\ub2a5\uc744 \ud29c\ud50c\ub85c \ub530\ub85c \ube7c\uc11c \ub9cc\ub4ec"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"l = [1,2]"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [],
"prompt_number": 64
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"l"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "-"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 65,
"text": [
"[1, 2]"
]
}
],
"prompt_number": 65
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"l[0] = 5"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 66
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"l"
],
"language": "python",
"metadata": {},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 67,
"text": [
"[5, 2]"
]
}
],
"prompt_number": 67
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"t = (1, 3)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 68
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"t"
],
"language": "python",
"metadata": {},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 69,
"text": [
"(1, 3)"
]
}
],
"prompt_number": 69
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"t[0] = 5"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"ename": "TypeError",
"evalue": "'tuple' object does not support item assignment",
"output_type": "pyerr",
"traceback": [
"\u001b[0;31m---------------------------------------------------------------------------\u001b[0m\n\u001b[0;31mTypeError\u001b[0m Traceback (most recent call last)",
"\u001b[0;32m\u001b[0m in \u001b[0;36m\u001b[0;34m()\u001b[0m\n\u001b[0;32m----> 1\u001b[0;31m \u001b[0mt\u001b[0m\u001b[0;34m[\u001b[0m\u001b[0;36m0\u001b[0m\u001b[0;34m]\u001b[0m \u001b[0;34m=\u001b[0m \u001b[0;36m5\u001b[0m\u001b[0;34m\u001b[0m\u001b[0m\n\u001b[0m",
"\u001b[0;31mTypeError\u001b[0m: 'tuple' object does not support item assignment"
]
}
],
"prompt_number": 70
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \uc804\uccb4\ub294 list\n",
"type(services.items())"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 71,
"text": [
"list"
]
}
],
"prompt_number": 71
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \uadf8 \uc548\uc5d0 \uc694\uc18c\ub4e4\uc740 tuple\n",
"type(services.items()[0])"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 72,
"text": [
"tuple"
]
}
],
"prompt_number": 72
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"services.items()[0]"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 73,
"text": [
"('ftp', 21)"
]
}
],
"prompt_number": 73
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# key\uac12\uc73c\ub85c \uc811\uadfc \uac00\ub2a5\n",
"services['ftp']"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 74,
"text": [
"21"
]
}
],
"prompt_number": 74
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \uc544\uae4c\uc640 \ub611\uac19\uc9c0\ub9cc services \ub77c\ub294 dictionary\ub97c \ud65c\uc6a9\ud558\ub2c8 \n",
"# ftp\ub77c\ub294 name\ub9cc \uc54c\uba74 port\ub97c \uc790\ub3d9\uc73c\ub85c \ub123\uc744 \uc218\uac00 \uc788\ub2e4.\n",
"print '[+] Found vuln with FTP on port ' + str(services['ftp'])"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] Found vuln with FTP on port 21\n"
]
}
],
"prompt_number": 75
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"### \ub124\ud2b8\uc6cc\ud06c\n",
"\n",
"- \uc18c\ucf13 \ubaa8\ub4c8\uc5d0\uc11c \uc81c\uacf5\ud558\ub294 \ub77c\uc774\ube0c\ub7ec\ub9ac\ub97c \ud1b5\ud574 \ud30c\uc774\uc36c\uc73c\ub85c \ub124\ud2b8\uc6cc\ud06c\uc5d0 \uc5f0\uacb0 \uac00\ub2a5\n",
"- \ubc30\ub108\ub97c \uac00\uc838\uc624\ub294 \uc2a4\ud06c\ub9bd\ud2b8\ub97c \ud55c \ubc88 \ub9cc\ub4e4\uc5b4 \ubcf4\uc790.\n",
"- \uc774 \uc2a4\ud06c\ub9bd\ud2b8\ub294 \ud2b9\uc815 IP \uc8fc\uc18c\uc640 TCP \ud3ec\ud2b8\ub85c \uc5f0\uacb0\ud55c \ub2e4\uc74c\uc5d0 \ud574\ub2f9 IP\uc640 \ud3ec\ud2b8\uc5d0 \uc788\ub294 \uc11c\ube44\uc2a4\uc758 \ubc30\ub108\ub97c \ucd9c\ub825\ud55c\ub2e4."
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"import socket"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 76
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"socket.setdefaulttimeout(5)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 114
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"socket.setdefaulttimeout?"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 78
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# socket \ud074\ub798\uc2a4\ub85c\ubd80\ud130 \uc0c8\ub85c\uc6b4 \ubcc0\uc218 s \uc0dd\uc131\n",
"s = socket.socket()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 115
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"my_local_ftp = '172.16.190.128'"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [],
"prompt_number": 116
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"source": [
"#### NAT, Bridge \ucc28\uc774\ub294 \uac80\uc0c9\ud574 \ubcf4\uc138\uc694."
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"my_local_ftp = '192.168.32.159'"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 117
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# ftp \uc11c\ubc84\ub85c \uc811\uc18d\n",
"# \ucc45\uc5d0\ub294 s.connect(('172.16.190.128', 21))\ub85c \uc368\uc838 \uc788\ub294\ub370 \ud56d\uc0c1 \ubcc0\uc218\ub97c \uc4f0\ub294 \uc2b5\uad00\uc744 \uac16\uc790.\n",
"s.connect((my_local_ftp, 21))"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 118
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"\n",
"#### Quiz\n",
"\n",
"- Why? ip\uc640 port\ub97c \ub118\uae30\uba74 \ub124\ud2b8\uc6cc\ud06c\uac00 \uc5f0\uacb0\uc774 \ub420\uae4c?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"source": [
"- [OSI 7 Layer](http://beansberries.tistory.com/entry/%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC-OSI-7-%EA%B3%84%EC%B8%B5): \uc57d\uac04 \uc124\uba85\uc774 \ub09c\ud574\ud558\uc9c0\ub9cc \ubcfc\ub9cc\ud568\n",
"- [OSI 7 Layer](http://blog.naver.com/PostView.nhn?blogId=cowboy2238&logNo=140150616332): \uc0ac\uacfc \uadf8\ub9bc\uc73c\ub85c \uc774\ud574 \uc26c\uc6c0\n",
"- [\\[OSI 7 Layer\\] \ub124\ud2b8\uc6cc\ud06c\uc758 \uae30\ubcf8, \ub124\ud2b8\uc6cc\ud06c\uc758 \uaf43](http://netpi.tistory.com/entry/OSI-7-Layer-%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%EC%9D%98-%EA%B8%B0%EB%B3%B8-%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%EC%9D%98-%EA%BD%83): \uac04\ub2e8\ud558\uac8c \ud575\uc2ec\ub9cc \uc798 \uc815\ub9ac\n",
"- [\uc778\ud130\ub137 - TCP/IP - OSI 7 \uacc4\uce35 \uac1c\ub7b5 - \ub124\ud2b8\uc6cc\ud06c \ud574\ud0b9 \uac1c\ub7b5](http://blog.daum.net/jty71/15645337): \uc815\ub9ac\ub97c \uc798\ud574\ub193\uc74c. \ud558\ub098\uc529 \ucd94\uc801 \uac00\ub2a5"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"#### IP, Port \uc911\uc2ec \uc124\uba85\n",
"\n",
"![](\"files/images/ip_port.png\")
"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \uce74\uce74\uc624\uc640 \ub124\uc774\ud2b8\uc628\uc774 \uc11c\ub85c \uba54\uc2dc\uc9c0\ub97c \uc8fc\uace0 \ubc1b\ub294 \ud504\ub85c\uadf8\ub7a8\uc774\ub2e4.\n",
"- IP\ub9cc \ubd10\uc11c\ub294 \uc5b4\ub5a4 \ud504\ub85c\uadf8\ub7a8\uc73c\ub85c \uba54\uc2dc\uc9c0\ub97c \uc804\ub2ec\ud574 \uc918\uc57c \ud558\ub294\uc9c0 \ubaa8\ub985\ub2c8\ub2e4.\n",
"- \uadf8\ub798\uc11c Port \ubc88\ud638\ub97c \uc801\uc5b4\uc8fc\uba74 \uc5b4\ub5a4 \ud504\ub85c\uadf8\ub7a8\uc73c\ub85c \uba54\uc2dc\uc9c0\ub97c \uc804\ub2ec\ud574\uc918\uc57c \ud569\ub2c8\ub2e4."
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"#### \ub610 \ub2e4\ub974\uac8c \uc0dd\uac01\ud574 \ubcfc \uc218 \uc788\ub294 \uac83\ub4e4\n",
"\n",
"- Port\uac00 \uc5c6\uc744 \ub54c \uc5b4\ub5a4 \ubb38\uc81c\uac00 \ubc1c\uc0dd\ud560 \uc218 \uc788\uc744\uae4c\uc694?\n",
"- Port\ub294 \uc65c 65535 \uae4c\uc9c0 \ubc16\uc5d0 \uc5c6\uc744\uae4c\uc694?\n",
"- Port\ub97c 65535\uae4c\uc9c0 \ub2e4 \uc4f0\uba74 \uc5b4\ub5bb\uac8c \ub418\ub098\uc694?"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!telnet 192.168.32.159 21"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Trying 192.168.32.159...\r\n",
"Connected to 192.168.32.159.\r\n",
"Escape character is '^]'.\r\n",
"220 FreeFloat Ftp Server (Version 1.00)\r\n"
]
},
{
"output_type": "stream",
"stream": "stdout",
"text": [
"^C\r\n"
]
}
],
"prompt_number": 119
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"ans = s.recv(1024)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 120
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print ans"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"220 FreeFloat Ftp Server (Version 1.00)\r\n",
"\n"
]
}
],
"prompt_number": 121
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"### \uc120\ud0dd\ubb38\n",
"\n",
"- \uc870\uac74\uc801 \uc120\ud0dd\ubb38\n",
"- if: \ub17c\ub9ac\uc801 \ud45c\ud604\uc744 \ud3c9\uac00\ud558\uc5ec \uadf8 \ud3c9\uac00\uc758 \uacb0\uacfc\uc5d0 \ub530\ub77c \ub2e4\uc74c\uc5d0 \ubb34\uc5c7\uc744 \ud560\uc9c0 \uacb0\uc815\ud558\uae30 \uc704\ud574 \uc874\uc7ac\n",
"- \uc5b4\ub5a4 FTP \uc11c\ubc84\uac00 \uacf5\uaca9\uc5d0 \ucde8\uc57d\ud55c\uc9c0 \uc54c\uace0 \uc2f6\uc744\uac83\n",
"- \uc774\ubbf8 \uc54c\ub824\uc9c4 \ucde8\uc57d\ud55c FTP \uc11c\ubc84 \ubc84\uc804\uacfc \uacb0\uacfc\uac12\uc744 \ube44\uad50\ud560 \uac83"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"ans"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 122,
"text": [
"'220 FreeFloat Ftp Server (Version 1.00)\\r\\n'"
]
}
],
"prompt_number": 122
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"'FreeFloat Ftp Server (Version 1.00)' in ans"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 123,
"text": [
"True"
]
}
],
"prompt_number": 123
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"'FreeFloat Ftp Server (Version 1.00)2' in ans"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 124,
"text": [
"False"
]
}
],
"prompt_number": 124
},
{
"cell_type": "code",
"collapsed": true,
"input": [
"# \uc790.. if, elif, else\ubb38\uc774\ub2e4.\n",
"# \ubb54\uac00 \ub611\uac19\uc740\uac8c \ubc18\ubcf5\uc774 \ub418\ub294\uac8c \ub290\uaef4\uc9c4\ub2e4..\n",
"\n",
"if ('FreeFloat Ftp Server (Version 1.00)' in ans):\n",
" print '[+] FreeFloat FTP Server is vulnerable.'\n",
"elif ('3Com 3CDaemon FTP Server Version 2.0' in ans):\n",
" print '[+] 3CDaemon FTP Server is vulnerable.'\n",
"elif ('Ability Server 2.34' in ans):\n",
" print '[+] Ability FTP Server is vulnerable.'\n",
"elif ('Sami FTP Server 2.0.2' in ans):\n",
" print '+] Sami FTP Server is vulnerable.'\n",
"else:\n",
" print '[-] FTP Server is not vulnerable.'"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] FreeFloat FTP Server is vulnerable.\n"
]
}
],
"prompt_number": 125
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"### \uc608\uc678 \ucc98\ub9ac\n",
"\n",
"- \ud504\ub85c\uadf8\ub798\uba38\uac00 \uad6c\ubb38\uc801\uc73c\ub85c \uc624\ub958\uac00 \uc5c6\ub294 \ud504\ub85c\uadf8\ub7a8\uc744 \uac1c\ubc1c\ud55c\ub2e4\uace0 \ud558\ub354\ub77c\ub3c4, \ud504\ub85c\uadf8\ub7a8\uc740 \ub7f0\ud0c0\uc784\uc774\ub098 \uc2e4\ud589 \uc911\uc5d0 \uc624\ub958\uac00 \ubc1c\uc0dd\ud560 \uc218 \uc788\uc74c\n",
"- \uc22b\uc790\ub97c 0\uc73c\ub85c \ub098\ub204\ub294 \uac83\uc774 \ub300\ud45c\uc801"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print 1337/0"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"ename": "ZeroDivisionError",
"evalue": "integer division or modulo by zero",
"output_type": "pyerr",
"traceback": [
"\u001b[0;31m---------------------------------------------------------------------------\u001b[0m\n\u001b[0;31mZeroDivisionError\u001b[0m Traceback (most recent call last)",
"\u001b[0;32m\u001b[0m in \u001b[0;36m\u001b[0;34m()\u001b[0m\n\u001b[0;32m----> 1\u001b[0;31m \u001b[0;32mprint\u001b[0m \u001b[0;36m1337\u001b[0m\u001b[0;34m/\u001b[0m\u001b[0;36m0\u001b[0m\u001b[0;34m\u001b[0m\u001b[0m\n\u001b[0m",
"\u001b[0;31mZeroDivisionError\u001b[0m: integer division or modulo by zero"
]
}
],
"prompt_number": 126
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \ud558\uc9c0\ub9cc \uc2e4\ud589\uc911\uc778 \ud504\ub85c\uadf8\ub7a8\uc774\ub098 \uc2a4\ud06c\ub9bd\ud2b8\uc5d0\uc11c \uc774 \uc624\ub958\ub97c \ucc98\ub9ac\ud558\uace0 \uc2f6\ub2e4\uba74 \uc5b4\ub5bb\uac8c \ud574\uc57c \ud560\uae4c?\n",
"- \uc774\ub7ec\ud55c \uc791\uc5c5\uc744 \ud558\uae30 \uc704\ud574 \uc608\uc678 \ucc98\ub9ac \uae30\ub2a5 \uc81c\uacf5"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"source": [
"-----"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \uc989, \ud504\ub85c\uadf8\ub7a8\uc758 \uc2e4\ud589\uc744 \ud750\ub984\uc744 \uc911\uac04\uc5d0 \ub04a\uc9c0 \uc54a\uace0 \ud504\ub85c\uadf8\ub7a8\uc744 \uc774\uc5b4\uac00\uac8c \ud574\uc57c\ud55c\ub2e4."
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \ucd08\ubcf4 \uc2dc\uc808\uc5d0\ub294 \uc608\uc678 \ucc98\ub9ac\uac00 \uad49\uc7a5\ud788 \uc5b4\ub824\uc6cc \ubcf4\uc778\ub2e4. \ub098\ub294 \ub17c\ub9ac\uc801\uc73c\ub85c \ucef4\ud4e8\ud130 \uce5c\ud654\uc801\uc73c\ub85c \uc18c\uc2a4\ub97c \uc9f0\ub294\ub370 \uc608\uc0c1 \ubabb\ud588\ub358 \uc5d0\ub7ec\ub97c \ub0b4\ubc49\ub294\ub2e4. \uadf8\ub7fc \uc798 \ub3cc\ub358 \ud504\ub85c\uadf8\ub7a8\uc774 \uc8fd\uc5b4\uc11c \uadf8\ub54c\uae4c\uc9c0 \uc791\uc5c5\ud588\ub358 \ub0b4\uc6a9\ub4e4\uc774 \ubaa8\ub450 \uc18c\uc2e4\ub418\uc5c8\ub358 \uae30\uc5b5\uc774 \uc788\ub2e4. "
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \uc774\ub54c \uaf3c\uc218\ub85c 1\ub9cc\ubc88 \ub3cc\uc558\uc744 \ub54c \ud558\ub4dc\ub85c \uc800\uc7a5 \uc2dc\ud0a4\uae30, \uc608\uc678 \ucc98\ub9ac \ud558\uae30\ub97c \uc0ac\uc6a9\ud588\ub2e4. \uc608\uc678\ucc98\ub9ac \uac1c\ub150\uc740 \uc774\ud574\ud558\ub294\ub370 \uc5b4\ub835\uc9c0 \uc54a\uc740\ub370 \uc2e4\uc804\uc5d0\uc11c \uc0ac\uc6a9\ud558\ub824\uba74 \uaf2d \ub0b4 \ub9c8\uc74c\ucc98\ub7fc \uc548\ub418\ub354\ub77c. "
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \uc790\uc8fc \uc0ac\uc6a9\ud574\ubcf4\uace0 \uc5b4\ub5a4 \uacf3\uc5d0\uc11c \uc5d0\ub7ec\uac00 \ubc1c\uc0dd\ud560 \uac83\uc778\uac00? \ub97c \ud56d\uc0c1 \uc0dd\uac01\ud558\uba74\uc11c \ud504\ub85c\uadf8\ub7a8\uc744 \uc9dc\uc57c\ub41c\ub2e4."
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"source": [
"------"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# ZeroDivisionError\uac00 \uc548 \ub728\uace0 except \ucc98\ub9ac\ub418\uc5b4 \uc5d0\ub7ec \uba54\uc2dc\uc9c0\uac00 \ucd9c\ub825\ub41c\uac78 \ud655\uc778\ud560 \uc218 \uc788\ub2e4.\n",
"try:\n",
" print '[+] 1337 / 0 = ' + str(1337 / 0)\n",
"except:\n",
" print '[-] Error.'"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[-] Error.\n"
]
}
],
"prompt_number": 127
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \ud558\uc9c0\ub9cc \uc774\ub7ec\ud55c \ubc29\ubc95\uc744 \uc0ac\uc6a9\ud558\uba74 **\uc2e4\uc81c\ub85c \uc5b4\ub5a4 \uc624\ub958\ub85c \uc778\ud574 \ubb38\uc81c\uac00 \ubc1c\uc0dd\ud588\ub294\uc9c0 \ud655\uc778\ud558\uae30 \ud798\ub4ec**\n",
"- \uc2e4\uc81c\ub85c \uc5b4\ub5a4 \uc624\ub958\uac00 \ubc1c\uc0dd\ud588\ub294\uc9c0 \uc0ac\uc6a9\uc790\uc5d0\uac8c \uc624\ub958 \uba54\uc2dc\uc9c0\ub97c \ud45c\uc2dc\ud558\uba74 \ub354 \uc720\uc6a9\ud558\uac8c \uc0ac\uc6a9 \uac00\ub2a5\n",
"- e\ub77c\ub294 \ubcc0\uc218\ub97c \ub9cc\ub4e4\uc5b4\uc11c \uc624\ub958 \ub0b4\uc6a9\uc744 \uc800\uc7a5\ud558\uc5ec \ub098\uc911\uc5d0 \ucd9c\ub825 \uac00\ub2a5\n",
"- \uc774 \ubcc0\uc218\ub294 \uba85\ud655\ud558\uac8c \ud0c0\uc785\uc744 \ubb38\uc790\uc5f4\ub85c \uc9c0\uc815"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# Exception, e\ub97c \ucd94\uac00\ud568\uc73c\ub85c\uc368 \uc5b4\ub5a4 \uc624\ub958 \uba54\uc2dc\uc9c0\uac00 \ubc1c\uc0dd\ud588\ub294\uc9c0 \uc54c\ub824\uc90c\n",
"try:\n",
" print '[+] 1337/0 = ' + str(1337/0)\n",
"except Exception, e:\n",
" print '[-] Error = ' + str(e)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[-] Error = integer division or modulo by zero\n"
]
}
],
"prompt_number": 128
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"source": [
"- \uc774\uc81c \uc608\uc678 \ucc98\ub9ac\ub97c \uc0ac\uc6a9\ud558\uc5ec \ubc30\ub108 \uc2a4\ud06c\ub9bd\ud2b8\ub97c \uc5c5\ub370\uc774\ud2b8 \ud574\ubcf4\uc790.\n",
"- \uc608\uc678 \ucc98\ub9ac \uae30\ub2a5\uc744 \ub124\ud2b8\uc6cc\ud06c \uc5f0\uacb0 \ucf54\ub4dc\uc5d0 \ucd94\uac00\ud560 \uac83"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### Quiz\n",
"\n",
"- \uc624\ub958\uac00 \ub0a0\ub9cc\ud55c \uacf3\uc740 \uc5b4\ub514\uc778\uac00?"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"import socket\n",
"socket.setdefaulttimeout(2)\n",
"s = socket.socket()\n",
"try:\n",
" s.connect(('1.1.1.1', 21))\n",
"except Exception, e:\n",
" print '[-] Error = ' + str(e)"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[-] Error = timed out\n"
]
}
],
"prompt_number": 129
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \ub2e4\uc591\ud55c \uac1c\ub150\uc5d0 \ub300\ud574 \uba85\ud655\ud558\uac8c \uc124\uba85\ud558\uae30 \uc704\ud574\uc11c \ucd5c\uc18c\ud55c\uc758 \uc608\uc678 \ucc98\ub9ac\ub97c \uc801\uc6a9\n",
"- \uc18c\uc2a4 \uc2a4\ud06c\ub9bd\ud2b8\ub97c \ub2e4\uc6b4 \ubc1b\uc544 \ub354 \uac15\ub825\ud55c \uc608\uc678 \ucc98\ub9ac \uae30\ub2a5\uc744 \ud3ec\ud568\uc2dc\ucf1c\ub3c4 \uc88b\uc74c"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"### \ud568\uc218\n",
"\n",
"- \ud568\uc218: \uc5ec\ub7ec \ubc88 \uc7ac\uc0ac\uc6a9\ud560 \uc218 \uc788\ub294 \ucf54\ub4dc \ube14\ub85d\uc744 \ub9cc\ub4e0\ub2e4.\n",
"- \ud504\ub85c\uadf8\ub798\uba38\ub294 \ud568\uc218\ub97c \ud1b5\ud574 \ud558\ub098\uc758 \uc5f0\uad00\ub41c \ud65c\ub3d9\uc744 \ud558\ub294 \ucf54\ub4dc\ub97c \ube14\ub85d\uc73c\ub85c \uc791\uc131\ud560 \uc218 \uc788\uac8c \ub428\n",
"- \ub0b4\uc7a5 \ud568\uc218\ub3c4 \ub9ce\uc74c\n",
"- \ud504\ub85c\uadf8\ub798\uba38\ub3c4 \uc9c1\uc811 \ud568\uc218\ub97c \ub9cc\ub4e4 \uc218 \uc788\uc74c"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# FTP \uc11c\ubc84\uc5d0 \uc5f0\uacb0\ud558\uc5ec \ubc30\ub108\ub97c \ubc18\ud658\ud558\ub294 \ud568\uc218\n",
"\n",
"import socket\n",
"\n",
"def retBanner(ip, port):\n",
" try:\n",
" socket.setdefaulttimeout(2)\n",
" s = socket.socket()\n",
" s.connect((ip, port))\n",
" banner = s.recv(1024)\n",
" return banner\n",
" except:\n",
" return\n",
" \n",
"def main():\n",
" ip1 = '192.168.32.159'\n",
" ip2 = '172.16.190.129'\n",
" port = 21\n",
" banner1 = retBanner(ip1, port)\n",
" if banner1:\n",
" print '[+] ' + ip1 + ': ' + banner1\n",
" banner2 = retBanner(ip2, port)\n",
" if banner2:\n",
" print '[+] ' + ip2 + ': ' + banner2\n",
"\n",
"if __name__ == '__main__':\n",
" main()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] 192.168.32.159: 220 FreeFloat Ftp Server (Version 1.00)\r\n",
"\n"
]
}
],
"prompt_number": 130
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"#### PyCharm\uc73c\ub85c debugging \uc2e4\uc2b5"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"banner2 = None\n",
"print banner2"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"None\n"
]
}
],
"prompt_number": 131
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"if banner2:\n",
" print 'I have a True'\n",
"else:\n",
" print 'I have a False'"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"I have a False\n"
]
}
],
"prompt_number": 132
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"\n",
"#### Quiz\n",
"\n",
"- if \\_\\_name\\_\\_ == '\\_\\_main\\_\\_': \uc740 \ubb34\uc2a8 \ub73b\uc77c\uae4c?\n",
"- [What does 'if \\_\\_name\\_\\_ == '\\_\\_main\\_\\_':](http://stackoverflow.com/questions/419163/what-does-if-name-main-do)\n",
"- [Import a module from a relative path](http://stackoverflow.com/questions/279237/import-a-module-from-a-relative-path)"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile main_test.py\n",
"def main():\n",
" print 'echo: __name__ is', __name__\n",
"\n",
"main()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Writing main_test.py\n"
]
}
],
"prompt_number": 239
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile main_test2.py\n",
"\n",
"def main():\n",
" print 'echo: __name__ is', __name__\n",
"\n",
"if __name__ == '__main__':\n",
" main()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Writing main_test2.py\n"
]
}
],
"prompt_number": 242
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"import main_test"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 249
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"reload(main_test)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"echo: __name__ is main_test\n"
]
},
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 246,
"text": [
""
]
}
],
"prompt_number": 246
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"reload(main_test2)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 247,
"text": [
""
]
}
],
"prompt_number": 247
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!python ch01/main_test.py"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"echo: __name__ is __main__\r\n"
]
}
],
"prompt_number": 236
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!python ch01/main_test2.py"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"echo: __name__ is __main__\r\n"
]
}
],
"prompt_number": 250
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# !ls"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [],
"prompt_number": 138
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# !ls ch01"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [],
"prompt_number": 139
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### checkVulns()\n",
"\n",
"- \ubc30\ub108\ub97c \ubc18\ud658\ud55c \ud6c4\uc5d0\ub294 \uc2a4\ud06c\ub9bd\ud2b8\uc5d0\uc11c \uc774 \ubc30\ub108\uac00 \uc774\ubbf8 \uc54c\ub824\uc9c4 \ucde8\uc57d\ud55c \ud504\ub85c\uadf8\ub7a8\uacfc \uc77c\uce58\ud558\ub294\uc9c0 \ud655\uc778\ud574\uc57c \ud568\n",
"- \uc774 \ubd80\ubd84 \ub610\ud55c \ud558\ub098\uc758 \uad00\ub828\ub41c \uae30\ub2a5\n",
"- \uc989, \ud568\uc218\ub85c \ud45c\ud604\ud560 \uc218 \uc788\ub2e4\ub294 \uc758\ubbf8\n",
"- checkVulns()\ub77c\ub294 \ud568\uc218\ub294 \ubc30\ub108\ub97c \uc778\uc790\uac12\uc73c\ub85c \uc785\ub825 \ubc1b\uace0 \uc774\ub97c \uc0ac\uc6a9\ud558\uc5ec \uc11c\ubc84\uc758 \ucde8\uc57d\uc131 \ud310\ub2e8"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# FTP \uc11c\ubc84\uc5d0 \uc5f0\uacb0\ud558\uc5ec \ubc30\ub108\ub97c \ubc18\ud658\ud558\ub294 \ud568\uc218\n",
"# \uc5ec\uae30\uc5d0\uc11c\ub3c4 \ubb54\uac00 \ubc18\ubcf5\ub418\ub294\uac8c feel \uc774 \uc640\uc57c\ub41c\ub2e4..\n",
"\n",
"import socket\n",
"\n",
"def retBanner(ip, port):\n",
" try:\n",
" socket.setdefaulttimeout(2)\n",
" s = socket.socket()\n",
" s.connect((ip, port))\n",
" banner = s.recv(1024)\n",
" return banner\n",
" except:\n",
" return\n",
"\n",
"def checkVulns(banner):\n",
" if ('FreeFloat Ftp Server (Version 1.00)' in banner):\n",
" print '[+] FreeFloat FTP Server is vulnerable.'\n",
" elif ('3Com 3CDaemon FTP Server Version 2.0' in banner):\n",
" print '[+] 3CDaemon FTP Server is vulnerable.'\n",
" elif ('Ability Server 2.34' in banner):\n",
" print '[+] Ability FTP Server is vulnerable.'\n",
" elif ('Sami FTP Server 2.0.2' in banner):\n",
" print '+] Sami FTP Server is vulnerable.'\n",
" else:\n",
" print '[-] FTP Server is not vulnerable.'\n",
" return\n",
"\n",
"def main():\n",
" ip1 = '192.168.32.159'\n",
" ip2 = '172.16.190.129'\n",
" ip3 = '172.16.190.130'\n",
" port = 21\n",
" \n",
" banner1 = retBanner(ip1, port)\n",
" if banner1:\n",
" print '[+] ' + ip1 + ': ' + banner1\n",
" checkVulns(banner1)\n",
" \n",
" banner2 = retBanner(ip2, port)\n",
" if banner2:\n",
" print '[+] ' + ip2 + ': ' + banner2\n",
" checkVulns(banner2)\n",
" \n",
" banner3 = retBanner(ip3, port)\n",
" if banner3:\n",
" print '[+] ' + ip3 + ': ' + banner3\n",
" checkVulns(banner3)\n",
"\n",
" \n",
"if __name__ == '__main__':\n",
" main()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] 192.168.32.159: 220 FreeFloat Ftp Server (Version 1.00)\r\n",
"\n",
"[+] FreeFloat FTP Server is vulnerable.\n"
]
}
],
"prompt_number": 140
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"### \ubc18\ubcf5\ubb38\n",
"\n",
"- \uc55e \uc139\uc158\uc5d0\uc11c 3\uac1c\uc758 IP \uc8fc\uc18c\ub97c \ud655\uc778\ud558\uae30 \uc704\ud574 \ub3d9\uc77c\ud55c \ucf54\ub4dc\ub97c 3\ubc88\uc774\ub098 \ubc18\ubcf5\ud574 \uc801\uc5c8\uc73c\uba70, \uc774\uac83\uc740 \ub9e4\uc6b0 \ube44\ud6a8\uc728\n",
"- for\ubb38 \ubc18\ubcf5\ubb38 \uc0ac\uc6a9\ud558\ub294\uac8c \ud6a8\uc728\uc801"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# range \ud568\uc218\ub294 \ucc98\uc74c \uac12\uc778 1\uc740 \ud3ec\ud568\ud558\uc9c0\ub9cc \ub9c8\uc9c0\ub9c9 \uac12\uc778 255\ub294 \ud3ec\ud568\ud558\uc9c0 \uc54a\ub294\ub2e4.\n",
"# 1 <= x < 255 \ub77c\uace0 \ubcfc \uc218 \uc788\ub2e4.\n",
"# 1 <= x <= 254\n",
"for x in range(1, 255):\n",
" print '192.168.32.' + str(x)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"192.168.32.1\n",
"192.168.32.2\n",
"192.168.32.3\n",
"192.168.32.4\n",
"192.168.32.5\n",
"192.168.32.6\n",
"192.168.32.7\n",
"192.168.32.8\n",
"192.168.32.9\n",
"192.168.32.10\n",
"192.168.32.11\n",
"192.168.32.12\n",
"192.168.32.13\n",
"192.168.32.14\n",
"192.168.32.15\n",
"192.168.32.16\n",
"192.168.32.17\n",
"192.168.32.18\n",
"192.168.32.19\n",
"192.168.32.20\n",
"192.168.32.21\n",
"192.168.32.22\n",
"192.168.32.23\n",
"192.168.32.24\n",
"192.168.32.25\n",
"192.168.32.26\n",
"192.168.32.27\n",
"192.168.32.28\n",
"192.168.32.29\n",
"192.168.32.30\n",
"192.168.32.31\n",
"192.168.32.32\n",
"192.168.32.33\n",
"192.168.32.34\n",
"192.168.32.35\n",
"192.168.32.36\n",
"192.168.32.37\n",
"192.168.32.38\n",
"192.168.32.39\n",
"192.168.32.40\n",
"192.168.32.41\n",
"192.168.32.42\n",
"192.168.32.43\n",
"192.168.32.44\n",
"192.168.32.45\n",
"192.168.32.46\n",
"192.168.32.47\n",
"192.168.32.48\n",
"192.168.32.49\n",
"192.168.32.50\n",
"192.168.32.51\n",
"192.168.32.52\n",
"192.168.32.53\n",
"192.168.32.54\n",
"192.168.32.55\n",
"192.168.32.56\n",
"192.168.32.57\n",
"192.168.32.58\n",
"192.168.32.59\n",
"192.168.32.60\n",
"192.168.32.61\n",
"192.168.32.62\n",
"192.168.32.63\n",
"192.168.32.64\n",
"192.168.32.65\n",
"192.168.32.66\n",
"192.168.32.67\n",
"192.168.32.68\n",
"192.168.32.69\n",
"192.168.32.70\n",
"192.168.32.71\n",
"192.168.32.72\n",
"192.168.32.73\n",
"192.168.32.74\n",
"192.168.32.75\n",
"192.168.32.76\n",
"192.168.32.77\n",
"192.168.32.78\n",
"192.168.32.79\n",
"192.168.32.80\n",
"192.168.32.81\n",
"192.168.32.82\n",
"192.168.32.83\n",
"192.168.32.84\n",
"192.168.32.85\n",
"192.168.32.86\n",
"192.168.32.87\n",
"192.168.32.88\n",
"192.168.32.89\n",
"192.168.32.90\n",
"192.168.32.91\n",
"192.168.32.92\n",
"192.168.32.93\n",
"192.168.32.94\n",
"192.168.32.95\n",
"192.168.32.96\n",
"192.168.32.97\n",
"192.168.32.98\n",
"192.168.32.99\n",
"192.168.32.100\n",
"192.168.32.101\n",
"192.168.32.102\n",
"192.168.32.103\n",
"192.168.32.104\n",
"192.168.32.105\n",
"192.168.32.106\n",
"192.168.32.107\n",
"192.168.32.108\n",
"192.168.32.109\n",
"192.168.32.110\n",
"192.168.32.111\n",
"192.168.32.112\n",
"192.168.32.113\n",
"192.168.32.114\n",
"192.168.32.115\n",
"192.168.32.116\n",
"192.168.32.117\n",
"192.168.32.118\n",
"192.168.32.119\n",
"192.168.32.120\n",
"192.168.32.121\n",
"192.168.32.122\n",
"192.168.32.123\n",
"192.168.32.124\n",
"192.168.32.125\n",
"192.168.32.126\n",
"192.168.32.127\n",
"192.168.32.128\n",
"192.168.32.129\n",
"192.168.32.130\n",
"192.168.32.131\n",
"192.168.32.132\n",
"192.168.32.133\n",
"192.168.32.134\n",
"192.168.32.135\n",
"192.168.32.136\n",
"192.168.32.137\n",
"192.168.32.138\n",
"192.168.32.139\n",
"192.168.32.140\n",
"192.168.32.141\n",
"192.168.32.142\n",
"192.168.32.143\n",
"192.168.32.144\n",
"192.168.32.145\n",
"192.168.32.146\n",
"192.168.32.147\n",
"192.168.32.148\n",
"192.168.32.149\n",
"192.168.32.150\n",
"192.168.32.151\n",
"192.168.32.152\n",
"192.168.32.153\n",
"192.168.32.154\n",
"192.168.32.155\n",
"192.168.32.156\n",
"192.168.32.157\n",
"192.168.32.158\n",
"192.168.32.159\n",
"192.168.32.160\n",
"192.168.32.161\n",
"192.168.32.162\n",
"192.168.32.163\n",
"192.168.32.164\n",
"192.168.32.165\n",
"192.168.32.166\n",
"192.168.32.167\n",
"192.168.32.168\n",
"192.168.32.169\n",
"192.168.32.170\n",
"192.168.32.171\n",
"192.168.32.172\n",
"192.168.32.173\n",
"192.168.32.174\n",
"192.168.32.175\n",
"192.168.32.176\n",
"192.168.32.177\n",
"192.168.32.178\n",
"192.168.32.179\n",
"192.168.32.180\n",
"192.168.32.181\n",
"192.168.32.182\n",
"192.168.32.183\n",
"192.168.32.184\n",
"192.168.32.185\n",
"192.168.32.186\n",
"192.168.32.187\n",
"192.168.32.188\n",
"192.168.32.189\n",
"192.168.32.190\n",
"192.168.32.191\n",
"192.168.32.192\n",
"192.168.32.193\n",
"192.168.32.194\n",
"192.168.32.195\n",
"192.168.32.196\n",
"192.168.32.197\n",
"192.168.32.198\n",
"192.168.32.199\n",
"192.168.32.200\n",
"192.168.32.201\n",
"192.168.32.202\n",
"192.168.32.203\n",
"192.168.32.204\n",
"192.168.32.205\n",
"192.168.32.206\n",
"192.168.32.207\n",
"192.168.32.208\n",
"192.168.32.209\n",
"192.168.32.210\n",
"192.168.32.211\n",
"192.168.32.212\n",
"192.168.32.213\n",
"192.168.32.214\n",
"192.168.32.215\n",
"192.168.32.216\n",
"192.168.32.217\n",
"192.168.32.218\n",
"192.168.32.219\n",
"192.168.32.220\n",
"192.168.32.221\n",
"192.168.32.222\n",
"192.168.32.223\n",
"192.168.32.224\n",
"192.168.32.225\n",
"192.168.32.226\n",
"192.168.32.227\n",
"192.168.32.228\n",
"192.168.32.229\n",
"192.168.32.230\n",
"192.168.32.231\n",
"192.168.32.232\n",
"192.168.32.233\n",
"192.168.32.234\n",
"192.168.32.235\n",
"192.168.32.236\n",
"192.168.32.237\n",
"192.168.32.238\n",
"192.168.32.239\n",
"192.168.32.240\n",
"192.168.32.241\n",
"192.168.32.242\n",
"192.168.32.243\n",
"192.168.32.244\n",
"192.168.32.245\n",
"192.168.32.246\n",
"192.168.32.247\n",
"192.168.32.248\n",
"192.168.32.249\n",
"192.168.32.250\n",
"192.168.32.251\n",
"192.168.32.252\n",
"192.168.32.253\n",
"192.168.32.254\n"
]
}
],
"prompt_number": 141
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"\n",
"#### Quiz!\n",
"\n",
"- \uc65c 0\uacfc 255\uac00 \ube60\uc9c8\uae4c?\n",
"- \uadf8 \uc804\uc5d0 \uc65c 0~255\uae4c\uc9c0\uac00 IP \ubc94\uc704\uac00 \ub41c \uac83\uc77c\uae4c?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"#### [IP\uc8fc\uc18c](http://www.hardnara.com/kimsnetwork/print.php?no=426): \uc774\ubbf8\uc9c0\ub85c \uc27d\uac8c \ud45c\ud604\n",
"\n",
"![](\"files/images/ip.jpg\")
"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"2**8"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 142,
"text": [
"256"
]
}
],
"prompt_number": 142
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- 172.16.190.0/24: \uc608\uc57d: -> 172.16.190.0 ~ 172.16.190.255\n",
"- 172.16.190.255: \uc608\uc57d"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \uc774\uc640 \uc720\uc0ac\ud558\uac8c, \uc6b0\ub9ac\ub294 \ucde8\uc57d\uc810\uc744 \ud655\uc778\ud558\uae30 \uc704\ud574 \uc774\ubbf8 \uc54c\ub824\uc838 \uc788\ub294 \ud3ec\ud2b8\uc758 \ubaa9\ub85d\uc744 \ubcf4\uace0 \uc2f6\uc744 \uc218\ub3c4 \uc788\ub2e4.\n",
"- \ud2b9\uc815 \uc22b\uc790 \ubc94\uc704\ub97c \ubc18\ubcf5\ud558\uac8c \ub9cc\ub4dc\ub294 \ub300\uc2e0\uc5d0 \uc694\uc18c \uc804\ubd80\ub97c \ubc18\ubcf5\ud558\uac8c \ud560 \uc218 \uc788\uc74c"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"portList = [21, 22, 25, 80, 110]"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [],
"prompt_number": 143
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"for port in portList:\n",
" print port"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"21\n",
"22\n",
"25\n",
"80\n",
"110\n"
]
}
],
"prompt_number": 144
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"#### ip, port \uac00 \ub2f4\uae34 2\uac1c\uc758 for\ubb38\uc744 \uc774\uc6a9\ud558\uba74 \ubaa8\ub4e0 \ub124\ud2b8\uc6cc\ud06c\ub97c \uc2a4\uce94\ud560 \uc218 \uc788\ub2e4!"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"for x in range(1, 255):\n",
" for port in portList:\n",
" print '[+] Checking 192.168.32.' + str(x) + ': ' + str(port)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] Checking 192.168.32.1: 21\n",
"[+] Checking 192.168.32.1: 22\n",
"[+] Checking 192.168.32.1: 25\n",
"[+] Checking 192.168.32.1: 80\n",
"[+] Checking 192.168.32.1: 110\n",
"[+] Checking 192.168.32.2: 21\n",
"[+] Checking 192.168.32.2: 22\n",
"[+] Checking 192.168.32.2: 25\n",
"[+] Checking 192.168.32.2: 80\n",
"[+] Checking 192.168.32.2: 110\n",
"[+] Checking 192.168.32.3: 21\n",
"[+] Checking 192.168.32.3: 22\n",
"[+] Checking 192.168.32.3: 25\n",
"[+] Checking 192.168.32.3: 80\n",
"[+] Checking 192.168.32.3: 110\n",
"[+] Checking 192.168.32.4: 21\n",
"[+] Checking 192.168.32.4: 22\n",
"[+] Checking 192.168.32.4: 25\n",
"[+] Checking 192.168.32.4: 80\n",
"[+] Checking 192.168.32.4: 110\n",
"[+] Checking 192.168.32.5: 21\n",
"[+] Checking 192.168.32.5: 22\n",
"[+] Checking 192.168.32.5: 25\n",
"[+] Checking 192.168.32.5: 80\n",
"[+] Checking 192.168.32.5: 110\n",
"[+] Checking 192.168.32.6: 21\n",
"[+] Checking 192.168.32.6: 22\n",
"[+] Checking 192.168.32.6: 25\n",
"[+] Checking 192.168.32.6: 80\n",
"[+] Checking 192.168.32.6: 110\n",
"[+] Checking 192.168.32.7: 21\n",
"[+] Checking 192.168.32.7: 22\n",
"[+] Checking 192.168.32.7: 25\n",
"[+] Checking 192.168.32.7: 80\n",
"[+] Checking 192.168.32.7: 110\n",
"[+] Checking 192.168.32.8: 21\n",
"[+] Checking 192.168.32.8: 22\n",
"[+] Checking 192.168.32.8: 25\n",
"[+] Checking 192.168.32.8: 80\n",
"[+] Checking 192.168.32.8: 110\n",
"[+] Checking 192.168.32.9: 21\n",
"[+] Checking 192.168.32.9: 22\n",
"[+] Checking 192.168.32.9: 25\n",
"[+] Checking 192.168.32.9: 80\n",
"[+] Checking 192.168.32.9: 110\n",
"[+] Checking 192.168.32.10: 21\n",
"[+] Checking 192.168.32.10: 22\n",
"[+] Checking 192.168.32.10: 25\n",
"[+] Checking 192.168.32.10: 80\n",
"[+] Checking 192.168.32.10: 110\n",
"[+] Checking 192.168.32.11: 21\n",
"[+] Checking 192.168.32.11: 22\n",
"[+] Checking 192.168.32.11: 25\n",
"[+] Checking 192.168.32.11: 80\n",
"[+] Checking 192.168.32.11: 110\n",
"[+] Checking 192.168.32.12: 21\n",
"[+] Checking 192.168.32.12: 22\n",
"[+] Checking 192.168.32.12: 25\n",
"[+] Checking 192.168.32.12: 80\n",
"[+] Checking 192.168.32.12: 110\n",
"[+] Checking 192.168.32.13: 21\n",
"[+] Checking 192.168.32.13: 22\n",
"[+] Checking 192.168.32.13: 25\n",
"[+] Checking 192.168.32.13: 80\n",
"[+] Checking 192.168.32.13: 110\n",
"[+] Checking 192.168.32.14: 21\n",
"[+] Checking 192.168.32.14: 22\n",
"[+] Checking 192.168.32.14: 25\n",
"[+] Checking 192.168.32.14: 80\n",
"[+] Checking 192.168.32.14: 110\n",
"[+] Checking 192.168.32.15: 21\n",
"[+] Checking 192.168.32.15: 22\n",
"[+] Checking 192.168.32.15: 25\n",
"[+] Checking 192.168.32.15: 80\n",
"[+] Checking 192.168.32.15: 110\n",
"[+] Checking 192.168.32.16: 21\n",
"[+] Checking 192.168.32.16: 22\n",
"[+] Checking 192.168.32.16: 25\n",
"[+] Checking 192.168.32.16: 80\n",
"[+] Checking 192.168.32.16: 110\n",
"[+] Checking 192.168.32.17: 21\n",
"[+] Checking 192.168.32.17: 22\n",
"[+] Checking 192.168.32.17: 25\n",
"[+] Checking 192.168.32.17: 80\n",
"[+] Checking 192.168.32.17: 110\n",
"[+] Checking 192.168.32.18: 21\n",
"[+] Checking 192.168.32.18: 22\n",
"[+] Checking 192.168.32.18: 25\n",
"[+] Checking 192.168.32.18: 80\n",
"[+] Checking 192.168.32.18: 110\n",
"[+] Checking 192.168.32.19: 21\n",
"[+] Checking 192.168.32.19: 22\n",
"[+] Checking 192.168.32.19: 25\n",
"[+] Checking 192.168.32.19: 80\n",
"[+] Checking 192.168.32.19: 110\n",
"[+] Checking 192.168.32.20: 21\n",
"[+] Checking 192.168.32.20: 22\n",
"[+] Checking 192.168.32.20: 25\n",
"[+] Checking 192.168.32.20: 80\n",
"[+] Checking 192.168.32.20: 110\n",
"[+] Checking 192.168.32.21: 21\n",
"[+] Checking 192.168.32.21: 22\n",
"[+] Checking 192.168.32.21: 25\n",
"[+] Checking 192.168.32.21: 80\n",
"[+] Checking 192.168.32.21: 110\n",
"[+] Checking 192.168.32.22: 21\n",
"[+] Checking 192.168.32.22: 22\n",
"[+] Checking 192.168.32.22: 25\n",
"[+] Checking 192.168.32.22: 80\n",
"[+] Checking 192.168.32.22: 110\n",
"[+] Checking 192.168.32.23: 21\n",
"[+] Checking 192.168.32.23: 22\n",
"[+] Checking 192.168.32.23: 25\n",
"[+] Checking 192.168.32.23: 80\n",
"[+] Checking 192.168.32.23: 110\n",
"[+] Checking 192.168.32.24: 21\n",
"[+] Checking 192.168.32.24: 22\n",
"[+] Checking 192.168.32.24: 25\n",
"[+] Checking 192.168.32.24: 80\n",
"[+] Checking 192.168.32.24: 110\n",
"[+] Checking 192.168.32.25: 21\n",
"[+] Checking 192.168.32.25: 22\n",
"[+] Checking 192.168.32.25: 25\n",
"[+] Checking 192.168.32.25: 80\n",
"[+] Checking 192.168.32.25: 110\n",
"[+] Checking 192.168.32.26: 21\n",
"[+] Checking 192.168.32.26: 22\n",
"[+] Checking 192.168.32.26: 25\n",
"[+] Checking 192.168.32.26: 80\n",
"[+] Checking 192.168.32.26: 110\n",
"[+] Checking 192.168.32.27: 21\n",
"[+] Checking 192.168.32.27: 22\n",
"[+] Checking 192.168.32.27: 25\n",
"[+] Checking 192.168.32.27: 80\n",
"[+] Checking 192.168.32.27: 110\n",
"[+] Checking 192.168.32.28: 21\n",
"[+] Checking 192.168.32.28: 22\n",
"[+] Checking 192.168.32.28: 25\n",
"[+] Checking 192.168.32.28: 80\n",
"[+] Checking 192.168.32.28: 110\n",
"[+] Checking 192.168.32.29: 21\n",
"[+] Checking 192.168.32.29: 22\n",
"[+] Checking 192.168.32.29: 25\n",
"[+] Checking 192.168.32.29: 80\n",
"[+] Checking 192.168.32.29: 110\n",
"[+] Checking 192.168.32.30: 21\n",
"[+] Checking 192.168.32.30: 22\n",
"[+] Checking 192.168.32.30: 25\n",
"[+] Checking 192.168.32.30: 80\n",
"[+] Checking 192.168.32.30: 110\n",
"[+] Checking 192.168.32.31: 21\n",
"[+] Checking 192.168.32.31: 22\n",
"[+] Checking 192.168.32.31: 25\n",
"[+] Checking 192.168.32.31: 80\n",
"[+] Checking 192.168.32.31: 110\n",
"[+] Checking 192.168.32.32: 21\n",
"[+] Checking 192.168.32.32: 22\n",
"[+] Checking 192.168.32.32: 25\n",
"[+] Checking 192.168.32.32: 80\n",
"[+] Checking 192.168.32.32: 110\n",
"[+] Checking 192.168.32.33: 21\n",
"[+] Checking 192.168.32.33: 22\n",
"[+] Checking 192.168.32.33: 25\n",
"[+] Checking 192.168.32.33: 80\n",
"[+] Checking 192.168.32.33: 110\n",
"[+] Checking 192.168.32.34: 21\n",
"[+] Checking 192.168.32.34: 22\n",
"[+] Checking 192.168.32.34: 25\n",
"[+] Checking 192.168.32.34: 80\n",
"[+] Checking 192.168.32.34: 110\n",
"[+] Checking 192.168.32.35: 21\n",
"[+] Checking 192.168.32.35: 22\n",
"[+] Checking 192.168.32.35: 25\n",
"[+] Checking 192.168.32.35: 80\n",
"[+] Checking 192.168.32.35: 110\n",
"[+] Checking 192.168.32.36: 21\n",
"[+] Checking 192.168.32.36: 22\n",
"[+] Checking 192.168.32.36: 25\n",
"[+] Checking 192.168.32.36: 80\n",
"[+] Checking 192.168.32.36: 110\n",
"[+] Checking 192.168.32.37: 21\n",
"[+] Checking 192.168.32.37: 22\n",
"[+] Checking 192.168.32.37: 25\n",
"[+] Checking 192.168.32.37: 80\n",
"[+] Checking 192.168.32.37: 110\n",
"[+] Checking 192.168.32.38: 21\n",
"[+] Checking 192.168.32.38: 22\n",
"[+] Checking 192.168.32.38: 25\n",
"[+] Checking 192.168.32.38: 80\n",
"[+] Checking 192.168.32.38: 110\n",
"[+] Checking 192.168.32.39: 21\n",
"[+] Checking 192.168.32.39: 22\n",
"[+] Checking 192.168.32.39: 25\n",
"[+] Checking 192.168.32.39: 80\n",
"[+] Checking 192.168.32.39: 110\n",
"[+] Checking 192.168.32.40: 21\n",
"[+] Checking 192.168.32.40: 22\n",
"[+] Checking 192.168.32.40: 25\n",
"[+] Checking 192.168.32.40: 80\n",
"[+] Checking 192.168.32.40: 110\n",
"[+] Checking 192.168.32.41: 21\n",
"[+] Checking 192.168.32.41: 22\n",
"[+] Checking 192.168.32.41: 25\n",
"[+] Checking 192.168.32.41: 80\n",
"[+] Checking 192.168.32.41: 110\n",
"[+] Checking 192.168.32.42: 21\n",
"[+] Checking 192.168.32.42: 22\n",
"[+] Checking 192.168.32.42: 25\n",
"[+] Checking 192.168.32.42: 80\n",
"[+] Checking 192.168.32.42: 110\n",
"[+] Checking 192.168.32.43: 21\n",
"[+] Checking 192.168.32.43: 22\n",
"[+] Checking 192.168.32.43: 25\n",
"[+] Checking 192.168.32.43: 80\n",
"[+] Checking 192.168.32.43: 110\n",
"[+] Checking 192.168.32.44: 21\n",
"[+] Checking 192.168.32.44: 22\n",
"[+] Checking 192.168.32.44: 25\n",
"[+] Checking 192.168.32.44: 80\n",
"[+] Checking 192.168.32.44: 110\n",
"[+] Checking 192.168.32.45: 21\n",
"[+] Checking 192.168.32.45: 22\n",
"[+] Checking 192.168.32.45: 25\n",
"[+] Checking 192.168.32.45: 80\n",
"[+] Checking 192.168.32.45: 110\n",
"[+] Checking 192.168.32.46: 21\n",
"[+] Checking 192.168.32.46: 22\n",
"[+] Checking 192.168.32.46: 25\n",
"[+] Checking 192.168.32.46: 80\n",
"[+] Checking 192.168.32.46: 110\n",
"[+] Checking 192.168.32.47: 21\n",
"[+] Checking 192.168.32.47: 22\n",
"[+] Checking 192.168.32.47: 25\n",
"[+] Checking 192.168.32.47: 80\n",
"[+] Checking 192.168.32.47: 110\n",
"[+] Checking 192.168.32.48: 21\n",
"[+] Checking 192.168.32.48: 22\n",
"[+] Checking 192.168.32.48: 25\n",
"[+] Checking 192.168.32.48: 80\n",
"[+] Checking 192.168.32.48: 110\n",
"[+] Checking 192.168.32.49: 21\n",
"[+] Checking 192.168.32.49: 22\n",
"[+] Checking 192.168.32.49: 25\n",
"[+] Checking 192.168.32.49: 80\n",
"[+] Checking 192.168.32.49: 110\n",
"[+] Checking 192.168.32.50: 21\n",
"[+] Checking 192.168.32.50: 22\n",
"[+] Checking 192.168.32.50: 25\n",
"[+] Checking 192.168.32.50: 80\n",
"[+] Checking 192.168.32.50: 110\n",
"[+] Checking 192.168.32.51: 21\n",
"[+] Checking 192.168.32.51: 22\n",
"[+] Checking 192.168.32.51: 25\n",
"[+] Checking 192.168.32.51: 80\n",
"[+] Checking 192.168.32.51: 110\n",
"[+] Checking 192.168.32.52: 21\n",
"[+] Checking 192.168.32.52: 22\n",
"[+] Checking 192.168.32.52: 25\n",
"[+] Checking 192.168.32.52: 80\n",
"[+] Checking 192.168.32.52: 110\n",
"[+] Checking 192.168.32.53: 21\n",
"[+] Checking 192.168.32.53: 22\n",
"[+] Checking 192.168.32.53: 25\n",
"[+] Checking 192.168.32.53: 80\n",
"[+] Checking 192.168.32.53: 110\n",
"[+] Checking 192.168.32.54: 21\n",
"[+] Checking 192.168.32.54: 22\n",
"[+] Checking 192.168.32.54: 25\n",
"[+] Checking 192.168.32.54: 80\n",
"[+] Checking 192.168.32.54: 110\n",
"[+] Checking 192.168.32.55: 21\n",
"[+] Checking 192.168.32.55: 22\n",
"[+] Checking 192.168.32.55: 25\n",
"[+] Checking 192.168.32.55: 80\n",
"[+] Checking 192.168.32.55: 110\n",
"[+] Checking 192.168.32.56: 21\n",
"[+] Checking 192.168.32.56: 22\n",
"[+] Checking 192.168.32.56: 25\n",
"[+] Checking 192.168.32.56: 80\n",
"[+] Checking 192.168.32.56: 110\n",
"[+] Checking 192.168.32.57: 21\n",
"[+] Checking 192.168.32.57: 22\n",
"[+] Checking 192.168.32.57: 25\n",
"[+] Checking 192.168.32.57: 80\n",
"[+] Checking 192.168.32.57: 110\n",
"[+] Checking 192.168.32.58: 21\n",
"[+] Checking 192.168.32.58: 22\n",
"[+] Checking 192.168.32.58: 25\n",
"[+] Checking 192.168.32.58: 80\n",
"[+] Checking 192.168.32.58: 110\n",
"[+] Checking 192.168.32.59: 21\n",
"[+] Checking 192.168.32.59: 22\n",
"[+] Checking 192.168.32.59: 25\n",
"[+] Checking 192.168.32.59: 80\n",
"[+] Checking 192.168.32.59: 110\n",
"[+] Checking 192.168.32.60: 21\n",
"[+] Checking 192.168.32.60: 22\n",
"[+] Checking 192.168.32.60: 25\n",
"[+] Checking 192.168.32.60: 80\n",
"[+] Checking 192.168.32.60: 110\n",
"[+] Checking 192.168.32.61: 21\n",
"[+] Checking 192.168.32.61: 22\n",
"[+] Checking 192.168.32.61: 25\n",
"[+] Checking 192.168.32.61: 80\n",
"[+] Checking 192.168.32.61: 110\n",
"[+] Checking 192.168.32.62: 21\n",
"[+] Checking 192.168.32.62: 22\n",
"[+] Checking 192.168.32.62: 25\n",
"[+] Checking 192.168.32.62: 80\n",
"[+] Checking 192.168.32.62: 110\n",
"[+] Checking 192.168.32.63: 21\n",
"[+] Checking 192.168.32.63: 22\n",
"[+] Checking 192.168.32.63: 25\n",
"[+] Checking 192.168.32.63: 80\n",
"[+] Checking 192.168.32.63: 110\n",
"[+] Checking 192.168.32.64: 21\n",
"[+] Checking 192.168.32.64: 22\n",
"[+] Checking 192.168.32.64: 25\n",
"[+] Checking 192.168.32.64: 80\n",
"[+] Checking 192.168.32.64: 110\n",
"[+] Checking 192.168.32.65: 21\n",
"[+] Checking 192.168.32.65: 22\n",
"[+] Checking 192.168.32.65: 25\n",
"[+] Checking 192.168.32.65: 80\n",
"[+] Checking 192.168.32.65: 110\n",
"[+] Checking 192.168.32.66: 21\n",
"[+] Checking 192.168.32.66: 22\n",
"[+] Checking 192.168.32.66: 25\n",
"[+] Checking 192.168.32.66: 80\n",
"[+] Checking 192.168.32.66: 110\n",
"[+] Checking 192.168.32.67: 21\n",
"[+] Checking 192.168.32.67: 22\n",
"[+] Checking 192.168.32.67: 25\n",
"[+] Checking 192.168.32.67: 80\n",
"[+] Checking 192.168.32.67: 110\n",
"[+] Checking 192.168.32.68: 21\n",
"[+] Checking 192.168.32.68: 22\n",
"[+] Checking 192.168.32.68: 25\n",
"[+] Checking 192.168.32.68: 80\n",
"[+] Checking 192.168.32.68: 110\n",
"[+] Checking 192.168.32.69: 21\n",
"[+] Checking 192.168.32.69: 22\n",
"[+] Checking 192.168.32.69: 25\n",
"[+] Checking 192.168.32.69: 80\n",
"[+] Checking 192.168.32.69: 110\n",
"[+] Checking 192.168.32.70: 21\n",
"[+] Checking 192.168.32.70: 22\n",
"[+] Checking 192.168.32.70: 25\n",
"[+] Checking 192.168.32.70: 80\n",
"[+] Checking 192.168.32.70: 110\n",
"[+] Checking 192.168.32.71: 21\n",
"[+] Checking 192.168.32.71: 22\n",
"[+] Checking 192.168.32.71: 25\n",
"[+] Checking 192.168.32.71: 80\n",
"[+] Checking 192.168.32.71: 110\n",
"[+] Checking 192.168.32.72: 21\n",
"[+] Checking 192.168.32.72: 22\n",
"[+] Checking 192.168.32.72: 25\n",
"[+] Checking 192.168.32.72: 80\n",
"[+] Checking 192.168.32.72: 110\n",
"[+] Checking 192.168.32.73: 21\n",
"[+] Checking 192.168.32.73: 22\n",
"[+] Checking 192.168.32.73: 25\n",
"[+] Checking 192.168.32.73: 80\n",
"[+] Checking 192.168.32.73: 110\n",
"[+] Checking 192.168.32.74: 21\n",
"[+] Checking 192.168.32.74: 22\n",
"[+] Checking 192.168.32.74: 25\n",
"[+] Checking 192.168.32.74: 80\n",
"[+] Checking 192.168.32.74: 110\n",
"[+] Checking 192.168.32.75: 21\n",
"[+] Checking 192.168.32.75: 22\n",
"[+] Checking 192.168.32.75: 25\n",
"[+] Checking 192.168.32.75: 80\n",
"[+] Checking 192.168.32.75: 110\n",
"[+] Checking 192.168.32.76: 21\n",
"[+] Checking 192.168.32.76: 22\n",
"[+] Checking 192.168.32.76: 25\n",
"[+] Checking 192.168.32.76: 80\n",
"[+] Checking 192.168.32.76: 110\n",
"[+] Checking 192.168.32.77: 21\n",
"[+] Checking 192.168.32.77: 22\n",
"[+] Checking 192.168.32.77: 25\n",
"[+] Checking 192.168.32.77: 80\n",
"[+] Checking 192.168.32.77: 110\n",
"[+] Checking 192.168.32.78: 21\n",
"[+] Checking 192.168.32.78: 22\n",
"[+] Checking 192.168.32.78: 25\n",
"[+] Checking 192.168.32.78: 80\n",
"[+] Checking 192.168.32.78: 110\n",
"[+] Checking 192.168.32.79: 21\n",
"[+] Checking 192.168.32.79: 22\n",
"[+] Checking 192.168.32.79: 25\n",
"[+] Checking 192.168.32.79: 80\n",
"[+] Checking 192.168.32.79: 110\n",
"[+] Checking 192.168.32.80: 21\n",
"[+] Checking 192.168.32.80: 22\n",
"[+] Checking 192.168.32.80: 25\n",
"[+] Checking 192.168.32.80: 80\n",
"[+] Checking 192.168.32.80: 110\n",
"[+] Checking 192.168.32.81: 21\n",
"[+] Checking 192.168.32.81: 22\n",
"[+] Checking 192.168.32.81: 25\n",
"[+] Checking 192.168.32.81: 80\n",
"[+] Checking 192.168.32.81: 110\n",
"[+] Checking 192.168.32.82: 21\n",
"[+] Checking 192.168.32.82: 22\n",
"[+] Checking 192.168.32.82: 25\n",
"[+] Checking 192.168.32.82: 80\n",
"[+] Checking 192.168.32.82: 110\n",
"[+] Checking 192.168.32.83: 21\n",
"[+] Checking 192.168.32.83: 22\n",
"[+] Checking 192.168.32.83: 25\n",
"[+] Checking 192.168.32.83: 80\n",
"[+] Checking 192.168.32.83: 110\n",
"[+] Checking 192.168.32.84: 21\n",
"[+] Checking 192.168.32.84: 22\n",
"[+] Checking 192.168.32.84: 25\n",
"[+] Checking 192.168.32.84: 80\n",
"[+] Checking 192.168.32.84: 110\n",
"[+] Checking 192.168.32.85: 21\n",
"[+] Checking 192.168.32.85: 22\n",
"[+] Checking 192.168.32.85: 25\n",
"[+] Checking 192.168.32.85: 80\n",
"[+] Checking 192.168.32.85: 110\n",
"[+] Checking 192.168.32.86: 21\n",
"[+] Checking 192.168.32.86: 22\n",
"[+] Checking 192.168.32.86: 25\n",
"[+] Checking 192.168.32.86: 80\n",
"[+] Checking 192.168.32.86: 110\n",
"[+] Checking 192.168.32.87: 21\n",
"[+] Checking 192.168.32.87: 22\n",
"[+] Checking 192.168.32.87: 25\n",
"[+] Checking 192.168.32.87: 80\n",
"[+] Checking 192.168.32.87: 110\n",
"[+] Checking 192.168.32.88: 21\n",
"[+] Checking 192.168.32.88: 22\n",
"[+] Checking 192.168.32.88: 25\n",
"[+] Checking 192.168.32.88: 80\n",
"[+] Checking 192.168.32.88: 110\n",
"[+] Checking 192.168.32.89: 21\n",
"[+] Checking 192.168.32.89: 22\n",
"[+] Checking 192.168.32.89: 25\n",
"[+] Checking 192.168.32.89: 80\n",
"[+] Checking 192.168.32.89: 110\n",
"[+] Checking 192.168.32.90: 21\n",
"[+] Checking 192.168.32.90: 22\n",
"[+] Checking 192.168.32.90: 25\n",
"[+] Checking 192.168.32.90: 80\n",
"[+] Checking 192.168.32.90: 110\n",
"[+] Checking 192.168.32.91: 21\n",
"[+] Checking 192.168.32.91: 22\n",
"[+] Checking 192.168.32.91: 25\n",
"[+] Checking 192.168.32.91: 80\n",
"[+] Checking 192.168.32.91: 110\n",
"[+] Checking 192.168.32.92: 21\n",
"[+] Checking 192.168.32.92: 22\n",
"[+] Checking 192.168.32.92: 25\n",
"[+] Checking 192.168.32.92: 80\n",
"[+] Checking 192.168.32.92: 110\n",
"[+] Checking 192.168.32.93: 21\n",
"[+] Checking 192.168.32.93: 22\n",
"[+] Checking 192.168.32.93: 25\n",
"[+] Checking 192.168.32.93: 80\n",
"[+] Checking 192.168.32.93: 110\n",
"[+] Checking 192.168.32.94: 21\n",
"[+] Checking 192.168.32.94: 22\n",
"[+] Checking 192.168.32.94: 25\n",
"[+] Checking 192.168.32.94: 80\n",
"[+] Checking 192.168.32.94: 110\n",
"[+] Checking 192.168.32.95: 21\n",
"[+] Checking 192.168.32.95: 22\n",
"[+] Checking 192.168.32.95: 25\n",
"[+] Checking 192.168.32.95: 80\n",
"[+] Checking 192.168.32.95: 110\n",
"[+] Checking 192.168.32.96: 21\n",
"[+] Checking 192.168.32.96: 22\n",
"[+] Checking 192.168.32.96: 25\n",
"[+] Checking 192.168.32.96: 80\n",
"[+] Checking 192.168.32.96: 110\n",
"[+] Checking 192.168.32.97: 21\n",
"[+] Checking 192.168.32.97: 22\n",
"[+] Checking 192.168.32.97: 25\n",
"[+] Checking 192.168.32.97: 80\n",
"[+] Checking 192.168.32.97: 110\n",
"[+] Checking 192.168.32.98: 21\n",
"[+] Checking 192.168.32.98: 22\n",
"[+] Checking 192.168.32.98: 25\n",
"[+] Checking 192.168.32.98: 80\n",
"[+] Checking 192.168.32.98: 110\n",
"[+] Checking 192.168.32.99: 21\n",
"[+] Checking 192.168.32.99: 22\n",
"[+] Checking 192.168.32.99: 25\n",
"[+] Checking 192.168.32.99: 80\n",
"[+] Checking 192.168.32.99: 110\n",
"[+] Checking 192.168.32.100: 21\n",
"[+] Checking 192.168.32.100: 22\n",
"[+] Checking 192.168.32.100: 25\n",
"[+] Checking 192.168.32.100: 80\n",
"[+] Checking 192.168.32.100: 110\n",
"[+] Checking 192.168.32.101: 21\n",
"[+] Checking 192.168.32.101: 22\n",
"[+] Checking 192.168.32.101: 25\n",
"[+] Checking 192.168.32.101: 80\n",
"[+] Checking 192.168.32.101: 110\n",
"[+] Checking 192.168.32.102: 21\n",
"[+] Checking 192.168.32.102: 22\n",
"[+] Checking 192.168.32.102: 25\n",
"[+] Checking 192.168.32.102: 80\n",
"[+] Checking 192.168.32.102: 110\n",
"[+] Checking 192.168.32.103: 21\n",
"[+] Checking 192.168.32.103: 22\n",
"[+] Checking 192.168.32.103: 25\n",
"[+] Checking 192.168.32.103: 80\n",
"[+] Checking 192.168.32.103: 110\n",
"[+] Checking 192.168.32.104: 21\n",
"[+] Checking 192.168.32.104: 22\n",
"[+] Checking 192.168.32.104: 25\n",
"[+] Checking 192.168.32.104: 80\n",
"[+] Checking 192.168.32.104: 110\n",
"[+] Checking 192.168.32.105: 21\n",
"[+] Checking 192.168.32.105: 22\n",
"[+] Checking 192.168.32.105: 25\n",
"[+] Checking 192.168.32.105: 80\n",
"[+] Checking 192.168.32.105: 110\n",
"[+] Checking 192.168.32.106: 21\n",
"[+] Checking 192.168.32.106: 22\n",
"[+] Checking 192.168.32.106: 25\n",
"[+] Checking 192.168.32.106: 80\n",
"[+] Checking 192.168.32.106: 110\n",
"[+] Checking 192.168.32.107: 21\n",
"[+] Checking 192.168.32.107: 22\n",
"[+] Checking 192.168.32.107: 25\n",
"[+] Checking 192.168.32.107: 80\n",
"[+] Checking 192.168.32.107: 110\n",
"[+] Checking 192.168.32.108: 21\n",
"[+] Checking 192.168.32.108: 22\n",
"[+] Checking 192.168.32.108: 25\n",
"[+] Checking 192.168.32.108: 80\n",
"[+] Checking 192.168.32.108: 110\n",
"[+] Checking 192.168.32.109: 21\n",
"[+] Checking 192.168.32.109: 22\n",
"[+] Checking 192.168.32.109: 25\n",
"[+] Checking 192.168.32.109: 80\n",
"[+] Checking 192.168.32.109: 110\n",
"[+] Checking 192.168.32.110: 21\n",
"[+] Checking 192.168.32.110: 22\n",
"[+] Checking 192.168.32.110: 25\n",
"[+] Checking 192.168.32.110: 80\n",
"[+] Checking 192.168.32.110: 110\n",
"[+] Checking 192.168.32.111: 21\n",
"[+] Checking 192.168.32.111: 22\n",
"[+] Checking 192.168.32.111: 25\n",
"[+] Checking 192.168.32.111: 80\n",
"[+] Checking 192.168.32.111: 110\n",
"[+] Checking 192.168.32.112: 21\n",
"[+] Checking 192.168.32.112: 22\n",
"[+] Checking 192.168.32.112: 25\n",
"[+] Checking 192.168.32.112: 80\n",
"[+] Checking 192.168.32.112: 110\n",
"[+] Checking 192.168.32.113: 21\n",
"[+] Checking 192.168.32.113: 22\n",
"[+] Checking 192.168.32.113: 25\n",
"[+] Checking 192.168.32.113: 80\n",
"[+] Checking 192.168.32.113: 110\n",
"[+] Checking 192.168.32.114: 21\n",
"[+] Checking 192.168.32.114: 22\n",
"[+] Checking 192.168.32.114: 25\n",
"[+] Checking 192.168.32.114: 80\n",
"[+] Checking 192.168.32.114: 110\n",
"[+] Checking 192.168.32.115: 21\n",
"[+] Checking 192.168.32.115: 22\n",
"[+] Checking 192.168.32.115: 25\n",
"[+] Checking 192.168.32.115: 80\n",
"[+] Checking 192.168.32.115: 110\n",
"[+] Checking 192.168.32.116: 21\n",
"[+] Checking 192.168.32.116: 22\n",
"[+] Checking 192.168.32.116: 25\n",
"[+] Checking 192.168.32.116: 80\n",
"[+] Checking 192.168.32.116: 110\n",
"[+] Checking 192.168.32.117: 21\n",
"[+] Checking 192.168.32.117: 22\n",
"[+] Checking 192.168.32.117: 25\n",
"[+] Checking 192.168.32.117: 80\n",
"[+] Checking 192.168.32.117: 110\n",
"[+] Checking 192.168.32.118: 21\n",
"[+] Checking 192.168.32.118: 22\n",
"[+] Checking 192.168.32.118: 25\n",
"[+] Checking 192.168.32.118: 80\n",
"[+] Checking 192.168.32.118: 110\n",
"[+] Checking 192.168.32.119: 21\n",
"[+] Checking 192.168.32.119: 22\n",
"[+] Checking 192.168.32.119: 25\n",
"[+] Checking 192.168.32.119: 80\n",
"[+] Checking 192.168.32.119: 110\n",
"[+] Checking 192.168.32.120: 21\n",
"[+] Checking 192.168.32.120: 22\n",
"[+] Checking 192.168.32.120: 25\n",
"[+] Checking 192.168.32.120: 80\n",
"[+] Checking 192.168.32.120: 110\n",
"[+] Checking 192.168.32.121: 21\n",
"[+] Checking 192.168.32.121: 22\n",
"[+] Checking 192.168.32.121: 25\n",
"[+] Checking 192.168.32.121: 80\n",
"[+] Checking 192.168.32.121: 110\n",
"[+] Checking 192.168.32.122: 21\n",
"[+] Checking 192.168.32.122: 22\n",
"[+] Checking 192.168.32.122: 25\n",
"[+] Checking 192.168.32.122: 80\n",
"[+] Checking 192.168.32.122: 110\n",
"[+] Checking 192.168.32.123: 21\n",
"[+] Checking 192.168.32.123: 22\n",
"[+] Checking 192.168.32.123: 25\n",
"[+] Checking 192.168.32.123: 80\n",
"[+] Checking 192.168.32.123: 110\n",
"[+] Checking 192.168.32.124: 21\n",
"[+] Checking 192.168.32.124: 22\n",
"[+] Checking 192.168.32.124: 25\n",
"[+] Checking 192.168.32.124: 80\n",
"[+] Checking 192.168.32.124: 110\n",
"[+] Checking 192.168.32.125: 21\n",
"[+] Checking 192.168.32.125: 22\n",
"[+] Checking 192.168.32.125: 25\n",
"[+] Checking 192.168.32.125: 80\n",
"[+] Checking 192.168.32.125: 110\n",
"[+] Checking 192.168.32.126: 21\n",
"[+] Checking 192.168.32.126: 22\n",
"[+] Checking 192.168.32.126: 25\n",
"[+] Checking 192.168.32.126: 80\n",
"[+] Checking 192.168.32.126: 110\n",
"[+] Checking 192.168.32.127: 21\n",
"[+] Checking 192.168.32.127: 22\n",
"[+] Checking 192.168.32.127: 25\n",
"[+] Checking 192.168.32.127: 80\n",
"[+] Checking 192.168.32.127: 110\n",
"[+] Checking 192.168.32.128: 21\n",
"[+] Checking 192.168.32.128: 22\n",
"[+] Checking 192.168.32.128: 25\n",
"[+] Checking 192.168.32.128: 80\n",
"[+] Checking 192.168.32.128: 110\n",
"[+] Checking 192.168.32.129: 21\n",
"[+] Checking 192.168.32.129: 22\n",
"[+] Checking 192.168.32.129: 25\n",
"[+] Checking 192.168.32.129: 80\n",
"[+] Checking 192.168.32.129: 110\n",
"[+] Checking 192.168.32.130: 21\n",
"[+] Checking 192.168.32.130: 22\n",
"[+] Checking 192.168.32.130: 25\n",
"[+] Checking 192.168.32.130: 80\n",
"[+] Checking 192.168.32.130: 110\n",
"[+] Checking 192.168.32.131: 21\n",
"[+] Checking 192.168.32.131: 22\n",
"[+] Checking 192.168.32.131: 25\n",
"[+] Checking 192.168.32.131: 80\n",
"[+] Checking 192.168.32.131: 110\n",
"[+] Checking 192.168.32.132: 21\n",
"[+] Checking 192.168.32.132: 22\n",
"[+] Checking 192.168.32.132: 25\n",
"[+] Checking 192.168.32.132: 80\n",
"[+] Checking 192.168.32.132: 110\n",
"[+] Checking 192.168.32.133: 21\n",
"[+] Checking 192.168.32.133: 22\n",
"[+] Checking 192.168.32.133: 25\n",
"[+] Checking 192.168.32.133: 80\n",
"[+] Checking 192.168.32.133: 110\n",
"[+] Checking 192.168.32.134: 21\n",
"[+] Checking 192.168.32.134: 22\n",
"[+] Checking 192.168.32.134: 25\n",
"[+] Checking 192.168.32.134: 80\n",
"[+] Checking 192.168.32.134: 110\n",
"[+] Checking 192.168.32.135: 21\n",
"[+] Checking 192.168.32.135: 22\n",
"[+] Checking 192.168.32.135: 25\n",
"[+] Checking 192.168.32.135: 80\n",
"[+] Checking 192.168.32.135: 110\n",
"[+] Checking 192.168.32.136: 21\n",
"[+] Checking 192.168.32.136: 22\n",
"[+] Checking 192.168.32.136: 25\n",
"[+] Checking 192.168.32.136: 80\n",
"[+] Checking 192.168.32.136: 110\n",
"[+] Checking 192.168.32.137: 21\n",
"[+] Checking 192.168.32.137: 22\n",
"[+] Checking 192.168.32.137: 25\n",
"[+] Checking 192.168.32.137: 80\n",
"[+] Checking 192.168.32.137: 110\n",
"[+] Checking 192.168.32.138: 21\n",
"[+] Checking 192.168.32.138: 22\n",
"[+] Checking 192.168.32.138: 25\n",
"[+] Checking 192.168.32.138: 80\n",
"[+] Checking 192.168.32.138: 110\n",
"[+] Checking 192.168.32.139: 21\n",
"[+] Checking 192.168.32.139: 22\n",
"[+] Checking 192.168.32.139: 25\n",
"[+] Checking 192.168.32.139: 80\n",
"[+] Checking 192.168.32.139: 110\n",
"[+] Checking 192.168.32.140: 21\n",
"[+] Checking 192.168.32.140: 22\n",
"[+] Checking 192.168.32.140: 25\n",
"[+] Checking 192.168.32.140: 80\n",
"[+] Checking 192.168.32.140: 110\n",
"[+] Checking 192.168.32.141: 21\n",
"[+] Checking 192.168.32.141: 22\n",
"[+] Checking 192.168.32.141: 25\n",
"[+] Checking 192.168.32.141: 80\n",
"[+] Checking 192.168.32.141: 110\n",
"[+] Checking 192.168.32.142: 21\n",
"[+] Checking 192.168.32.142: 22\n",
"[+] Checking 192.168.32.142: 25\n",
"[+] Checking 192.168.32.142: 80\n",
"[+] Checking 192.168.32.142: 110\n",
"[+] Checking 192.168.32.143: 21\n",
"[+] Checking 192.168.32.143: 22\n",
"[+] Checking 192.168.32.143: 25\n",
"[+] Checking 192.168.32.143: 80\n",
"[+] Checking 192.168.32.143: 110\n",
"[+] Checking 192.168.32.144: 21\n",
"[+] Checking 192.168.32.144: 22\n",
"[+] Checking 192.168.32.144: 25\n",
"[+] Checking 192.168.32.144: 80\n",
"[+] Checking 192.168.32.144: 110\n",
"[+] Checking 192.168.32.145: 21\n",
"[+] Checking 192.168.32.145: 22\n",
"[+] Checking 192.168.32.145: 25\n",
"[+] Checking 192.168.32.145: 80\n",
"[+] Checking 192.168.32.145: 110\n",
"[+] Checking 192.168.32.146: 21\n",
"[+] Checking 192.168.32.146: 22\n",
"[+] Checking 192.168.32.146: 25\n",
"[+] Checking 192.168.32.146: 80\n",
"[+] Checking 192.168.32.146: 110\n",
"[+] Checking 192.168.32.147: 21\n",
"[+] Checking 192.168.32.147: 22\n",
"[+] Checking 192.168.32.147: 25\n",
"[+] Checking 192.168.32.147: 80\n",
"[+] Checking 192.168.32.147: 110\n",
"[+] Checking 192.168.32.148: 21\n",
"[+] Checking 192.168.32.148: 22\n",
"[+] Checking 192.168.32.148: 25\n",
"[+] Checking 192.168.32.148: 80\n",
"[+] Checking 192.168.32.148: 110\n",
"[+] Checking 192.168.32.149: 21\n",
"[+] Checking 192.168.32.149: 22\n",
"[+] Checking 192.168.32.149: 25\n",
"[+] Checking 192.168.32.149: 80\n",
"[+] Checking 192.168.32.149: 110\n",
"[+] Checking 192.168.32.150: 21\n",
"[+] Checking 192.168.32.150: 22\n",
"[+] Checking 192.168.32.150: 25\n",
"[+] Checking 192.168.32.150: 80\n",
"[+] Checking 192.168.32.150: 110\n",
"[+] Checking 192.168.32.151: 21\n",
"[+] Checking 192.168.32.151: 22\n",
"[+] Checking 192.168.32.151: 25\n",
"[+] Checking 192.168.32.151: 80\n",
"[+] Checking 192.168.32.151: 110\n",
"[+] Checking 192.168.32.152: 21\n",
"[+] Checking 192.168.32.152: 22\n",
"[+] Checking 192.168.32.152: 25\n",
"[+] Checking 192.168.32.152: 80\n",
"[+] Checking 192.168.32.152: 110\n",
"[+] Checking 192.168.32.153: 21\n",
"[+] Checking 192.168.32.153: 22\n",
"[+] Checking 192.168.32.153: 25\n",
"[+] Checking 192.168.32.153: 80\n",
"[+] Checking 192.168.32.153: 110\n",
"[+] Checking 192.168.32.154: 21\n",
"[+] Checking 192.168.32.154: 22\n",
"[+] Checking 192.168.32.154: 25\n",
"[+] Checking 192.168.32.154: 80\n",
"[+] Checking 192.168.32.154: 110\n",
"[+] Checking 192.168.32.155: 21\n",
"[+] Checking 192.168.32.155: 22\n",
"[+] Checking 192.168.32.155: 25\n",
"[+] Checking 192.168.32.155: 80\n",
"[+] Checking 192.168.32.155: 110\n",
"[+] Checking 192.168.32.156: 21\n",
"[+] Checking 192.168.32.156: 22\n",
"[+] Checking 192.168.32.156: 25\n",
"[+] Checking 192.168.32.156: 80\n",
"[+] Checking 192.168.32.156: 110\n",
"[+] Checking 192.168.32.157: 21\n",
"[+] Checking 192.168.32.157: 22\n",
"[+] Checking 192.168.32.157: 25\n",
"[+] Checking 192.168.32.157: 80\n",
"[+] Checking 192.168.32.157: 110\n",
"[+] Checking 192.168.32.158: 21\n",
"[+] Checking 192.168.32.158: 22\n",
"[+] Checking 192.168.32.158: 25\n",
"[+] Checking 192.168.32.158: 80\n",
"[+] Checking 192.168.32.158: 110\n",
"[+] Checking 192.168.32.159: 21\n",
"[+] Checking 192.168.32.159: 22\n",
"[+] Checking 192.168.32.159: 25\n",
"[+] Checking 192.168.32.159: 80\n",
"[+] Checking 192.168.32.159: 110\n",
"[+] Checking 192.168.32.160: 21\n",
"[+] Checking 192.168.32.160: 22\n",
"[+] Checking 192.168.32.160: 25\n",
"[+] Checking 192.168.32.160: 80\n",
"[+] Checking 192.168.32.160: 110\n",
"[+] Checking 192.168.32.161: 21\n",
"[+] Checking 192.168.32.161: 22\n",
"[+] Checking 192.168.32.161: 25\n",
"[+] Checking 192.168.32.161: 80\n",
"[+] Checking 192.168.32.161: 110\n",
"[+] Checking 192.168.32.162: 21\n",
"[+] Checking 192.168.32.162: 22\n",
"[+] Checking 192.168.32.162: 25\n",
"[+] Checking 192.168.32.162: 80\n",
"[+] Checking 192.168.32.162: 110\n",
"[+] Checking 192.168.32.163: 21\n",
"[+] Checking 192.168.32.163: 22\n",
"[+] Checking 192.168.32.163: 25\n",
"[+] Checking 192.168.32.163: 80\n",
"[+] Checking 192.168.32.163: 110\n",
"[+] Checking 192.168.32.164: 21\n",
"[+] Checking 192.168.32.164: 22\n",
"[+] Checking 192.168.32.164: 25\n",
"[+] Checking 192.168.32.164: 80\n",
"[+] Checking 192.168.32.164: 110\n",
"[+] Checking 192.168.32.165: 21\n",
"[+] Checking 192.168.32.165: 22\n",
"[+] Checking 192.168.32.165: 25\n",
"[+] Checking 192.168.32.165: 80\n",
"[+] Checking 192.168.32.165: 110\n",
"[+] Checking 192.168.32.166: 21\n",
"[+] Checking 192.168.32.166: 22\n",
"[+] Checking 192.168.32.166: 25\n",
"[+] Checking 192.168.32.166: 80\n",
"[+] Checking 192.168.32.166: 110\n",
"[+] Checking 192.168.32.167: 21\n",
"[+] Checking 192.168.32.167: 22\n",
"[+] Checking 192.168.32.167: 25\n",
"[+] Checking 192.168.32.167: 80\n",
"[+] Checking 192.168.32.167: 110\n",
"[+] Checking 192.168.32.168: 21\n",
"[+] Checking 192.168.32.168: 22\n",
"[+] Checking 192.168.32.168: 25\n",
"[+] Checking 192.168.32.168: 80\n",
"[+] Checking 192.168.32.168: 110\n",
"[+] Checking 192.168.32.169: 21\n",
"[+] Checking 192.168.32.169: 22\n",
"[+] Checking 192.168.32.169: 25\n",
"[+] Checking 192.168.32.169: 80\n",
"[+] Checking 192.168.32.169: 110\n",
"[+] Checking 192.168.32.170: 21\n",
"[+] Checking 192.168.32.170: 22\n",
"[+] Checking 192.168.32.170: 25\n",
"[+] Checking 192.168.32.170: 80\n",
"[+] Checking 192.168.32.170: 110\n",
"[+] Checking 192.168.32.171: 21\n",
"[+] Checking 192.168.32.171: 22\n",
"[+] Checking 192.168.32.171: 25\n",
"[+] Checking 192.168.32.171: 80\n",
"[+] Checking 192.168.32.171: 110\n",
"[+] Checking 192.168.32.172: 21\n",
"[+] Checking 192.168.32.172: 22\n",
"[+] Checking 192.168.32.172: 25\n",
"[+] Checking 192.168.32.172: 80\n",
"[+] Checking 192.168.32.172: 110\n",
"[+] Checking 192.168.32.173: 21\n",
"[+] Checking 192.168.32.173: 22\n",
"[+] Checking 192.168.32.173: 25\n",
"[+] Checking 192.168.32.173: 80\n",
"[+] Checking 192.168.32.173: 110\n",
"[+] Checking 192.168.32.174: 21\n",
"[+] Checking 192.168.32.174: 22\n",
"[+] Checking 192.168.32.174: 25\n",
"[+] Checking 192.168.32.174: 80\n",
"[+] Checking 192.168.32.174: 110\n",
"[+] Checking 192.168.32.175: 21\n",
"[+] Checking 192.168.32.175: 22\n",
"[+] Checking 192.168.32.175: 25\n",
"[+] Checking 192.168.32.175: 80\n",
"[+] Checking 192.168.32.175: 110\n",
"[+] Checking 192.168.32.176: 21\n",
"[+] Checking 192.168.32.176: 22\n",
"[+] Checking 192.168.32.176: 25\n",
"[+] Checking 192.168.32.176: 80\n",
"[+] Checking 192.168.32.176: 110\n",
"[+] Checking 192.168.32.177: 21\n",
"[+] Checking 192.168.32.177: 22\n",
"[+] Checking 192.168.32.177: 25\n",
"[+] Checking 192.168.32.177: 80\n",
"[+] Checking 192.168.32.177: 110\n",
"[+] Checking 192.168.32.178: 21\n",
"[+] Checking 192.168.32.178: 22\n",
"[+] Checking 192.168.32.178: 25\n",
"[+] Checking 192.168.32.178: 80\n",
"[+] Checking 192.168.32.178: 110\n",
"[+] Checking 192.168.32.179: 21\n",
"[+] Checking 192.168.32.179: 22\n",
"[+] Checking 192.168.32.179: 25\n",
"[+] Checking 192.168.32.179: 80\n",
"[+] Checking 192.168.32.179: 110\n",
"[+] Checking 192.168.32.180: 21\n",
"[+] Checking 192.168.32.180: 22\n",
"[+] Checking 192.168.32.180: 25\n",
"[+] Checking 192.168.32.180: 80\n",
"[+] Checking 192.168.32.180: 110\n",
"[+] Checking 192.168.32.181: 21\n",
"[+] Checking 192.168.32.181: 22\n",
"[+] Checking 192.168.32.181: 25\n",
"[+] Checking 192.168.32.181: 80\n",
"[+] Checking 192.168.32.181: 110\n",
"[+] Checking 192.168.32.182: 21\n",
"[+] Checking 192.168.32.182: 22\n",
"[+] Checking 192.168.32.182: 25\n",
"[+] Checking 192.168.32.182: 80\n",
"[+] Checking 192.168.32.182: 110\n",
"[+] Checking 192.168.32.183: 21\n",
"[+] Checking 192.168.32.183: 22\n",
"[+] Checking 192.168.32.183: 25\n",
"[+] Checking 192.168.32.183: 80\n",
"[+] Checking 192.168.32.183: 110\n",
"[+] Checking 192.168.32.184: 21\n",
"[+] Checking 192.168.32.184: 22\n",
"[+] Checking 192.168.32.184: 25\n",
"[+] Checking 192.168.32.184: 80\n",
"[+] Checking 192.168.32.184: 110\n",
"[+] Checking 192.168.32.185: 21\n",
"[+] Checking 192.168.32.185: 22\n",
"[+] Checking 192.168.32.185: 25\n",
"[+] Checking 192.168.32.185: 80\n",
"[+] Checking 192.168.32.185: 110\n",
"[+] Checking 192.168.32.186: 21\n",
"[+] Checking 192.168.32.186: 22\n",
"[+] Checking 192.168.32.186: 25\n",
"[+] Checking 192.168.32.186: 80\n",
"[+] Checking 192.168.32.186: 110\n",
"[+] Checking 192.168.32.187: 21\n",
"[+] Checking 192.168.32.187: 22\n",
"[+] Checking 192.168.32.187: 25\n",
"[+] Checking 192.168.32.187: 80\n",
"[+] Checking 192.168.32.187: 110\n",
"[+] Checking 192.168.32.188: 21\n",
"[+] Checking 192.168.32.188: 22\n",
"[+] Checking 192.168.32.188: 25\n",
"[+] Checking 192.168.32.188: 80\n",
"[+] Checking 192.168.32.188: 110\n",
"[+] Checking 192.168.32.189: 21\n",
"[+] Checking 192.168.32.189: 22\n",
"[+] Checking 192.168.32.189: 25\n",
"[+] Checking 192.168.32.189: 80\n",
"[+] Checking 192.168.32.189: 110\n",
"[+] Checking 192.168.32.190: 21\n",
"[+] Checking 192.168.32.190: 22\n",
"[+] Checking 192.168.32.190: 25\n",
"[+] Checking 192.168.32.190: 80\n",
"[+] Checking 192.168.32.190: 110\n",
"[+] Checking 192.168.32.191: 21\n",
"[+] Checking 192.168.32.191: 22\n",
"[+] Checking 192.168.32.191: 25\n",
"[+] Checking 192.168.32.191: 80\n",
"[+] Checking 192.168.32.191: 110\n",
"[+] Checking 192.168.32.192: 21\n",
"[+] Checking 192.168.32.192: 22\n",
"[+] Checking 192.168.32.192: 25\n",
"[+] Checking 192.168.32.192: 80\n",
"[+] Checking 192.168.32.192: 110\n",
"[+] Checking 192.168.32.193: 21\n",
"[+] Checking 192.168.32.193: 22\n",
"[+] Checking 192.168.32.193: 25\n",
"[+] Checking 192.168.32.193: 80\n",
"[+] Checking 192.168.32.193: 110\n",
"[+] Checking 192.168.32.194: 21\n",
"[+] Checking 192.168.32.194: 22\n",
"[+] Checking 192.168.32.194: 25\n",
"[+] Checking 192.168.32.194: 80\n",
"[+] Checking 192.168.32.194: 110\n",
"[+] Checking 192.168.32.195: 21\n",
"[+] Checking 192.168.32.195: 22\n",
"[+] Checking 192.168.32.195: 25\n",
"[+] Checking 192.168.32.195: 80\n",
"[+] Checking 192.168.32.195: 110\n",
"[+] Checking 192.168.32.196: 21\n",
"[+] Checking 192.168.32.196: 22\n",
"[+] Checking 192.168.32.196: 25\n",
"[+] Checking 192.168.32.196: 80\n",
"[+] Checking 192.168.32.196: 110\n",
"[+] Checking 192.168.32.197: 21\n",
"[+] Checking 192.168.32.197: 22\n",
"[+] Checking 192.168.32.197: 25\n",
"[+] Checking 192.168.32.197: 80\n",
"[+] Checking 192.168.32.197: 110\n",
"[+] Checking 192.168.32.198: 21\n",
"[+] Checking 192.168.32.198: 22\n",
"[+] Checking 192.168.32.198: 25\n",
"[+] Checking 192.168.32.198: 80\n",
"[+] Checking 192.168.32.198: 110\n",
"[+] Checking 192.168.32.199: 21\n",
"[+] Checking 192.168.32.199: 22\n",
"[+] Checking 192.168.32.199: 25\n",
"[+] Checking 192.168.32.199: 80\n",
"[+] Checking 192.168.32.199: 110\n",
"[+] Checking 192.168.32.200: 21\n",
"[+] Checking 192.168.32.200: 22\n",
"[+] Checking 192.168.32.200: 25\n",
"[+] Checking 192.168.32.200: 80\n",
"[+] Checking 192.168.32.200: 110\n",
"[+] Checking 192.168.32.201: 21\n",
"[+] Checking 192.168.32.201: 22\n",
"[+] Checking 192.168.32.201: 25\n",
"[+] Checking 192.168.32.201: 80\n",
"[+] Checking 192.168.32.201: 110\n",
"[+] Checking 192.168.32.202: 21\n",
"[+] Checking 192.168.32.202: 22\n",
"[+] Checking 192.168.32.202: 25\n",
"[+] Checking 192.168.32.202: 80\n",
"[+] Checking 192.168.32.202: 110\n",
"[+] Checking 192.168.32.203: 21\n",
"[+] Checking 192.168.32.203: 22\n",
"[+] Checking 192.168.32.203: 25\n",
"[+] Checking 192.168.32.203: 80\n",
"[+] Checking 192.168.32.203: 110\n",
"[+] Checking 192.168.32.204: 21\n",
"[+] Checking 192.168.32.204: 22\n",
"[+] Checking 192.168.32.204: 25\n",
"[+] Checking 192.168.32.204: 80\n",
"[+] Checking 192.168.32.204: 110\n",
"[+] Checking 192.168.32.205: 21\n",
"[+] Checking 192.168.32.205: 22\n",
"[+] Checking 192.168.32.205: 25\n",
"[+] Checking 192.168.32.205: 80\n",
"[+] Checking 192.168.32.205: 110\n",
"[+] Checking 192.168.32.206: 21\n",
"[+] Checking 192.168.32.206: 22\n",
"[+] Checking 192.168.32.206: 25\n",
"[+] Checking 192.168.32.206: 80\n",
"[+] Checking 192.168.32.206: 110\n",
"[+] Checking 192.168.32.207: 21\n",
"[+] Checking 192.168.32.207: 22\n",
"[+] Checking 192.168.32.207: 25\n",
"[+] Checking 192.168.32.207: 80\n",
"[+] Checking 192.168.32.207: 110\n",
"[+] Checking 192.168.32.208: 21\n",
"[+] Checking 192.168.32.208: 22\n",
"[+] Checking 192.168.32.208: 25\n",
"[+] Checking 192.168.32.208: 80\n",
"[+] Checking 192.168.32.208: 110\n",
"[+] Checking 192.168.32.209: 21\n",
"[+] Checking 192.168.32.209: 22\n",
"[+] Checking 192.168.32.209: 25\n",
"[+] Checking 192.168.32.209: 80\n",
"[+] Checking 192.168.32.209: 110\n",
"[+] Checking 192.168.32.210: 21\n",
"[+] Checking 192.168.32.210: 22\n",
"[+] Checking 192.168.32.210: 25\n",
"[+] Checking 192.168.32.210: 80\n",
"[+] Checking 192.168.32.210: 110\n",
"[+] Checking 192.168.32.211: 21\n",
"[+] Checking 192.168.32.211: 22\n",
"[+] Checking 192.168.32.211: 25\n",
"[+] Checking 192.168.32.211: 80\n",
"[+] Checking 192.168.32.211: 110\n",
"[+] Checking 192.168.32.212: 21\n",
"[+] Checking 192.168.32.212: 22\n",
"[+] Checking 192.168.32.212: 25\n",
"[+] Checking 192.168.32.212: 80\n",
"[+] Checking 192.168.32.212: 110\n",
"[+] Checking 192.168.32.213: 21\n",
"[+] Checking 192.168.32.213: 22\n",
"[+] Checking 192.168.32.213: 25\n",
"[+] Checking 192.168.32.213: 80\n",
"[+] Checking 192.168.32.213: 110\n",
"[+] Checking 192.168.32.214: 21\n",
"[+] Checking 192.168.32.214: 22\n",
"[+] Checking 192.168.32.214: 25\n",
"[+] Checking 192.168.32.214: 80\n",
"[+] Checking 192.168.32.214: 110\n",
"[+] Checking 192.168.32.215: 21\n",
"[+] Checking 192.168.32.215: 22\n",
"[+] Checking 192.168.32.215: 25\n",
"[+] Checking 192.168.32.215: 80\n",
"[+] Checking 192.168.32.215: 110\n",
"[+] Checking 192.168.32.216: 21\n",
"[+] Checking 192.168.32.216: 22\n",
"[+] Checking 192.168.32.216: 25\n",
"[+] Checking 192.168.32.216: 80\n",
"[+] Checking 192.168.32.216: 110\n",
"[+] Checking 192.168.32.217: 21\n",
"[+] Checking 192.168.32.217: 22\n",
"[+] Checking 192.168.32.217: 25\n",
"[+] Checking 192.168.32.217: 80\n",
"[+] Checking 192.168.32.217: 110\n",
"[+] Checking 192.168.32.218: 21\n",
"[+] Checking 192.168.32.218: 22\n",
"[+] Checking 192.168.32.218: 25\n",
"[+] Checking 192.168.32.218: 80\n",
"[+] Checking 192.168.32.218: 110\n",
"[+] Checking 192.168.32.219: 21\n",
"[+] Checking 192.168.32.219: 22\n",
"[+] Checking 192.168.32.219: 25\n",
"[+] Checking 192.168.32.219: 80\n",
"[+] Checking 192.168.32.219: 110\n",
"[+] Checking 192.168.32.220: 21\n",
"[+] Checking 192.168.32.220: 22\n",
"[+] Checking 192.168.32.220: 25\n",
"[+] Checking 192.168.32.220: 80\n",
"[+] Checking 192.168.32.220: 110\n",
"[+] Checking 192.168.32.221: 21\n",
"[+] Checking 192.168.32.221: 22\n",
"[+] Checking 192.168.32.221: 25\n",
"[+] Checking 192.168.32.221: 80\n",
"[+] Checking 192.168.32.221: 110\n",
"[+] Checking 192.168.32.222: 21\n",
"[+] Checking 192.168.32.222: 22\n",
"[+] Checking 192.168.32.222: 25\n",
"[+] Checking 192.168.32.222: 80\n",
"[+] Checking 192.168.32.222: 110\n",
"[+] Checking 192.168.32.223: 21\n",
"[+] Checking 192.168.32.223: 22\n",
"[+] Checking 192.168.32.223: 25\n",
"[+] Checking 192.168.32.223: 80\n",
"[+] Checking 192.168.32.223: 110\n",
"[+] Checking 192.168.32.224: 21\n",
"[+] Checking 192.168.32.224: 22\n",
"[+] Checking 192.168.32.224: 25\n",
"[+] Checking 192.168.32.224: 80\n",
"[+] Checking 192.168.32.224: 110\n",
"[+] Checking 192.168.32.225: 21\n",
"[+] Checking 192.168.32.225: 22\n",
"[+] Checking 192.168.32.225: 25\n",
"[+] Checking 192.168.32.225: 80\n",
"[+] Checking 192.168.32.225: 110\n",
"[+] Checking 192.168.32.226: 21\n",
"[+] Checking 192.168.32.226: 22\n",
"[+] Checking 192.168.32.226: 25\n",
"[+] Checking 192.168.32.226: 80\n",
"[+] Checking 192.168.32.226: 110\n",
"[+] Checking 192.168.32.227: 21\n",
"[+] Checking 192.168.32.227: 22\n",
"[+] Checking 192.168.32.227: 25\n",
"[+] Checking 192.168.32.227: 80\n",
"[+] Checking 192.168.32.227: 110\n",
"[+] Checking 192.168.32.228: 21\n",
"[+] Checking 192.168.32.228: 22\n",
"[+] Checking 192.168.32.228: 25\n",
"[+] Checking 192.168.32.228: 80\n",
"[+] Checking 192.168.32.228: 110\n",
"[+] Checking 192.168.32.229: 21\n",
"[+] Checking 192.168.32.229: 22\n",
"[+] Checking 192.168.32.229: 25\n",
"[+] Checking 192.168.32.229: 80\n",
"[+] Checking 192.168.32.229: 110\n",
"[+] Checking 192.168.32.230: 21\n",
"[+] Checking 192.168.32.230: 22\n",
"[+] Checking 192.168.32.230: 25\n",
"[+] Checking 192.168.32.230: 80\n",
"[+] Checking 192.168.32.230: 110\n",
"[+] Checking 192.168.32.231: 21\n",
"[+] Checking 192.168.32.231: 22\n",
"[+] Checking 192.168.32.231: 25\n",
"[+] Checking 192.168.32.231: 80\n",
"[+] Checking 192.168.32.231: 110\n",
"[+] Checking 192.168.32.232: 21\n",
"[+] Checking 192.168.32.232: 22\n",
"[+] Checking 192.168.32.232: 25\n",
"[+] Checking 192.168.32.232: 80\n",
"[+] Checking 192.168.32.232: 110\n",
"[+] Checking 192.168.32.233: 21\n",
"[+] Checking 192.168.32.233: 22\n",
"[+] Checking 192.168.32.233: 25\n",
"[+] Checking 192.168.32.233: 80\n",
"[+] Checking 192.168.32.233: 110\n",
"[+] Checking 192.168.32.234: 21\n",
"[+] Checking 192.168.32.234: 22\n",
"[+] Checking 192.168.32.234: 25\n",
"[+] Checking 192.168.32.234: 80\n",
"[+] Checking 192.168.32.234: 110\n",
"[+] Checking 192.168.32.235: 21\n",
"[+] Checking 192.168.32.235: 22\n",
"[+] Checking 192.168.32.235: 25\n",
"[+] Checking 192.168.32.235: 80\n",
"[+] Checking 192.168.32.235: 110\n",
"[+] Checking 192.168.32.236: 21\n",
"[+] Checking 192.168.32.236: 22\n",
"[+] Checking 192.168.32.236: 25\n",
"[+] Checking 192.168.32.236: 80\n",
"[+] Checking 192.168.32.236: 110\n",
"[+] Checking 192.168.32.237: 21\n",
"[+] Checking 192.168.32.237: 22\n",
"[+] Checking 192.168.32.237: 25\n",
"[+] Checking 192.168.32.237: 80\n",
"[+] Checking 192.168.32.237: 110\n",
"[+] Checking 192.168.32.238: 21\n",
"[+] Checking 192.168.32.238: 22\n",
"[+] Checking 192.168.32.238: 25\n",
"[+] Checking 192.168.32.238: 80\n",
"[+] Checking 192.168.32.238: 110\n",
"[+] Checking 192.168.32.239: 21\n",
"[+] Checking 192.168.32.239: 22\n",
"[+] Checking 192.168.32.239: 25\n",
"[+] Checking 192.168.32.239: 80\n",
"[+] Checking 192.168.32.239: 110\n",
"[+] Checking 192.168.32.240: 21\n",
"[+] Checking 192.168.32.240: 22\n",
"[+] Checking 192.168.32.240: 25\n",
"[+] Checking 192.168.32.240: 80\n",
"[+] Checking 192.168.32.240: 110\n",
"[+] Checking 192.168.32.241: 21\n",
"[+] Checking 192.168.32.241: 22\n",
"[+] Checking 192.168.32.241: 25\n",
"[+] Checking 192.168.32.241: 80\n",
"[+] Checking 192.168.32.241: 110\n",
"[+] Checking 192.168.32.242: 21\n",
"[+] Checking 192.168.32.242: 22\n",
"[+] Checking 192.168.32.242: 25\n",
"[+] Checking 192.168.32.242: 80\n",
"[+] Checking 192.168.32.242: 110\n",
"[+] Checking 192.168.32.243: 21\n",
"[+] Checking 192.168.32.243: 22\n",
"[+] Checking 192.168.32.243: 25\n",
"[+] Checking 192.168.32.243: 80\n",
"[+] Checking 192.168.32.243: 110\n",
"[+] Checking 192.168.32.244: 21\n",
"[+] Checking 192.168.32.244: 22\n",
"[+] Checking 192.168.32.244: 25\n",
"[+] Checking 192.168.32.244: 80\n",
"[+] Checking 192.168.32.244: 110\n",
"[+] Checking 192.168.32.245: 21\n",
"[+] Checking 192.168.32.245: 22\n",
"[+] Checking 192.168.32.245: 25\n",
"[+] Checking 192.168.32.245: 80\n",
"[+] Checking 192.168.32.245: 110\n",
"[+] Checking 192.168.32.246: 21\n",
"[+] Checking 192.168.32.246: 22\n",
"[+] Checking 192.168.32.246: 25\n",
"[+] Checking 192.168.32.246: 80\n",
"[+] Checking 192.168.32.246: 110\n",
"[+] Checking 192.168.32.247: 21\n",
"[+] Checking 192.168.32.247: 22\n",
"[+] Checking 192.168.32.247: 25\n",
"[+] Checking 192.168.32.247: 80\n",
"[+] Checking 192.168.32.247: 110\n",
"[+] Checking 192.168.32.248: 21\n",
"[+] Checking 192.168.32.248: 22\n",
"[+] Checking 192.168.32.248: 25\n",
"[+] Checking 192.168.32.248: 80\n",
"[+] Checking 192.168.32.248: 110\n",
"[+] Checking 192.168.32.249: 21\n",
"[+] Checking 192.168.32.249: 22\n",
"[+] Checking 192.168.32.249: 25\n",
"[+] Checking 192.168.32.249: 80\n",
"[+] Checking 192.168.32.249: 110\n",
"[+] Checking 192.168.32.250: 21\n",
"[+] Checking 192.168.32.250: 22\n",
"[+] Checking 192.168.32.250: 25\n",
"[+] Checking 192.168.32.250: 80\n",
"[+] Checking 192.168.32.250: 110\n",
"[+] Checking 192.168.32.251: 21\n",
"[+] Checking 192.168.32.251: 22\n",
"[+] Checking 192.168.32.251: 25\n",
"[+] Checking 192.168.32.251: 80\n",
"[+] Checking 192.168.32.251: 110\n",
"[+] Checking 192.168.32.252: 21\n",
"[+] Checking 192.168.32.252: 22\n",
"[+] Checking 192.168.32.252: 25\n",
"[+] Checking 192.168.32.252: 80\n",
"[+] Checking 192.168.32.252: 110\n",
"[+] Checking 192.168.32.253: 21\n",
"[+] Checking 192.168.32.253: 22\n",
"[+] Checking 192.168.32.253: 25\n",
"[+] Checking 192.168.32.253: 80\n",
"[+] Checking 192.168.32.253: 110\n",
"[+] Checking 192.168.32.254: 21\n",
"[+] Checking 192.168.32.254: 22\n",
"[+] Checking 192.168.32.254: 25\n",
"[+] Checking 192.168.32.254: 80\n",
"[+] Checking 192.168.32.254: 110\n"
]
}
],
"prompt_number": 145
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"\n",
"#### Quiz!\n",
"\n",
"- \uc5ec\uae30\uc5d0\uc11c for\ubb38\uc740 \uba87 \ubc88\uc744 \ub3cc\uae4c\uc694?"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# 254 * 5\n",
"len( range(1, 255) ) * len( portList )"
],
"language": "python",
"metadata": {},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 259,
"text": [
"1270"
]
}
],
"prompt_number": 259
},
{
"cell_type": "code",
"collapsed": true,
"input": [
"cnt = 0\n",
"for x in range(1, 255):\n",
" for port in portList:\n",
" if not x in [1]:\n",
" #print '[+] Checking 172.16.190.' + str(x) + ': ' + str(port)\n",
" cnt += 1\n",
"print cnt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"1265\n"
]
}
],
"prompt_number": 263
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"![](\"files/images/1_vulscanner_structure.png\")
"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# 172.16.190.0/24 \uc11c\ube0c\ub137\uc5d0 \uc788\ub294 \ubaa8\ub4e0 255 \uc8fc\uc18c\ub97c \uc810\uac80\n",
"# \uc11c\ube44\uc2a4\ub294 telnet, SSH, smtp, http, imap, https \uc810\uac80\n",
"\n",
"import socket\n",
"\n",
"def retBanner(ip, port):\n",
" '''\uc11c\ubc84\uc5d0 \uc5f0\uacb0\ud574 \ubc30\ub108\uac12\uc744 \ub3cc\ub824 \ubc1b\ub294\ub2e4.'''\n",
" try:\n",
" socket.setdefaulttimeout(2)\n",
" s = socket.socket()\n",
" s.connect((ip, port))\n",
" banner = s.recv(1024)\n",
" return banner\n",
" except:\n",
" return\n",
"\n",
"def checkVulns(banner):\n",
" '''\ubc1b\uc740 \ubc30\ub108\uac12\uc73c\ub85c \ucde8\uc57d\ud55c \ubc84\uc804\uc778\uc9c0 \ud655\uc778\ud55c\ub2e4.'''\n",
" if ('FreeFloat Ftp Server (Version 1.00)' in banner):\n",
" print '[+] FreeFloat FTP Server is vulnerable.'\n",
" elif ('3Com 3CDaemon FTP Server Version 2.0' in banner):\n",
" print '[+] 3CDaemon FTP Server is vulnerable.'\n",
" elif ('Ability Server 2.34' in banner):\n",
" print '[+] Ability FTP Server is vulnerable.'\n",
" elif ('Sami FTP Server 2.0.2' in banner):\n",
" print '+] Sami FTP Server is vulnerable.'\n",
" else:\n",
" print '[-] FTP Server is not vulnerable.'\n",
" return\n",
"\n",
"# main\uc5d0\uc11c ip, port \uc9c0\uc815\ud558\uc5ec \n",
"def main():\n",
" '''\uc774\uc911 for\ubb38\uc73c\ub85c ip\uc640 port\ub97c \uc9c0\uc815\ud558\uc5ec retBanner \uc2e4\ud589\ud558\uace0\n",
" retBanner \uc788\uc73c\uba74 checkVulns \uc2e4\ud589'''\n",
" portList = [21, 22, 25, 80, 110, 443]\n",
"# for x in range(1, 255):\n",
" for x in range(159, 160):\n",
" ip = '192.168.32.' + str(x)\n",
" for port in portList:\n",
" banner = retBanner(ip, port)\n",
" if banner:\n",
" print '[+] ' + ip + ': ' + banner\n",
" checkVulns(banner)\n",
" \n",
"if __name__ == '__main__':\n",
" main()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] 192.168.32.159: 220 FreeFloat Ftp Server (Version 1.00)\r\n",
"\n",
"[+] FreeFloat FTP Server is vulnerable.\n"
]
}
],
"prompt_number": 147
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### \uc0dd\uac01\ud574 \ubcf4\ub294 \uc2dc\uac04\n",
"\n",
"checkVulns() \ud568\uc218\uc5d0 \ud56d\uc0c1 if, elif\ub85c \ucde8\uc57d\ud55c \ubc84\uc804\uc744 \ub123\uc5b4\uc57c \ud558\ub098?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"\uadc0\ucc2e\uc544..."
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"\uc880 \ub354 \uac04\ub2e8\ud788 \ud560 \uc218 \uc788\ub294 \ubc29\ubc95\uc740 \uc5c6\uc744\uae4c?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"\ub098\ub294 \ucde8\uc57d\ud55c \ubc84\uc804 \uc774\ub984\ub9cc \ucd94\uac00\ud558\uace0 \ud504\ub85c\uadf8\ub7a8\uc774 \uc54c\uc544\uc11c \ube44\uad50\ud574\uc8fc\ub294..?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"\uc880 \ub354 \uc9c4\ud589\ud558\uc790\uba74 \ucde8\uc57d\ud55c \ubc84\uc804\ub3c4 \uc54c\uc544\uc11c \ucd94\uac00 \uc2dc\ucf1c\uc8fc\ub294..?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"### \ud30c\uc77c I/O\n",
"\n",
"- \uc55e\uc758 \uc2a4\ud06c\ub9bd\ud2b8\uc5d0\uc11c\ub294 if\ubb38\uc744 \uc0ac\uc6a9\ud558\uc5ec \ud2b9\uc815 \ubc30\ub108\uac00 \ucde8\uc57d\ud55c\uc9c0 \ud655\uc778\ud558\uc9c0\ub9cc, \ub098\uc911\uc5d0 \uc0c8\ub85c\uc6b4 \ucde8\uc57d\ud55c \ubc30\ub108 \ubaa9\ub85d\uc744 \uc2a4\ud06c\ub9bd\ud2b8\uc5d0\uc11c \ud655\uc778\ud560 \uc218 \uc788\ub3c4\ub85d \ucd94\uac00\ud560 \uc218 \uc788\uc73c\uba74 \ub354\uc6b1 \uc720\uc6a9\n",
"- \uc774 \uae30\ub2a5\uc744 \uad6c\ud604\ud558\uae30 \uc704\ud574 vuln_banner.txt \ub77c\ub294 \ud14d\uc2a4\ud2b8 \ud30c\uc77c\uc774 \uc788\ub2e4\uace0 \uac00\uc815\n",
"- \uc774 \ud30c\uc77c\uc758 \uac01 \ub77c\uc778\uc5d0\ub294 \uc54c\ub824\uc9c4 \ucde8\uc57d\uc810\uacfc \ud568\uaed8 \ud2b9\uc815 \uc11c\ube44\uc2a4 \ubc84\uc804\uc774 \uc5f4\uac70\ub418\uc5b4\uc788\ub2e4\uace0 \uac00\uc815\n",
"- **\uac70\ub300\ud55c if\ubb38 vs txt \ud30c\uc77c \uac01 \ub77c\uc778\ub2e8\uc704\ub85c \uc77d\uae30**"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### \uac70\ub300\ud55c if\ubb38\n",
"\n",
" def checkVulns(banner):\n",
" '''\ubc1b\uc740 \ubc30\ub108\uac12\uc73c\ub85c \ucde8\uc57d\ud55c \ubc84\uc804\uc778\uc9c0 \ud655\uc778\ud55c\ub2e4.'''\n",
" if ('FreeFloat Ftp Server (Version 1.00)' in banner):\n",
" print '[+] FreeFloat FTP Server is vulnerable.'\n",
" elif ('3Com 3CDaemon FTP Server Version 2.0' in banner):\n",
" print '[+] 3CDaemon FTP Server is vulnerable.'\n",
" elif ('Ability Server 2.34' in banner):\n",
" print '[+] Ability FTP Server is vulnerable.'\n",
" elif ('Sami FTP Server 2.0.2' in banner):\n",
" print '+] Sami FTP Server is vulnerable.'\n",
" else:\n",
" print '[-] FTP Server is not vulnerable.'\n",
" return"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### \ucde8\uc57d\ud55c \ubc84\uc804 \ub9ac\uc2a4\ud2b8"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/vuln_banners.txt\n",
"3Com 3CDaemon FTP Server Version 2.0\n",
"Ability Server 2.34\n",
"CCProxy Telnet Service Ready\n",
"ESMTP TABS Mail Server for Windows NT\n",
"FreeFloat Ftp Server (Version 1.00)\n",
"IMAP4rev1 MDaemon 9.6.4 ready\n",
"MailEnable Service, Version: 0-1.54\n",
"NetDecision-HTTP-Server 1.0\n",
"PSO Proxy 0.9\n",
"SAMBAR\n",
"Sami FTP Server 2.0.2\n",
"Spipe 1.0\n",
"TelSrv 1.5\n",
"WDaemon 6.8.5\n",
"WinGate 6.1.1\n",
"Xitami\n",
"YahooPOPs! Simple Mail Transfer Service Ready"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "-"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/vuln_banners.txt\n"
]
}
],
"prompt_number": 148
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### \ucde8\uc57d\ud55c \ubc84\uc804\uc5d0 Add FTP \ucd94\uac00 -> \ub9e4\uc6b0 \uac04\ub2e8"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/vuln_banners.txt\n",
"3Com 3CDaemon FTP Server Version 2.0\n",
"Ability Server 2.34\n",
"CCProxy Telnet Service Ready\n",
"ESMTP TABS Mail Server for Windows NT\n",
"FreeFloat Ftp Server (Version 1.00)\n",
"IMAP4rev1 MDaemon 9.6.4 ready\n",
"MailEnable Service, Version: 0-1.54\n",
"NetDecision-HTTP-Server 1.0\n",
"PSO Proxy 0.9\n",
"SAMBAR\n",
"Sami FTP Server 2.0.2\n",
"Spipe 1.0\n",
"TelSrv 1.5\n",
"WDaemon 6.8.5\n",
"WinGate 6.1.1\n",
"Xitami\n",
"YahooPOPs! Simple Mail Transfer Service Ready\n",
"Add FTP to check vulnerable version 0.1 by geun young"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/vuln_banners.txt\n"
]
}
],
"prompt_number": 149
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!cat ch01/vuln_banners.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"3Com 3CDaemon FTP Server Version 2.0\r\n",
"Ability Server 2.34\r\n",
"CCProxy Telnet Service Ready\r\n",
"ESMTP TABS Mail Server for Windows NT\r\n",
"FreeFloat Ftp Server (Version 1.00)\r\n",
"IMAP4rev1 MDaemon 9.6.4 ready\r\n",
"MailEnable Service, Version: 0-1.54\r\n",
"NetDecision-HTTP-Server 1.0\r\n",
"PSO Proxy 0.9\r\n",
"SAMBAR\r\n",
"Sami FTP Server 2.0.2\r\n",
"Spipe 1.0\r\n",
"TelSrv 1.5\r\n",
"WDaemon 6.8.5\r\n",
"WinGate 6.1.1\r\n",
"Xitami\r\n",
"YahooPOPs! Simple Mail Transfer Service Ready\r\n",
"Add FTP to check vulnerable version 0.1 by geun young"
]
}
],
"prompt_number": 150
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### \uc5c5\ub370\uc774\ud2b8 \ub41c \ucf54\ub4dc\ub97c checkVulns \ud568\uc218\uc5d0 \ucd94\uac00\ud560 \uac83"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"try:\n",
" f = open('ch01/vuln_banners.txt')\n",
"except:\n",
" print 'err'"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 151
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### Strip\uc774\ub780?\n",
"\n",
"- \uc591\ud30c \uaecd\uc9c8 \ubc97\uae30\ub4ef\uc774 \ubb54\uac00\ub97c \ubc97\uaca8\ub0b4\uc11c \uc54c\ub9f9\uc774\ub97c \ubcf8\ub2e4\ub294 \ub73b\uc774\uc5d0\uc694."
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"s = ' aaa ccc \\t ddd \\t '"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 264
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print s"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
" aaa ccc \t ddd \t \n"
]
}
],
"prompt_number": 265
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"print s.strip()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"aaa ccc \t ddd\n"
]
}
],
"prompt_number": 266
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \uae00\uc790\uc218 \ud655\uc778\ud558\uba74 \ub2e4\ub978 \uac83\uc744 \uc54c \uc218 \uc788\ub2e4.\n",
"print len(s), len(s.strip())"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"22 13\n"
]
}
],
"prompt_number": 267
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# finally\ub85c file\uc744 \ub2eb\uc744 \ud544\uc694\uac00 \uc5c6\uc5b4\uc694.\n",
"def checkVulns(banner):\n",
" with open('ch01/vuln_banners.txt') as f:\n",
"# for line in f.readlines():\n",
" for line in f:\n",
" if line.strip('\\n') in banner:\n",
" print '[+] Server is vulnerable: ' + banner.strip('\\n')"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [],
"prompt_number": 156
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# Error \ubc1c\uc0dd\n",
"# def test_with():\n",
"# with open('ch01/vuln_banners.txt') as f:\n",
"# for line in f:\n",
"# print line.strip()\n",
"# except Exception, e:\n",
"# print e\n",
"# test_with()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [],
"prompt_number": 157
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# with open as f \ud14c\uc2a4\ud2b8 \ud574\ubd04\n",
"try:\n",
" with open('ch01/vuln_banners2.txt') as f:\n",
" for line in f:\n",
" print line.strip()\n",
"except Exception, e:\n",
" print e"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[Errno 13] Permission denied: 'ch01/vuln_banners2.txt'\n"
]
}
],
"prompt_number": 158
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### with .. as f\uc758 except \ucc98\ub9ac"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"from contextlib import contextmanager\n",
"@contextmanager\n",
"def opened_w_error(filename, mode=\"r\"):\n",
" try:\n",
" f = open(filename, mode)\n",
" except IOError, err:\n",
" yield None, err\n",
" else:\n",
" try:\n",
" yield f, None\n",
" finally:\n",
" f.close()\n",
"\n",
"with opened_w_error(\"ch01/vuln_banners.txt\", \"r\") as (f, err):\n",
" if err:\n",
" print \"IOError:\", err\n",
" else:\n",
" for line in f:\n",
" print line.strip()\n",
" \n",
"\n",
"with opened_w_error(\"/etc/passwd\", \"a\") as (f, err):\n",
" if err:\n",
" print \"IOError:\", err\n",
" else:\n",
" f.write(\"guido::0:0::/:/bin/sh\\n\")"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"3Com 3CDaemon FTP Server Version 2.0\n",
"Ability Server 2.34\n",
"CCProxy Telnet Service Ready\n",
"ESMTP TABS Mail Server for Windows NT\n",
"FreeFloat Ftp Server (Version 1.00)\n",
"IMAP4rev1 MDaemon 9.6.4 ready\n",
"MailEnable Service, Version: 0-1.54\n",
"NetDecision-HTTP-Server 1.0\n",
"PSO Proxy 0.9\n",
"SAMBAR\n",
"Sami FTP Server 2.0.2\n",
"Spipe 1.0\n",
"TelSrv 1.5\n",
"WDaemon 6.8.5\n",
"WinGate 6.1.1\n",
"Xitami\n",
"YahooPOPs! Simple Mail Transfer Service Ready\n",
"Add FTP to check vulnerable version 0.1 by geun young\n",
"IOError: [Errno 13] Permission denied: '/etc/passwd'\n"
]
}
],
"prompt_number": 159
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"- [Exception \ucc98\ub9ac](http://songhl1.tistory.com/25)\n",
"\n",
"![](\"files/images/exception.png\")
"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"### sys \ubaa8\ub4c8\n",
"\n",
"- \ud30c\uc774\uc36c \uc778\ud130\ud504\ub9ac\ud130\uac00 \uc0ac\uc6a9\ud558\uac70\ub098 \uc720\uc9c0\ud558\uace0 \uc788\ub294 \uac1d\uccb4\uc5d0 \uc811\uadfc\ud560 \uc218 \uc788\ub3c4\ub85d \ud574\uc90c\n",
"- \ud50c\ub798\uadf8, \ubc84\uc804, \uc815\uc218 \ucd5c\ub300 \ud06c\uae30, \uc0ac\uc6a9\ud560 \uc218 \uc788\ub294 \ubaa8\ub4c8, \uacbd\ub85c \ud6c4\ud06c, \ud45c\uc900 \uc624\ub958/in/out\uc758 \uc704\uce58, \uc778\ud130\ud504\ub9ac\ud130\uac00 \ud638\ucd9c\ud558\ub294 \ucee4\ub9e8\ub4dc\ub77c\uc778 \uc778\uc790\uac12 \ub4f1\uc774 \ud3ec\ud568\n",
"- http://docs.python.org/library/sys \uc5d0\uc11c \ub354 \ub9ce\uc740 \uc815\ubcf4\n",
"- \ub7f0\ud0c0\uc784\uc5d0 \ucee4\ub9e8\ub4dc\ub77c\uc778 \uc778\uc790\uac12\uc744 \uad6c\ubb38\ubd84\uc11d \ucc98\ub9ac\ud560 \uc218 \uc788\uc74c\n",
"- \ub9cc\uc57d \ucee4\ub9e8\ub4dc\ub77c\uc778\uc5d0\uc11c \ud14d\uc2a4\ud2b8 \ud30c\uc77c\uc758 \uc774\ub984\uc744 \uc785\ub825\ubc1b\uace0 \uc2f6\ub2e4\uba74 \uc5b4\ub5bb\uac8c \ud558\uaca0\ub294\uac00?\n",
"- sys.argv\ub77c\ub294 \ubc30\uc5f4\uc740 \ubaa8\ub4e0 \ucee4\ub9e8\ub4dc\ub77c\uc778 \uc778\uc790\uac12\uc744 \ud3ec\ud568\ud558\uace0 \uc788\ub2e4.\n",
"- sys.argv[0]: \ud30c\uc774\uc36c \uc2a4\ud06c\ub9bd\ud2b8\uc758 \uc774\ub984\n",
"- \ub098\uba38\uc9c0 \ubd80\ubd84: \ucee4\ub9e8\ub4dc\ub77c\uc778 \uc778\uc790\uac12\uc5d0 \uc788\ub294 \ubaa8\ub4e0 \uc544\uc774\ud15c\ub4e4\uc774 \ud3ec\ud568\ub418\uc5b4 \uc788\uc74c\n",
"- \ub530\ub77c\uc11c \ub9cc\uc57d \ud558\ub098\uc758 \uc778\uc790\uac12\uc744 \uc785\ub825\ud558\uc600\ub2e4\uba74, sys.argv\uc5d0\ub294 \ub450 \uac1c\uc758 \uc544\uc774\ud15c\uc774 \uc800\uc7a5\ub418\uc5b4 \uc788\uc744\uac83"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### \uc0dd\uac01\ud574 \ubcf4\ub294 \uc2dc\uac04\n",
"\n",
"\ub9cc\uc57d\uc5d0 \uc788\uc796\uc544...\n",
"\n",
"\uc6b0\ub9ac\uac00 \ucde8\uc57d\ud55c \ubc84\uc804\uc744 \uc800\uc7a5\ud574 \ub193\uc740 \ud30c\uc77c\uba85\uc744 vuln-banners.txt\uc5d0\uc11c i_hate_nogada.txt\ub85c \ubcc0\uacbd\ud55c\ub2e4\uace0 \ud574\ubcf4\uc790.\n",
"\n",
"\uadf8\ub7fc \uc6b0\ub9ac\ub294 \uc5b4\ub5bb\uac8c \ud574\uc57c\ud560\uae4c?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"\ub2f9\uc5f0\ud788 \ucf54\ub529\ud574 \ub193\uc740 \uc18c\uc2a4 \ucf54\ub4dc \ud30c\uc77c\uc744 \uc5f4\uc5b4\uc11c vuln-banners.txt -> i_hate_nogada.txt\ub85c \ubcc0\uacbd\ud574\uc57c\uaca0\uc9c0?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"\uc88b\uc544. \ubb50 \uc5ec\uae30\uae4c\uc9c0\ub294 \ucc38\uc744 \uc218 \uc788\uc5b4.\n",
"\uadfc\ub370 \uc788\uc796\uc544. \ub9e4\ubc88 \ud30c\uc77c\uba85\uc774 \ubc14\ub00c\uba74 \uc774\ub807\uac8c \ubc14\uafd4\uc918\uc57c \ub3fc??\n",
"\uadc0\ucc2e\ub2e4. \ubb54\uac00 \uc880 \ub354 \ud3b8\ud55c \ubc29\ubc95\uc774 \uc5c6\uc744\uae4c?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"#### \ud30c\uc77c\uba85\uc744 \uc778\uc790\ub85c \ubc1b\uc744 \uc218\ub294 \uc5c6\uc744\uae4c?!"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/vuln-scanner.py\n",
"import sys\n",
"if len(sys.argv) == 2:\n",
" filename = sys.argv[1]\n",
" print '[+] Reading Vulnerabilities From: ' + filename"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/vuln-scanner.py\n"
]
}
],
"prompt_number": 160
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# sys.argv[0] sys.argv[1]\n",
"!python ch01/vuln-scanner.py vuln-banners.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] Reading Vulnerabilities From: vuln-banners.txt\r\n"
]
}
],
"prompt_number": 161
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"### OS \ubaa8\ub4c8\n",
"\n",
"- OS \ubaa8\ub4c8\uc5d0\ub294 MAC, NT \ub610\ub294 Posix \uc6b4\uc601\uccb4\uc81c\uc5d0\uc11c \ud560 \uc218 \uc788\ub294 \ub2e4\uc591\ud55c OS \ub8e8\ud2f4\ub4e4\uc774 \ud3ec\ud568\n",
"- \ub3c5\ub9bd\uc801\uc73c\ub85c OS \ud658\uacbd, \ud30c\uc77c \uc2dc\uc2a4\ud15c, \uc0ac\uc6a9\uc790 \ub370\uc774\ud130\ubca0\uc774\uc2a4, \uad8c\ud55c \ub4f1\uc744 \uc0ac\uc6a9 \uac00\ub2a5\n",
"- \ud14d\uc2a4\ud2b8 \ud30c\uc77c\uc758 \uc774\ub984\uc744 \ucee4\ub9e8\ub4dc\ub77c\uc778 \uc778\uc790\uac12\uc73c\ub85c \uc804\ub2ec\ud55c \uac83\uc744 \uc0b4\ud3b4\ubcf4\uc790.\n",
"- \uc774 \ud30c\uc77c\uc774 **\uc2e4\uc81c\ub85c \uc874\uc7ac\ud558\ub294\uc9c0** \uadf8\ub9ac\uace0 \ud574\ub2f9 \ud30c\uc77c\uc5d0 **\ud604\uc7ac \uc0ac\uc6a9\uc790\uac00 \uc77d\uae30 \uad8c\ud55c\uc774 \uc788\ub294\uc9c0** \ud655\uc778\ud574\uc57c \ud560 \uc218\ub3c4 \uc788\uc74c\n",
"- \uc774 \ub458 \uc911\uc5d0 \ud558\ub098\uc758 \uc870\uac74\uc774\ub77c\ub3c4 \ucda9\uc871\uc2dc\ud0a4\uc9c0 \ubabb\ud55c\ub2e4\uba74 \uc0ac\uc6a9\uc790\uc5d0\uac8c \uc624\ub958 \uba54\uc2dc\uc9c0\ub97c \ubcf4\uc5ec\uc8fc\ub294 \uac83\ub3c4 \uc720\uc6a9\ud55c \uae30\ub2a5"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/test_confirm.py\n",
"import sys\n",
"import os\n",
"if len(sys.argv) == 2:\n",
" filename = sys.argv[1]\n",
" \n",
"if not os.path.isfile(filename):\n",
" print '[-] ' + filename + ' does not exist.'\n",
" exit(0)\n",
"if not os.access(filename, os.R_OK):\n",
" print '[-] ' + filename + ' access denied.'\n",
" exit(0)\n",
"print '[+] Reading Vulnerabilities From: ' + filename"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/test_confirm.py\n"
]
}
],
"prompt_number": 162
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"import os\n",
"help(os.access)"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Help on built-in function access in module posix:\n",
"\n",
"access(...)\n",
" access(path, mode) -> True if granted, False otherwise\n",
" \n",
" Use the real uid/gid to test for access to a path. Note that most\n",
" operations will use the effective uid/gid, therefore this routine can\n",
" be used in a suid/sgid environment to test if the invoking user has the\n",
" specified access to the path. The mode argument can be F_OK to test\n",
" existence, or the inclusive-OR of R_OK, W_OK, and X_OK.\n",
"\n"
]
}
],
"prompt_number": 163
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"os.R_OK"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 164,
"text": [
"4"
]
}
],
"prompt_number": 164
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \ud30c\uc77c\uc774 \uc5c6\uc744\ub54c\n",
"!python ch01/test_confirm.py ch01/vuln_banners_not_exist.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[-] ch01/vuln_banners_not_exist.txt does not exist.\r\n"
]
}
],
"prompt_number": 165
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# \uc815\uc0c1\uc801\uc73c\ub85c \ud30c\uc77c\uc744 \uc77d\uc5c8\uc744\ub584\n",
"!python ch01/test_confirm.py ch01/vuln_banners.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] Reading Vulnerabilities From: ch01/vuln_banners.txt\r\n"
]
}
],
"prompt_number": 166
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!cp ch01/vuln_banners.txt ch01/vuln_banners2.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"cp: ch01/vuln_banners2.txt: Permission denied\r\n"
]
}
],
"prompt_number": 167
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!chmod 000 ch01/vuln_banners2.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [],
"prompt_number": 168
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"\n",
"#### Quiz\n",
"\n",
"- chmod\ub294 \uc5b4\ub514\uc5d0 \uc4f0\ub294\uac70\ub0d0?\n",
"- [\ub9ac\ub205\uc2a4 \ud30c\uc77c \ud37c\ubbf8\uc158](http://root.so/%EB%A6%AC%EB%88%85%EC%8A%A4-%ED%8C%8C%EC%9D%BC-%ED%8D%BC%EB%AF%B8%EC%85%98/)"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"![](\"http://www.liquidweb.com/kb/images/permission-structure.png\")
\n",
"![](\"http://linuxcommand.org/images/permissions_diagram.gif\")
"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# access denied \ub410\uc744\ub54c\n",
"!python ch01/test_confirm.py ch01/vuln_banners2.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[-] ch01/vuln_banners2.txt access denied.\r\n"
]
}
],
"prompt_number": 169
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!ls -l ch01/"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"total 336\r\n",
"-rw-r--r-- 1 re4lfl0w staff 356 Jun 15 12:59 1thread.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 614 Jun 15 12:59 2process.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 447 Jun 15 12:59 2thread.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 0 Jun 14 14:43 __init__.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 103 Jun 14 14:43 __init__.pyc\r\n",
"-rw-r--r-- 1 re4lfl0w staff 57 Jun 23 2012 dictionary.txt\r\n",
"-rw-r--r-- 1 re4lfl0w staff 35755 Jun 23 2012 evil.zip\r\n",
"-rw-r--r-- 1 re4lfl0w staff 20 Jun 15 12:58 hello.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 35 Jun 15 13:20 main_test.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 148 Jun 15 13:20 main_test.pyc\r\n",
"-rw-r--r-- 1 re4lfl0w staff 91 Jun 15 13:20 main_test2.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 302 Jun 15 13:20 main_test2.pyc\r\n",
"-rw-r--r-- 1 re4lfl0w staff 122 Jun 15 11:50 passwd\r\n",
"-rw-r--r-- 1 re4lfl0w staff 122 Jun 23 2012 passwords.txt\r\n",
"-rw-r--r-- 1 re4lfl0w staff 149 Jun 10 17:59 reverse_slash.txt\r\n",
"-rw-r--r-- 1 re4lfl0w staff 122 Jun 13 13:58 shadow.txt\r",
"\r\n",
"-rw-r--r-- 1 re4lfl0w staff 1154 Jun 13 13:58 test_512_2.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 320 Jun 15 13:20 test_confirm.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 1575 Jun 7 18:54 test_last.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 477 Jun 7 18:24 test_original.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 659 Jun 7 18:24 test_process.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 642 Jun 7 19:46 test_process2.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 1529 Jun 13 13:58 test_sha512.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 501 Jun 7 18:24 test_thread.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 551 Jun 7 19:46 test_thread2.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 104 Jun 13 13:58 unzip.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 347 Jun 15 12:59 unzip3.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 146 Jun 15 12:59 unzip_except.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 503 Jun 15 12:59 unzip_module.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 496 Jun 15 12:59 unzip_thread.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 118 Jun 15 13:20 vuln-scanner.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 452 Jun 15 13:20 vuln_banners.txt\r\n",
"---------- 1 re4lfl0w staff 398 Jun 13 13:58 vuln_banners2.txt\r\n",
"-rw-r--r-- 1 re4lfl0w staff 1282 Jun 13 13:58 vuln_scanner.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 1291 Jun 15 12:59 zipcrack.py\r\n"
]
}
],
"prompt_number": 170
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"- \ucde8\uc57d\uc810 \uc2a4\uce90\ub2dd \uc2a4\ud06c\ub9bd\ud2b8\ub97c \ud558\ub098\ub85c \ud1b5\ud569\n",
"- \ud604\uc7ac \uc4f0\ub808\ub4dc \uae30\ub2a5 \uc9c0\uc6d0\ud558\uc9c0 \uc54a\ub354\ub77c\ub3c4, \ub354 \ub098\uc740 \uad6c\ubb38\ubd84\uc11d \ubc29\ubc95 \uc9c0\uc6d0 \ud560 \uac83\uc784"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/vuln_scanner.py\n",
"\n",
"import socket\n",
"import os\n",
"import sys\n",
"\n",
"def retBanner(ip, port):\n",
" try:\n",
" socket.setdefaulttimeout(2)\n",
" s = socket.socket()\n",
" s.connect((ip, port))\n",
" banner = s.recv(1024)\n",
" return banner\n",
" except:\n",
" return\n",
"\n",
"def checkVulns(banner, filename):\n",
" with open(filename, 'r') as f:\n",
" for line in f:\n",
" if line.strip('\\n') in banner:\n",
" print '[+] Server is vulnerable: ' + \\\n",
" banner.strip('\\n')\n",
"\n",
"def main():\n",
" if len(sys.argv) == 2:\n",
" filename = sys.argv[1]\n",
" if not os.path.isfile(filename):\n",
" print '[-] ' + filename + \\\n",
" ' does not exist.'\n",
" exit(0)\n",
" if not os.access(filename, os.R_OK):\n",
" print '[-] ' + filename + \\\n",
" ' access denied.'\n",
" exit(0)\n",
" else:\n",
" print '[-] Usage: ' + str(sys.argv[0]) + \\\n",
" ' '\n",
" exit(0)\n",
" \n",
" portList = [21, 22, 25, 80, 110, 443]\n",
" for x in range(159, 160):\n",
" ip = '192.168.32.' + str(x)\n",
" for port in portList:\n",
" banner = retBanner(ip, port)\n",
" \n",
" if banner:\n",
" \n",
" print '[+] ' + ip + ': ' + banner\n",
" checkVulns(banner, filename)\n",
"\n",
"if __name__ == '__main__':\n",
" main()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/vuln_scanner.py\n"
]
}
],
"prompt_number": 171
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!python ch01/vuln_scanner.py ch01/vuln_banners.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] 192.168.32.159: 220 FreeFloat Ftp Server (Version 1.00)\r",
"\r\n",
"\r\n",
"[+] Server is vulnerable: 220 FreeFloat Ftp Server (Version 1.00)\r",
"\r\n"
]
}
],
"prompt_number": 172
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!python ch01/vuln_scanner.py ch01/vuln_banners2.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[-] ch01/vuln_banners2.txt access denied.\r\n"
]
}
],
"prompt_number": 173
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!python ch01/vuln_scanner.py ch01/vuln_banners_not_exist.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[-] ch01/vuln_banners_not_exist.txt does not exist.\r\n"
]
}
],
"prompt_number": 174
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"![](\"files/images/killing_question.jpg\")
"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"## \uccab \ubc88\uc9f8 \ud30c\uc774\uc36c \ud504\ub85c\uadf8\ub7a8\n",
"\n",
"- \uc2a4\ud06c\ub9bd\ud2b8\ub97c \uc791\uc131\ud558\uba74\uc11c \uc65c \uc774\ub7ec\ud55c \ud504\ub85c\uadf8\ub7a8\uc774 \ud544\uc694\ud55c\uc9c0 \uacfc\uac70 \uc0ac\ub840\ub97c \ubc14\ud0d5\uc73c\ub85c \uc124\uba85\ud560 \uac83"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"### \uccab\ubc88\uc9f8 \ud30c\uc774\uc36c \ud504\ub85c\uadf8\ub7a8\uc744 \uc704\ud55c \uc900\ube44: \ubed0\uafb8\uae30\uc758 \uc54c\n",
"\n",
"- \ubed0\uafb8\uae30\uc758 \uc54c: \ucef4\ud4e8\ud130 \ucca9\ubcf4 \ud65c\ub3d9\uc758 \ubbf8\ub85c\uc18d\uc5d0\uc11c \uc2a4\ud30c\uc774 \ucd94\uc801\ud558\uae30\ub77c\ub294 \ucc45\uc5d0\uc11c \ubbf8\uad6d\uc758 \uad6d\uac00\uc5f0\uad6c\uc18c, \uad70\uc0ac\uc2dc\uc124, \ubc29\uc704\uc5c5\uccb4, \ub300\ud559 \ub4f1\uc744 \ud574\ud0b9\ud55c \ud574\ucee4\uc5d0 \ub300\ud55c \ub0b4\uc6a9\uc744 \uae30\ub85d\n",
"- \uacf5\uaca9\uacfc \ucd94\uc801\uc758 \uae30\uc220\uc801\uc740 \ub0b4\uc6a9\uc744 \uc138\ubd80\uc801\uc73c\ub85c \uc124\uba85\n",
"- \uacf5\uaca9\uc790\uc758 \ubc29\ubc95\ub860\uacfc \ud65c\ub3d9\uc5d0 \ub9e4\ub8cc\ub41c \uc2a4\ud1a8\uc740 \uc774\ubbf8 \ud574\ud0b9\ub41c \uc11c\ubc84\ub97c \ud504\ub9b0\ud130\uc5d0 \uc5f0\uacb0\ud558\uc5ec \uacf5\uaca9\uc790\uac00 \uc785\ub825\ud558\ub294 \ubaa8\ub4e0 \ud0a4\ub97c \ub85c\uae45\ud558\ub3c4\ub85d \ud588\ub2e4. \uadf8\ub9ac\uace0 \ub85c\uadf8\ub97c \ud655\uc778\ud558\ub358 \uc911 \ub9e4\uc6b0 \ud765\ubbf8\ub85c\uc6b4 \uc810\uc744 \ubc1c\uacac\ud588\ub2e4.\n",
"- \uc989\uc2dc \uc554\ud638\ud654\ub41c \ud328\uc2a4\uc6cc\ub4dc \ud30c\uc77c \ub2e4\uc6b4\ub85c\ub4dc\n",
"- \uacf5\uaca9\uc790\uac00 \ud0c8\ucde8\ud55c \uacc4\uc815\uc73c\ub85c \ub85c\uadf8\uc778\n",
"- \uc554\ud638\ud654\ub41c \ud328\uc2a4\uc6cc\ub4dc\ub97c \uc54c\uc544\ub0b4\uae30 \uc704\ud574 \ub515\uc154\ub108\ub9ac \uacf5\uaca9\uc744 \ud588\ub2e4\ub294 \uac83 \uc608\uc0c1\n",
"- \ud574\ucee4\ub294 \ub515\uc154\ub108\ub9ac\uc5d0 \uc788\ub294 \ubaa8\ub4e0 \ub2e8\uc5b4\ub97c \uc0ac\uc6a9\ud558\uc5ec \uc720\ub2c9\uc2a4\uc758 Crypt() \ud568\uc218\ub85c \uc554\ud638\ud654\ud55c \uac83\uc774\ub2e4.\n",
"- \uadf8\ub9ac\uace0 \uac01 \ud328\uc2a4\uc6cc\ub4dc\ub97c \uc554\ud638\ud654\ud55c \ud6c4\uc5d0 \ud574\ucee4\ub294 \ud0c8\ucde8\ud55c \ud328\uc2a4\uc6cc\ub4dc\uc640 \ube44\uad50\ud55c \uac83\n",
"- \ub9cc\uc57d \uc77c\uce58\ud558\ub294 \uac83\uc774 \uc788\ub2e4\uba74 \ud328\uc2a4\uc6cc\ub4dc \ud06c\ub798\ud0b9 \uc131\uacf5"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### \uc720\ub2c9\uc2a4 \ud328\uc2a4\uc6cc\ub4dc \uad6c\uc870\n",
"\n",
"- \ud53c\ud574\uc790\ub294 \ud328\uc2a4\uc6cc\ub4dc\ub85c \ud3c9\ubb38\uc758 egg\ub97c \uc0ac\uc6a9\ud588\uace0\n",
"- \uc194\ud2b8(salt)\ub294 \uccab\ubc88\uc9f8 \ub450 \ubc14\uc774\ud2b8, \uc5ec\uae30\uc11c\ub294 HX\ub97c \uc0ac\uc6a9\n",
"- \uc720\ub2c9\uc2a4\uc758 Crypt \ud568\uc218\ub294 crypt('egg', 'HX') = HX9LLTdc/jiDE\ub97c \uac00\uc9c0\uace0 \ud328\uc2a4\uc6cc\ub4dc\ub97c \uc554\ud638\ud654 \uc9c4\ud589"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"victim: HX9LLTdc/jiDE: 503:100:Iama Victim:/home/victim:/bin/sh\n",
"\n",
"root: DFNFxgW7C05fo: 504:100: Markus Hess:/root/:/bin/bash\n",
"\n",
"- [Understanding /etc/passwd File Format](http://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/)\n",
"- [/etc/shadow files structure](http://www.mannulinux.org/2013/09/etcshadow-file-structure.html)\n",
"\n",
"![](\"files/images/passwd_structure.png\")
"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"![](\"files/images/salt_structure.png\")
"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"- [WHY SHOULD I \"SALT\" MY PASSWORDS?](http://www.security-faqs.com/wp-content/uploads/2011/01/salting-passwords.jpg)\n",
"\n",
"![](\"http://www.security-faqs.com/wp-content/uploads/2011/01/salting-passwords.jpg\")
"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"- [How to encrypt user passwords](http://www.jasypt.org/howtoencryptuserpasswords.html)\n",
"\n",
"![](\"http://www.jasypt.org/images/passwordEncryption.png\")
"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"- [Hack hash passwords](http://joanpuigsanz.wordpress.com/2009/11/26/hack-hash-passwords/)\n",
"![](\"http://joanpuigsanz.files.wordpress.com/2009/11/hash_picture1_en.jpg?w=427&h=200\")
"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### Why? passwords\ub97c \ubcf5\uc7a1\ud558\uac8c \ud558\ub098?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"![](\"files/images/with_eugene.png\")
\n",
"\n",
"- [\uce74\uc2a4\ud37c\uc2a4\ud0a4\uac00 \uc81c\uc548\ud558\ub294 \ucd5c\uace0\uc758 \ubcf4\uc548 \ub300\ucc45 - ZDNet Korea](http://www.zdnet.co.kr/news/news_view.asp?artice_id=20140313153953&type=det)"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"
"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"### \uccab\ubc88\uc9f8 \uc2a4\ud06c\ub9bd\ud2b8 - \uc720\ub2c9\uc2a4 \ud328\uc2a4\uc6cc\ub4dc \ud06c\ub798\ucee4\n",
"\n",
"- \ud30c\uc774\uc36c \ud504\ub85c\uadf8\ub798\ubc0d \uc5b8\uc5b4\uc758 \uc9c4\uc815\ud55c \uac15\ub825\ud568\uc740 \ubc14\ub85c \uac01\uc591\uac01\uc0c9\uc758 \ud45c\uc900 \ubc0f \uc678\ubd80 \ub77c\uc774\ube0c\ub7ec\ub9ac\uc5d0 \uc788\ub2e4.\n",
"- \uc720\ub2c9\uc2a4 \ud328\uc2a4\uc6cc\ub4dc \ud06c\ub798\ucee4\ub97c \ub9cc\ub4e4\uae30 \uc704\ud574\uc11c\ub294 \uba3c\uc800 \uc720\ub2c9\uc2a4 \ud328\uc2a4\uc6cc\ub4dc\ub97c \ud574\uc26c\ud654\ud558\ub294 crypt() \uc54c\uace0\ub9ac\uc998\uc744 \uc0ac\uc6a9\ud574\uc57c \ud568"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"help('crypt')"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Help on module crypt:\n",
"\n",
"NAME\n",
" crypt\n",
"\n",
"FILE\n",
" /Applications/Canopy.app/appdata/canopy-1.3.0.1715.macosx-x86_64/Canopy.app/Contents/lib/python2.7/lib-dynload/crypt.so\n",
"\n",
"MODULE DOCS\n",
" http://docs.python.org/library/crypt\n",
"\n",
"FUNCTIONS\n",
" crypt(...)\n",
" crypt(word, salt) -> string\n",
" word will usually be a user's password. salt is a 2-character string\n",
" which will be used to select one of 4096 variations of DES. The characters\n",
" in salt must be either \".\", \"/\", or an alphanumeric character. Returns\n",
" the hashed password as a string, which will be composed of characters from\n",
" the same alphabet as the salt.\n",
"\n",
"\n"
]
}
],
"prompt_number": 175
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"#### crypt() \ud568\uc218\ub85c \ud328\uc2a4\uc6cc\ub4dc\ub97c \ud574\uc26c\ud654\n",
"\n",
"- \uc6d0\ud558\ub294 \uc194\ud2b8\uac12\uacfc \ud568\uaed8 \ub515\uc154\ub108\ub9ac\uc5d0 \uc788\ub294 \ubaa8\ub4e0 \uc694\uc18c\ub97c \uacc4\uc0b0\ud558\ub3c4\ub85d \ubc18\ubcf5\ud558\ub294 \ud504\ub85c\uadf8\ub7a8 \ub9cc\ub4e4 \uc218 \uc788\uc74c"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"import crypt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 176
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# victim \uacc4\uc815\uc758 \ud328\uc2a4\uc6cc\ub4dc\uc640 \uc77c\uce58\ud558\ub294 \uac83 \ud655\uc778\n",
"crypt.crypt('egg', 'HX')"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 177,
"text": [
"'HX9LLTdc/jiDE'"
]
}
],
"prompt_number": 177
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"source": [
"- \ud504\ub85c\uadf8\ub7a8\uc744 \uc791\uc131\ud558\uae30 \uc704\ud574 2\uac1c\uc758 \ud568\uc218\ub97c \ub9cc\ub4e4 \uac83\n",
"- \ud558\ub098\ub294 main, \ub2e4\ub978 \ud558\ub098\ub294 testpass\n",
"- \uc11c\ub85c \ub2e4\ub978 \uae30\ub2a5\ub4e4\uc740 \ubd84\ub9ac\ud558\uc5ec \uc11c\ub85c \ub2e4\ub978 \ud568\uc218\ub85c \ub9cc\ub4dc\ub294 \uac83\uc774 \uc720\uc6a9\n",
"\n",
"- main \ud568\uc218\ub294 \uc554\ud638\ud654\ub41c \ud328\uc2a4\uc6cc\ub4dc \ud30c\uc77c\uc778 'passwords.txt'\ub97c \uc5f4\uace0 \ud328\uc2a4\uc6cc\ub4dc \ud30c\uc77c\uc5d0 \uc788\ub294 \uac01 \ub77c\uc778\uc744 \uc77d\uc5b4\uc628\ub2e4.\n",
"- \uadf8\ub9ac\uace0 \uac01 \ub77c\uc778\ub9c8\ub2e4 \uc0ac\uc6a9\uc790 \uc774\ub984\uacfc \ud574\uc26c\ud654\ub41c \ud328\uc2a4\uc6cc\ub4dc\ub97c \ubd84\ub9ac\ud55c\ub2e4.\n",
"- \uadf8\ub9ac\uace0 \uac01 \ud574\uc26c\ud654\ub41c \ud328\uc2a4\uc6cc\ub4dc\ub9c8\ub2e4 main \ud568\uc218\ub294 testPass() \ud568\uc218\ub97c \ud638\ucd9c\ud558\uc5ec \ub515\uc154\ub108\ub9ac\uc5d0 \ud30c\uc77c\uc5d0 \uc788\ub294 \ud328\uc2a4\uc6cc\ub4dc\uc640 \uc77c\uce58\ud558\ub294\uc9c0 \ud655\uc778\n",
"\n",
"- \ud568\uc218 testPass()\ub294 \uc554\ud638\ud654\ub41c \ud328\uc2a4\uc6cc\ub4dc\ub97c \uc778\uc790\uac12\uc73c\ub85c \uc785\ub825 \ubc1b\uc740 \ud6c4\uc5d0 \ud328\uc2a4\uc6cc\ub4dc\ub97c \ucc3e\uac70\ub098 \uc544\ub2c8\uba74 \ub515\uc154\ub108\ub9ac\uc5d0 \uc788\ub294 \ubaa8\ub4e0 \ub2e8\uc5b4\ub97c \ub300\uc785\ud574\ubcf8 \ud6c4\uc5d0 \ubc18\ud658\n",
"- \uc5ec\uae30\uc11c \uc8fc\ubaa9\ud560 \uc810\uc740 \ucf54\ub4dc\uc5d0\uc11c \uc554\ud638\ud654\ub41c \ud328\uc2a4\uc6cc\ub4dc \ud574\uc2dc\uc5d0\uc11c \uccab\ubc88\uc9f8 \ub450 \ubb38\uc790\ub97c \uc0ac\uc6a9\ud558\uc5ec \uc194\ud2b8\ub97c \ub9cc\ub4e0\ub2e4\ub294 \uac83\n",
"- \ub2e4\uc74c\uc73c\ub85c, \ud568\uc218\ub294 \ub515\uc154\ub108\ub9ac\ub97c \uc5f4\uc5b4\uc11c \ub515\uc154\ub108\ub9ac\uc5d0 \uc788\ub294 \uac01 \ub2e8\uc5b4\ub97c \uc77d\uc5b4\uc628\ub2e4. \uadf8\ub9ac\uace0 \ub2e8\uc5b4\ub9c8\ub2e4 \uc194\ud2b8\ub97c \uc0ac\uc6a9\ud558\uc5ec \ud328\uc2a4\uc6cc\ub4dc \ud574\uc2dc\ub97c \uc0dd\uc131\n",
"- \uadf8\ub9ac\uace0 \uacb0\uacfc\uac12\uc774 \uc554\ud638\ud654\ub41c \ud328\uc2a4\uc6cc\ub4dc \ud574\uc2dc\uc640 \ub3d9\uc77c\ud558\uba74 \ud568\uc218\ub294 \ud328\uc2a4\uc6cc\ub4dc\ub97c \ucc3e\uc558\ub2e4\ub294 \uba54\uc2dc\uc9c0\uc640 \ud568\uaed8 \uc885\ub8cc\n",
"- \uadf8\ub807\uc9c0 \uc54a\uc73c\uba74 \ub515\uc154\ub108\ub9ac\uc5d0 \uc788\ub294 \ubaa8\ub4e0 \ub2e8\uc5b4\ub97c \uacc4\uc18d \ud14c\uc2a4\ud2b8"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"#### \uc6b0\ub9ac\uac00 \ud0c8\ucde8\ud55c passwords"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!cat ch01/passwords.txt"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"victim: HX9LLTdc/jiDE: 503:100:Iama Victim:/home/victim:/bin/sh\r\n",
"root: DFNFxgW7C05fo: 504:100: Markus Hess:/root:/bin/bash\r\n"
]
}
],
"prompt_number": 179
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"#### \uc6b0\ub9ac\uac00 \ub300\uc785\ud560 dictionary"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!cat ch01/dictionary.txt"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"apple\r\n",
"orange\r\n",
"egg\r\n",
"lemon\r\n",
"grapes\r\n",
"secret\r\n",
"strawberry\r\n",
"password\r\n"
]
}
],
"prompt_number": 181
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
""
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"source": [
"#### \ud55c\uae00 \uc8fc\uc11d \ubb38\uc81c \ubc1c\uc0dd\uc2dc \uc18c\uc2a4\ucf54\ub4dc \uc81c\uc77c \uc704\uc5d0 \ucd94\uac00(ascii encoding blah~~)\n",
"\n",
" # -*- coding: utf-8\n",
" import sys\n",
" reload(sys)\n",
" sys.setdefaultencoding('utf-8')"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"![](\"files/images/dict_attack1.png\")
"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# %%writefile ch01/test_pass.py\n",
"import crypt\n",
"\n",
"def testPass(cryptPass):\n",
" '''dictionary \ud30c\uc77c\uc744 \uc77d\uc5b4\uc11c \ub300\uc785 word\uc640 salt\ub97c \ubb36\uc5b4\uc11c \uc554\ud638\ubb38\uc744 \ub9cc\ub4e0\ub2e4.\n",
" \uc0c8\ub85c \ub9cc\ub4e4\uc5b4\uc9c4 \uc554\ud638\ubb38\uacfc \uc6b0\ub9ac\uac00 \ud0c8\ucde8\ud55c \uc554\ud638\ubb38\uacfc \ube44\uad50\ud574\uc11c \uac19\ub2e4\uba74 \ub300\uc785 word\uac00\n",
" \uc6d0\ub798 \uc0ac\uc6a9\uc790\uc758 \uc554\ud638\ub2e4.'''\n",
" # \uc81c\uc77c \uc55e\uc5d0 2\uac1c\ub294 salt\n",
" salt = cryptPass[0:2]\n",
" dictionary = 'ch01/dictionary.txt'\n",
" dictFile = open(dictionary, 'r')\n",
" for word in dictFile:\n",
" word = word.strip('\\n')\n",
" # crypt \uba54\uc18c\ub4dc\uc5d0 dictionary\uc5d0\uc11c \uc77d\uc740 \ub77c\uc778\ubcc4 word\uc640 \n",
" # salt(\uc774\uac74 \uc704\uc5d0\uc11c 1\ubc88\ub9cc \uc77d\uc73c\uba74 \ub428)\ub97c \ub123\uc74c\n",
" cryptWord = crypt.crypt(word, salt)\n",
" # \uc0c8\ub85c \ub9cc\ub4e0 \uc554\ud638\ubb38\uacfc \uc6b0\ub9ac\uac00 \uc5bb\uc5b4 \uc628 \uc554\ud638\ubb38\uacfc \ub611\uac19\uc740\uc9c0 \ube44\uad50\n",
" if(cryptWord == cryptPass):\n",
" print '[+] Found Password: ' + word + '\\n'\n",
" return\n",
" print '[-] Password Not Found. \\n'\n",
" return\n",
"\n",
"def main():\n",
" '''\uc554\ud638\ud654\ub41c passwords \ud30c\uc77c\uc744 \uc5f4\uc5b4\uc11c testPass\ub97c \ud638\ucd9c\ud558\uc5ec dictionary \ubc29\uc2dd\uc73c\ub85c \n",
" \uc554\ud638\ub97c Brute Forcing \ud55c\ub2e4.'''\n",
" passwords = 'ch01/passwords.txt'\n",
" passFile = open(passwords)\n",
" for line in passFile:\n",
" # ':' \uc774 \uc788\uc744 \ub54c\ub9cc\n",
" if ':' in line:\n",
" # :\uc758 \uc55e\ubd80\ubd84\uc740 user: victim, root\n",
" user = line.split(':')[0]\n",
" # : \ub4a4\uc758 \ubd80\ubd84\uc774 HX~\n",
" cryptPass = line.split(':')[1].strip(' ')\n",
" print '[*] Cracking Password For: ' + user\n",
" # : \ub4a4\uc758 \ubd80\ubd84\uc744 testPass\uc5d0 \ub118\uaca8\uc90c. \uc6b0\ub9ac\uac00 \ud480\uc5b4\uc57c \ud560 \uc554\ud638\ubb38\n",
" testPass(cryptPass)\n",
"\n",
"if __name__ == '__main__':\n",
" main()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[*] Cracking Password For: victim\n",
"[+] Found Password: egg\n",
"\n",
"[*] Cracking Password For: root\n",
"[-] Password Not Found. \n",
"\n"
]
}
],
"prompt_number": 182
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"#### split\uacfc strip"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"s = '''victim: HX9LLTdc/jiDE: 503:100:Iama Victim:/home/victim:/bin/sh'''\n",
"print s"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"victim: HX9LLTdc/jiDE: 503:100:Iama Victim:/home/victim:/bin/sh\n"
]
}
],
"prompt_number": 183
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"s.split(':')"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 184,
"text": [
"['victim',\n",
" ' HX9LLTdc/jiDE',\n",
" ' 503',\n",
" '100',\n",
" 'Iama Victim',\n",
" '/home/victim',\n",
" '/bin/sh']"
]
}
],
"prompt_number": 184
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"s.split(':')[1].strip()[0:2]"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"metadata": {},
"output_type": "pyout",
"prompt_number": 185,
"text": [
"'HX'"
]
}
],
"prompt_number": 185
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
" \n",
"#### Quiz\n",
"\n",
"- \ud328\uc2a4\uc6cc\ub4dc\ub97c \ucc3e\uc558\ub2e4. \uc774\uac78 \uc77c\uc77c\uc774 print\ubb38\uc73c\ub85c \ucd9c\ub825\ud558\uba74 \ub098\uc911\uc5d0 \ucc3e\uae30\uac00 \ud798\ub4e4\ub2e4. \n",
"- \uc5b4\ub5bb\uac8c \ud558\ub294 \ubc29\ubc95\uc774 \ub098\uc911\uc5d0 \uc790\ub3d9\ud654\ub97c \ud558\uae30\uc5d0 \uc88b\uc744\uae4c\uc694?"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"#### Book Quiz\n",
"\n",
"- \ucd5c\uc2e0 \uc720\ub2c9\uc2a4\ub098 \ub9ac\ub205\uc2a4 \uacc4\uc5f4\uc758 \uc6b4\uc601\uccb4\uc81c\uc5d0\uc11c\ub294 /etc/shadow \ud30c\uc77c\uc5d0 \ud574\uc2dc\ud654\ub41c \ud328\uc2a4\uc6b0\ub354\ub97c \uc800\uc7a5\ud558\uace0 \ub354\uc6b1 \ubcf4\uc548\uc801\uc73c\ub85c \uc548\uc804\ud55c \ud574\uc2dc\ud654 \uc54c\uace0\ub9ac\uc998 \uc0ac\uc6a9\n",
"- SHA-512 \uae30\ub2a5\uc740 \ud30c\uc774\uc36c hashlib \uc5d0 \uc788\uc74c\n",
"- \uc5ec\ub7ec\ubd84\uc758 \uacfc\uc81c\ub294 **SHA-512 \ud574\uc2dc\ub97c \uc0ac\uc6a9\ud558\ub294 \ud328\uc2a4\uc6cc\ub4dc\ub97c \ud06c\ub798\ud0b9\ud558\ub294 \uc2a4\ud06c\ub9bd\ud2b8\ub85c \uc5c5\ub370\uc774\ud2b8** \ud558\ub294 \uac83\n",
"\n",
"-----\n",
"\n",
"#### SHA-512 \uc0bd\uc9c8\uae30\n",
"\n",
"- [Retriving passwords /etc/shadow](http://geraintw.blogspot.kr/2013/03/retriving-passwords-etcshadow.html): hash \uad6c\uc870\uc5d0 \ub300\ud574\uc11c \ub098\uc634"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# cat /etc/shadow | grep root\n",
"# root:$6$ms32yIGN$NyXj0Yofkk14MpRwFHvXQW0yvUid.slJtgxHE2EuQqgD74S/GaGGs5VCnqeC.bS0MzTf/EFS3uspQMNeepIAc.:15503:0:99999:7:::"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [],
"prompt_number": 186
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!cat ch01/dictionary.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"apple\r\n",
"orange\r\n",
"egg\r\n",
"lemon\r\n",
"grapes\r\n",
"secret\r\n",
"strawberry\r\n",
"password\r\n"
]
}
],
"prompt_number": 187
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"#### \ucc45\uc5d0 \uc788\ub294 shadow.txt"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/shadow.txt\n",
"root:$6$ms32yIGN$NyXj0Yofkk14MpRwFHvXQW0yvUid.slJtgxHE2EuQqgD74S/GaGGs5VCnqeC.bS0MzTf/EFS3uspQMNeepIAc.:15503:0:99999:7:::"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/shadow.txt\n"
]
}
],
"prompt_number": 188
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/test_sha512.py\n",
"# This source is not exactly.\n",
"import os,sys\n",
"import crypt\n",
"import codecs\n",
"from datetime import datetime,timedelta\n",
"import argparse\n",
"\n",
"def testPass(cryptPass,user):\n",
" \n",
" dicFile = open ('ch01/dictionary.txt','r')\n",
" ctype = cryptPass.split(\"$\")[1]\n",
" \n",
" if ctype == '6':\n",
" print \"[+] Hash type SHA-512 detected ...\"\n",
" print \"[+] Be patien ...\"\n",
" salt = cryptPass.split(\"$\")[2]\n",
" insalt = \"$\" + ctype + \"$\" + salt + \"$\"\n",
" for word in dicFile.readlines():\n",
" word=word.strip('\\n')\n",
" cryptWord = crypt.crypt(word,insalt)\n",
" if (cryptWord == cryptPass):\n",
" time = time = str(datetime.today() - today)\n",
" print \"[+] Found password for the user: \" + user + \" ====> \" + word + \" Time: \"+time+\"\\n\"\n",
" return\n",
" else:\n",
" print \"Nothing found, bye!!\"\n",
" break\n",
"\n",
"def main():\n",
" \n",
" parse = argparse.ArgumentParser(description=\\\n",
" 'A simple brute force /etc/shadow .')\n",
" parse.add_argument('-f', action='store', dest='path', \\\n",
" help='Path to shadow file, example: \\'/etc/shadow\\'')\n",
" argus=parse.parse_args()\n",
" if argus.path == None:\n",
" parse.print_help()\n",
" else:\n",
" passFile = open (argus.path,'r')\n",
" for line in passFile.readlines():\n",
" line = line.replace(\"\\n\",\"\").split(\":\")\n",
" if not line[1] in [ 'x', '*','!' ]:\n",
" user = line[0]\n",
" cryptPass = line[1]\n",
" testPass(cryptPass,user)\n",
"\n",
"if __name__==\"__main__\":\n",
" main()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/test_sha512.py\n"
]
}
],
"prompt_number": 189
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!python ch01/test_sha512.py -f ch01/shadow.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] Hash type SHA-512 detected ...\r\n",
"[+] Be patien ...\r\n",
"Nothing found, bye!!\r\n"
]
}
],
"prompt_number": 190
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/test_512_2.py\n",
"import crypt\n",
"import hashlib\n",
"\n",
"def testPass(cryptPass):\n",
" salt=cryptPass.split('$')[2]\n",
" print '[i] salt = ' + salt\n",
" myPass=cryptPass.split('$')[3]\n",
" print 'myPass ', myPass\n",
" dictFile = open('ch01/dictionary.txt', 'r')\n",
" for word in dictFile.readlines():\n",
" word = word.strip('\\n')\n",
" cryptWord = crypt.crypt(word, '$6$' + salt + '$')\n",
" print cryptWord\n",
" cryptWord = cryptWord.split('$')[3]\n",
" if cryptWord==myPass:\n",
" print '[+] Found password: ' + word + '\\n'\n",
" return\n",
" print '[-] Password not found.\\n'\n",
" return\n",
"\n",
"def main():\n",
" passwords = 'ch01/shadow.txt'\n",
" passFile = open(passwords)\n",
" for line in passFile:\n",
" # ':' \uc774 \uc788\uc744 \ub54c\ub9cc\n",
" if ':' in line:\n",
" # :\uc758 \uc55e\ubd80\ubd84\uc740 user: victim, root\n",
" user = line.split(':')[0]\n",
" # : \ub4a4\uc758 \ubd80\ubd84\uc774 HX~\n",
" cryptPass = line.split(':')[1].strip(' ')\n",
" print '[*] Cracking Password For: ' + user\n",
" # : \ub4a4\uc758 \ubd80\ubd84\uc744 testPass\uc5d0 \ub118\uaca8\uc90c. \uc6b0\ub9ac\uac00 \ud480\uc5b4\uc57c \ud560 \uc554\ud638\ubb38\n",
" testPass(cryptPass)\n",
"\n",
" \n",
"if __name__ == '__main__':\n",
" main()"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/test_512_2.py\n"
]
}
],
"prompt_number": 191
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
""
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"------\n",
"\n",
"### \ub450\ubc88\uc9f8 \ud504\ub85c\uadf8\ub7a8: \uc120\uc744 \uc704\ud574 \uc545\uc744 \uc0ac\uc6a9\ud558\uae30\n",
"\n",
"- Cyber Fast Track \ud504\ub85c\uadf8\ub7a8: \uacf5\uaca9\uc801\uc778 \ud234\uc774\ub098 \ubc29\uc5b4\uc801\uc778 \ud234\uc774\ub77c\ub294 \uac83\uc740 \uc5c6\uace0 \ub2e8\uc21c\ud788 \ud234\ub9cc \uc874\uc7ac\ud560 \ubfd0\n",
"- \uae0d\uc815\uc801\uc778 \uc608\ub85c\ub294 \uc544\ub3d9 \ud3ec\ub974\ub178 \uc18c\uc9c0\uc790\uc758 \ucef4\ud4e8\ud130\ub97c \uc218\uc0c9\ud574\uc11c \ud328\uc2a4\uc6cc\ub4dc\ub85c \ubcf4\ud638\ub418\uace0 \uc788\ub294 zip \ud30c\uc77c\uc744 \ud574\ub3c5\ud55c \uac83\n",
"- \ubb34\ucc28\ubcc4 \ub300\uc785 \ud328\uc2a4\uc6cc\ub4dc \uae30\ubc95\uc744 \uc0ac\uc6a9\ud558\uc5ec \ub610 \ub2e4\ub978 \ud504\ub85c\uadf8\ub7a8\uc744 \ub9cc\ub4e4\uc5b4 \ubcf4\uc790.\n",
"\n",
"### \ub450\ubc88\uc9f8 \uc791\ud488 - \uc555\ucd95\ud30c\uc77c \ud328\uc2a4\uc6cc\ub4dc \ud06c\ub798\ucee4\n",
"\n",
"- \uba3c\uc800 zipfile \ub77c\uc774\ube0c\ub7ec\ub9ac\ub97c \uc0b4\ud3b4\ubcf4\ub294 \uac83\uc73c\ub85c \uc555\ucd95\ud30c\uc77c \ud06c\ub798\ucee4 \ud504\ub85c\uadf8\ub7a8\uc758 \uc791\uc131\uc744 \uc2dc\uc791\n",
"- zipfile \ud074\ub798\uc2a4\uc640 \uc774 \ud30c\uc77c\uc5d0 \uc788\ub294 extractall() \uba54\uc18c\ub4dc\ub97c \uc0b4\ud3b4\ubcf4\uc790.\n",
"- \uc8fc\ubaa9\ud560 \uc810\uc740 **extractall()\uc5d0 \ud328\uc2a4\uc6cc\ub4dc\ub97c \uc785\ub825\ud560 \uc218 \uc788\ub294 \uc120\ud0dd\uc801 \ud30c\ub77c\ubbf8\ud130\uac00 \uc788\ub2e4\ub294 \uac83** -> \uc790\ub3d9 \ub300\uc785\uc744 \ud574\ubcfc \uc218 \uc788\ub2e4\ub294 \ub9d0"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"help('zipfile')"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Help on module zipfile:\n",
"\n",
"NAME\n",
" zipfile - Read and write ZIP files.\n",
"\n",
"FILE\n",
" /Applications/Canopy.app/appdata/canopy-1.3.0.1715.macosx-x86_64/Canopy.app/Contents/lib/python2.7/zipfile.py\n",
"\n",
"MODULE DOCS\n",
" http://docs.python.org/library/zipfile\n",
"\n",
"CLASSES\n",
" __builtin__.object\n",
" ZipFile\n",
" PyZipFile\n",
" ZipInfo\n",
" exceptions.Exception(exceptions.BaseException)\n",
" BadZipfile\n",
" LargeZipFile\n",
" \n",
" class BadZipfile(exceptions.Exception)\n",
" | Method resolution order:\n",
" | BadZipfile\n",
" | exceptions.Exception\n",
" | exceptions.BaseException\n",
" | __builtin__.object\n",
" | \n",
" | Data descriptors defined here:\n",
" | \n",
" | __weakref__\n",
" | list of weak references to the object (if defined)\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Methods inherited from exceptions.Exception:\n",
" | \n",
" | __init__(...)\n",
" | x.__init__(...) initializes x; see help(type(x)) for signature\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Data and other attributes inherited from exceptions.Exception:\n",
" | \n",
" | __new__ = \n",
" | T.__new__(S, ...) -> a new object with type S, a subtype of T\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Methods inherited from exceptions.BaseException:\n",
" | \n",
" | __delattr__(...)\n",
" | x.__delattr__('name') <==> del x.name\n",
" | \n",
" | __getattribute__(...)\n",
" | x.__getattribute__('name') <==> x.name\n",
" | \n",
" | __getitem__(...)\n",
" | x.__getitem__(y) <==> x[y]\n",
" | \n",
" | __getslice__(...)\n",
" | x.__getslice__(i, j) <==> x[i:j]\n",
" | \n",
" | Use of negative indices is not supported.\n",
" | \n",
" | __reduce__(...)\n",
" | \n",
" | __repr__(...)\n",
" | x.__repr__() <==> repr(x)\n",
" | \n",
" | __setattr__(...)\n",
" | x.__setattr__('name', value) <==> x.name = value\n",
" | \n",
" | __setstate__(...)\n",
" | \n",
" | __str__(...)\n",
" | x.__str__() <==> str(x)\n",
" | \n",
" | __unicode__(...)\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Data descriptors inherited from exceptions.BaseException:\n",
" | \n",
" | __dict__\n",
" | \n",
" | args\n",
" | \n",
" | message\n",
" \n",
" class LargeZipFile(exceptions.Exception)\n",
" | Raised when writing a zipfile, the zipfile requires ZIP64 extensions\n",
" | and those extensions are disabled.\n",
" | \n",
" | Method resolution order:\n",
" | LargeZipFile\n",
" | exceptions.Exception\n",
" | exceptions.BaseException\n",
" | __builtin__.object\n",
" | \n",
" | Data descriptors defined here:\n",
" | \n",
" | __weakref__\n",
" | list of weak references to the object (if defined)\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Methods inherited from exceptions.Exception:\n",
" | \n",
" | __init__(...)\n",
" | x.__init__(...) initializes x; see help(type(x)) for signature\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Data and other attributes inherited from exceptions.Exception:\n",
" | \n",
" | __new__ = \n",
" | T.__new__(S, ...) -> a new object with type S, a subtype of T\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Methods inherited from exceptions.BaseException:\n",
" | \n",
" | __delattr__(...)\n",
" | x.__delattr__('name') <==> del x.name\n",
" | \n",
" | __getattribute__(...)\n",
" | x.__getattribute__('name') <==> x.name\n",
" | \n",
" | __getitem__(...)\n",
" | x.__getitem__(y) <==> x[y]\n",
" | \n",
" | __getslice__(...)\n",
" | x.__getslice__(i, j) <==> x[i:j]\n",
" | \n",
" | Use of negative indices is not supported.\n",
" | \n",
" | __reduce__(...)\n",
" | \n",
" | __repr__(...)\n",
" | x.__repr__() <==> repr(x)\n",
" | \n",
" | __setattr__(...)\n",
" | x.__setattr__('name', value) <==> x.name = value\n",
" | \n",
" | __setstate__(...)\n",
" | \n",
" | __str__(...)\n",
" | x.__str__() <==> str(x)\n",
" | \n",
" | __unicode__(...)\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Data descriptors inherited from exceptions.BaseException:\n",
" | \n",
" | __dict__\n",
" | \n",
" | args\n",
" | \n",
" | message\n",
" \n",
" class PyZipFile(ZipFile)\n",
" | Class to create ZIP archives with Python library files and packages.\n",
" | \n",
" | Method resolution order:\n",
" | PyZipFile\n",
" | ZipFile\n",
" | __builtin__.object\n",
" | \n",
" | Methods defined here:\n",
" | \n",
" | writepy(self, pathname, basename='')\n",
" | Add all files from \"pathname\" to the ZIP archive.\n",
" | \n",
" | If pathname is a package directory, search the directory and\n",
" | all package subdirectories recursively for all *.py and enter\n",
" | the modules into the archive. If pathname is a plain\n",
" | directory, listdir *.py and enter all modules. Else, pathname\n",
" | must be a Python *.py file and the module will be put into the\n",
" | archive. Added modules are always module.pyo or module.pyc.\n",
" | This method will compile the module.py into module.pyc if\n",
" | necessary.\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Methods inherited from ZipFile:\n",
" | \n",
" | __del__(self)\n",
" | Call the \"close()\" method in case the user forgot.\n",
" | \n",
" | __enter__(self)\n",
" | \n",
" | __exit__(self, type, value, traceback)\n",
" | \n",
" | __init__(self, file, mode='r', compression=0, allowZip64=False)\n",
" | Open the ZIP file with mode read \"r\", write \"w\" or append \"a\".\n",
" | \n",
" | close(self)\n",
" | Close the file, and for mode \"w\" and \"a\" write the ending\n",
" | records.\n",
" | \n",
" | extract(self, member, path=None, pwd=None)\n",
" | Extract a member from the archive to the current working directory,\n",
" | using its full name. Its file information is extracted as accurately\n",
" | as possible. `member' may be a filename or a ZipInfo object. You can\n",
" | specify a different directory using `path'.\n",
" | \n",
" | extractall(self, path=None, members=None, pwd=None)\n",
" | Extract all members from the archive to the current working\n",
" | directory. `path' specifies a different directory to extract to.\n",
" | `members' is optional and must be a subset of the list returned\n",
" | by namelist().\n",
" | \n",
" | getinfo(self, name)\n",
" | Return the instance of ZipInfo given 'name'.\n",
" | \n",
" | infolist(self)\n",
" | Return a list of class ZipInfo instances for files in the\n",
" | archive.\n",
" | \n",
" | namelist(self)\n",
" | Return a list of file names in the archive.\n",
" | \n",
" | open(self, name, mode='r', pwd=None)\n",
" | Return file-like object for 'name'.\n",
" | \n",
" | printdir(self)\n",
" | Print a table of contents for the zip file.\n",
" | \n",
" | read(self, name, pwd=None)\n",
" | Return file bytes (as a string) for name.\n",
" | \n",
" | setpassword(self, pwd)\n",
" | Set default password for encrypted files.\n",
" | \n",
" | testzip(self)\n",
" | Read all the files and check the CRC.\n",
" | \n",
" | write(self, filename, arcname=None, compress_type=None)\n",
" | Put the bytes from filename into the archive under the name\n",
" | arcname.\n",
" | \n",
" | writestr(self, zinfo_or_arcname, bytes, compress_type=None)\n",
" | Write a file into the archive. The contents is the string\n",
" | 'bytes'. 'zinfo_or_arcname' is either a ZipInfo instance or\n",
" | the name of the file in the archive.\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Data descriptors inherited from ZipFile:\n",
" | \n",
" | __dict__\n",
" | dictionary for instance variables (if defined)\n",
" | \n",
" | __weakref__\n",
" | list of weak references to the object (if defined)\n",
" | \n",
" | comment\n",
" | The comment text associated with the ZIP file.\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Data and other attributes inherited from ZipFile:\n",
" | \n",
" | fp = None\n",
" \n",
" class ZipFile(__builtin__.object)\n",
" | Class with methods to open, read, write, close, list zip files.\n",
" | \n",
" | z = ZipFile(file, mode=\"r\", compression=ZIP_STORED, allowZip64=False)\n",
" | \n",
" | file: Either the path to the file, or a file-like object.\n",
" | If it is a path, the file will be opened and closed by ZipFile.\n",
" | mode: The mode can be either read \"r\", write \"w\" or append \"a\".\n",
" | compression: ZIP_STORED (no compression) or ZIP_DEFLATED (requires zlib).\n",
" | allowZip64: if True ZipFile will create files with ZIP64 extensions when\n",
" | needed, otherwise it will raise an exception when this would\n",
" | be necessary.\n",
" | \n",
" | Methods defined here:\n",
" | \n",
" | __del__(self)\n",
" | Call the \"close()\" method in case the user forgot.\n",
" | \n",
" | __enter__(self)\n",
" | \n",
" | __exit__(self, type, value, traceback)\n",
" | \n",
" | __init__(self, file, mode='r', compression=0, allowZip64=False)\n",
" | Open the ZIP file with mode read \"r\", write \"w\" or append \"a\".\n",
" | \n",
" | close(self)\n",
" | Close the file, and for mode \"w\" and \"a\" write the ending\n",
" | records.\n",
" | \n",
" | extract(self, member, path=None, pwd=None)\n",
" | Extract a member from the archive to the current working directory,\n",
" | using its full name. Its file information is extracted as accurately\n",
" | as possible. `member' may be a filename or a ZipInfo object. You can\n",
" | specify a different directory using `path'.\n",
" | \n",
" | extractall(self, path=None, members=None, pwd=None)\n",
" | Extract all members from the archive to the current working\n",
" | directory. `path' specifies a different directory to extract to.\n",
" | `members' is optional and must be a subset of the list returned\n",
" | by namelist().\n",
" | \n",
" | getinfo(self, name)\n",
" | Return the instance of ZipInfo given 'name'.\n",
" | \n",
" | infolist(self)\n",
" | Return a list of class ZipInfo instances for files in the\n",
" | archive.\n",
" | \n",
" | namelist(self)\n",
" | Return a list of file names in the archive.\n",
" | \n",
" | open(self, name, mode='r', pwd=None)\n",
" | Return file-like object for 'name'.\n",
" | \n",
" | printdir(self)\n",
" | Print a table of contents for the zip file.\n",
" | \n",
" | read(self, name, pwd=None)\n",
" | Return file bytes (as a string) for name.\n",
" | \n",
" | setpassword(self, pwd)\n",
" | Set default password for encrypted files.\n",
" | \n",
" | testzip(self)\n",
" | Read all the files and check the CRC.\n",
" | \n",
" | write(self, filename, arcname=None, compress_type=None)\n",
" | Put the bytes from filename into the archive under the name\n",
" | arcname.\n",
" | \n",
" | writestr(self, zinfo_or_arcname, bytes, compress_type=None)\n",
" | Write a file into the archive. The contents is the string\n",
" | 'bytes'. 'zinfo_or_arcname' is either a ZipInfo instance or\n",
" | the name of the file in the archive.\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Data descriptors defined here:\n",
" | \n",
" | __dict__\n",
" | dictionary for instance variables (if defined)\n",
" | \n",
" | __weakref__\n",
" | list of weak references to the object (if defined)\n",
" | \n",
" | comment\n",
" | The comment text associated with the ZIP file.\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Data and other attributes defined here:\n",
" | \n",
" | fp = None\n",
" \n",
" class ZipInfo(__builtin__.object)\n",
" | Class with attributes describing each file in the ZIP archive.\n",
" | \n",
" | Methods defined here:\n",
" | \n",
" | FileHeader(self, zip64=None)\n",
" | Return the per-file header as a string.\n",
" | \n",
" | __init__(self, filename='NoName', date_time=(1980, 1, 1, 0, 0, 0))\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Data descriptors defined here:\n",
" | \n",
" | CRC\n",
" | \n",
" | comment\n",
" | \n",
" | compress_size\n",
" | \n",
" | compress_type\n",
" | \n",
" | create_system\n",
" | \n",
" | create_version\n",
" | \n",
" | date_time\n",
" | \n",
" | external_attr\n",
" | \n",
" | extra\n",
" | \n",
" | extract_version\n",
" | \n",
" | file_size\n",
" | \n",
" | filename\n",
" | \n",
" | flag_bits\n",
" | \n",
" | header_offset\n",
" | \n",
" | internal_attr\n",
" | \n",
" | orig_filename\n",
" | \n",
" | reserved\n",
" | \n",
" | volume\n",
" \n",
" error = class BadZipfile(exceptions.Exception)\n",
" | Method resolution order:\n",
" | BadZipfile\n",
" | exceptions.Exception\n",
" | exceptions.BaseException\n",
" | __builtin__.object\n",
" | \n",
" | Data descriptors defined here:\n",
" | \n",
" | __weakref__\n",
" | list of weak references to the object (if defined)\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Methods inherited from exceptions.Exception:\n",
" | \n",
" | __init__(...)\n",
" | x.__init__(...) initializes x; see help(type(x)) for signature\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Data and other attributes inherited from exceptions.Exception:\n",
" | \n",
" | __new__ = \n",
" | T.__new__(S, ...) -> a new object with type S, a subtype of T\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Methods inherited from exceptions.BaseException:\n",
" | \n",
" | __delattr__(...)\n",
" | x.__delattr__('name') <==> del x.name\n",
" | \n",
" | __getattribute__(...)\n",
" | x.__getattribute__('name') <==> x.name\n",
" | \n",
" | __getitem__(...)\n",
" | x.__getitem__(y) <==> x[y]\n",
" | \n",
" | __getslice__(...)\n",
" | x.__getslice__(i, j) <==> x[i:j]\n",
" | \n",
" | Use of negative indices is not supported.\n",
" | \n",
" | __reduce__(...)\n",
" | \n",
" | __repr__(...)\n",
" | x.__repr__() <==> repr(x)\n",
" | \n",
" | __setattr__(...)\n",
" | x.__setattr__('name', value) <==> x.name = value\n",
" | \n",
" | __setstate__(...)\n",
" | \n",
" | __str__(...)\n",
" | x.__str__() <==> str(x)\n",
" | \n",
" | __unicode__(...)\n",
" | \n",
" | ----------------------------------------------------------------------\n",
" | Data descriptors inherited from exceptions.BaseException:\n",
" | \n",
" | __dict__\n",
" | \n",
" | args\n",
" | \n",
" | message\n",
"\n",
"FUNCTIONS\n",
" is_zipfile(filename)\n",
" Quickly see if a file is a ZIP file by checking the magic number.\n",
" \n",
" The filename argument may be a file or file-like object too.\n",
"\n",
"DATA\n",
" ZIP_DEFLATED = 8\n",
" ZIP_STORED = 0\n",
" __all__ = ['BadZipfile', 'error', 'ZIP_STORED', 'ZIP_DEFLATED', 'is_zi...\n",
"\n",
"\n"
]
}
],
"prompt_number": 192
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/unzip.py\n",
"import zipfile\n",
"\n",
"zFile = zipfile.ZipFile('ch01/evil.zip', 'r')\n",
"zFile.extractall(path='tmp', pwd='secret')"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/unzip.py\n"
]
}
],
"prompt_number": 193
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!rm -rf ch01/evil"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [],
"prompt_number": 194
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!ls -l ch01/"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"total 336\r\n",
"-rw-r--r-- 1 re4lfl0w staff 356 Jun 15 12:59 1thread.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 614 Jun 15 12:59 2process.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 447 Jun 15 12:59 2thread.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 0 Jun 14 14:43 __init__.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 103 Jun 14 14:43 __init__.pyc\r\n",
"-rw-r--r-- 1 re4lfl0w staff 57 Jun 23 2012 dictionary.txt\r\n",
"-rw-r--r-- 1 re4lfl0w staff 35755 Jun 23 2012 evil.zip\r\n",
"-rw-r--r-- 1 re4lfl0w staff 20 Jun 15 12:58 hello.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 35 Jun 15 13:20 main_test.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 148 Jun 15 13:20 main_test.pyc\r\n",
"-rw-r--r-- 1 re4lfl0w staff 91 Jun 15 13:20 main_test2.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 302 Jun 15 13:20 main_test2.pyc\r\n",
"-rw-r--r-- 1 re4lfl0w staff 122 Jun 15 11:50 passwd\r\n",
"-rw-r--r-- 1 re4lfl0w staff 122 Jun 23 2012 passwords.txt\r\n",
"-rw-r--r-- 1 re4lfl0w staff 149 Jun 10 17:59 reverse_slash.txt\r\n",
"-rw-r--r-- 1 re4lfl0w staff 122 Jun 15 13:20 shadow.txt\r",
"\r\n",
"-rw-r--r-- 1 re4lfl0w staff 1154 Jun 15 13:20 test_512_2.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 320 Jun 15 13:20 test_confirm.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 1575 Jun 7 18:54 test_last.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 477 Jun 7 18:24 test_original.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 659 Jun 7 18:24 test_process.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 642 Jun 7 19:46 test_process2.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 1529 Jun 15 13:20 test_sha512.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 501 Jun 7 18:24 test_thread.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 551 Jun 7 19:46 test_thread2.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 104 Jun 15 13:20 unzip.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 347 Jun 15 12:59 unzip3.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 146 Jun 15 12:59 unzip_except.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 503 Jun 15 12:59 unzip_module.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 496 Jun 15 12:59 unzip_thread.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 118 Jun 15 13:20 vuln-scanner.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 452 Jun 15 13:20 vuln_banners.txt\r\n",
"---------- 1 re4lfl0w staff 398 Jun 13 13:58 vuln_banners2.txt\r\n",
"-rw-r--r-- 1 re4lfl0w staff 1282 Jun 15 13:20 vuln_scanner.py\r\n",
"-rw-r--r-- 1 re4lfl0w staff 1291 Jun 15 12:59 zipcrack.py\r\n"
]
}
],
"prompt_number": 195
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"import zipfile\n",
"zFile = zipfile.ZipFile('ch01/evil.zip', 'r')\n",
"zFile.extract?"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [],
"prompt_number": 196
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!python ch01/unzip.py"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 251
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# extractall\uc5d0\uc11c path\ub97c \uc9c0\uc815\ud574\uc8fc\uc9c0 \uc54a\uc73c\ub2c8 notebook\uc774 \uc2e4\ud589\ub41c root\uc5d0 \uc0dd\uc131\uc774 \ub410\ub124.\n",
"# \uad1c\ud788 \ud3f4\ub354 \ucc3e\uc544\ubcf4\uba74\uc11c \uc0bd\uc9c8\ud588\ub2e4.\n",
"# \ud56d\uc0c1 \uc2e4\ud589\ub41c \uc8fc\uccb4\uac00 \uc5b4\ub514\uc778\uc9c0 \ud655\uc778\ud560 \uac83. \uc774\uac78\ub85c \uc778\ud574 \ub9ce\uc740 \uc0bd\uc9c8 \ubc1c\uc0dd\n",
"!ls -l tmp"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"total 0\r\n",
"drwxr-xr-x 4 re4lfl0w staff 136 Jun 13 13:58 \u001b[1m\u001b[34mevil\u001b[m\u001b[m\r\n"
]
}
],
"prompt_number": 252
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!ls -l evil/"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"total 88\r\n",
"-rw-r--r-- 1 re4lfl0w staff 38540 Jun 15 13:20 evil.jpg\r\n",
"-rw-r--r-- 1 re4lfl0w staff 171 Jun 15 13:20 note_to_adam.txt\r\n"
]
}
],
"prompt_number": 254
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!open evil/evil.jpg"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [],
"prompt_number": 255
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!cat evil/note_to_adam.txt"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Sorry, you are too late - she ate the apple.\r\n",
"--------\r\n",
"[Image downloaded from http://farm3.staticflickr.com/2422/4424308439_7bd9e833d3_z.jpg under Creative Commons License]"
]
}
],
"prompt_number": 256
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"### \ub9cc\uc57d\uc5d0 \uc798\ubabb\ub41c \ud328\uc2a4\uc6cc\ub4dc\ub85c \uc2a4\ud06c\ub9bd\ud2b8\ub97c \uc2e4\ud589\uc2dc\ud0ac \ub54c\ub97c \ub300\ube44\ud574 \uc608\uc678 \ucc98\ub9ac \ucf54\ub4dc \ucd94\uac00"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/unzip_except.py\n",
"import zipfile\n",
"\n",
"zFile = zipfile.ZipFile('ch01/evil.zip', 'r')\n",
"try:\n",
" zFile.extractall(path='tmp', pwd='orange')\n",
"except Exception, e:\n",
" print e"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "-"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/unzip_except.py\n"
]
}
],
"prompt_number": 202
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "skip"
}
},
"source": [
"- \uc798\ubabb\ub41c \ud328\uc2a4\uc6cc\ub4dc\ub85c \uc2a4\ud06c\ub9bd\ud2b8\ub97c \uc2e4\ud589\ud558\uba74 \uc624\ub958 \uba54\uc2dc\uc9c0 \ucd9c\ub825"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!python ch01/unzip_except.py"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"('Bad password for file', )\r\n"
]
}
],
"prompt_number": 203
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"source": [
"- \uc798\ubabb\ub41c \ud328\uc2a4\uc6cc\ub4dc\ub97c \uc785\ub825\ud558\uba74 \uc608\uc678\uac00 \ubc1c\uc0dd\ud55c\ub2e4\ub294 \uc810\uc744 \uc0ac\uc6a9\ud558\uc5ec \ub515\uc154\ub108\ub9ac \ud30c\uc77c\uc5d0 \uc788\ub294 \ud328\uc2a4\uc6cc\ub4dc\uac00 \uc555\ucd95 \ud30c\uc77c\uc758 \ud328\uc2a4\uc6cc\ub4dc\uc640 \uc77c\uce58\ud558\ub294\uc9c0 \ud655\uc778\n",
"- ZipFile \ud074\ub798\uc2a4\ub97c \uc2e4\uccb4\ud654\ud55c \ud6c4\uc5d0 \ub515\uc154\ub108\ub9ac \ud30c\uc77c\uc744 \uc5f4\uc5b4\uc11c \ub515\uc154\ub108\ub9ac\uc5d0 \uc788\ub294 \ubaa8\ub4e0 \ub2e8\uc5b4\ub97c \ud14c\uc2a4\ud2b8\n",
"- \ub9cc\uc57d extractall() \ud568\uc218\uac00 \uc544\ubb34\ub7f0 \uc624\ub958\uc5c6\uc774 \uc2e4\ud589\ub418\uba74 \ud328\uc2a4\uc6cc\ub4dc\ub97c \ucc3e\uc558\ub2e4\ub294 \uba54\uc2dc\uc9c0 \ucd9c\ub825\n",
"- \ud558\uc9c0\ub9cc extractall() \uc5d0\uc11c \uc608\uc678\uac00 \ubc1c\uc0dd\ud558\uba74 \uc608\uc678\ub97c \ubb34\uc2dc\ud558\uace0 \ub515\uc154\ub108\ub9ac\uc5d0 \uc788\ub294 \ub2e4\ub978 \ub2e8\uc5b4 \uc2dc\ub3c4"
]
},
{
"cell_type": "markdown",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"source": [
"### Reverse shell \uc2dc cmd \uba85\ub839\n",
"\n",
"- 'dir' \uba85\ub839\uc5b4\ub97c reverse shell\ub85c \ubcf4\ub0c8\ub294\ub370 \uacb0\uacfc\uac12\uc774 \uc624\uc9c0 \uc54a\uc744 \ub54c \ud669\ub2f9\ud568\uc774\ub780...(\ud615\uc11d\uc774)\n",
"- \ub2f5\uc740 ..?"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/unzip3.py\n",
"import zipfile\n",
"zFile = zipfile.ZipFile('ch01/evil.zip')\n",
"dictionary = 'ch01/dictionary.txt'\n",
"passFile = open(dictionary)\n",
"for line in passFile:\n",
" password = line.strip('\\n')\n",
" try:\n",
" zFile.extractall(pwd=password)\n",
" print '[+] Password = ' + password + '\\n'\n",
" exit(0)\n",
" except Exception, e:\n",
" # no operation\n",
" pass"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "subslide"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/unzip3.py\n"
]
}
],
"prompt_number": 204
},
{
"cell_type": "code",
"collapsed": true,
"input": [
"!python ch01/unzip3.py"
],
"language": "python",
"metadata": {
"slideshow": {
"slide_type": "fragment"
}
},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] Password = secret\r\n",
"\r\n"
]
}
],
"prompt_number": 205
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"#### Code Refactoring"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/unzip_module.py\n",
"import zipfile\n",
"\n",
"def extractFile(zFile, password):\n",
" try:\n",
" zFile.extractall(pwd=password)\n",
" return password\n",
" except:\n",
" return\n",
" \n",
"def main():\n",
" zFile = zipfile.ZipFile('ch01/evil.zip')\n",
" passFile = open('ch01/dictionary.txt')\n",
" for line in passFile:\n",
" password = line.strip('\\n')\n",
" guess = extractFile(zFile, password)\n",
" if guess:\n",
" print '[+] Password = ' + password + '\\n'\n",
" exit(0)\n",
" \n",
"if __name__ == '__main__':\n",
" main()"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/unzip_module.py\n"
]
}
],
"prompt_number": 206
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!python ch01/unzip_module.py"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] Password = secret\r\n",
"\r\n"
]
}
],
"prompt_number": 207
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"------"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/unzip_thread.py\n",
"import zipfile\n",
"from threading import Thread\n",
"\n",
"def extractFile(zFile, password):\n",
" try:\n",
" zFile.extractall(pwd=password)\n",
" print '[+] Password = ' + password + '\\n'\n",
" except:\n",
" pass\n",
" \n",
"def main():\n",
" zFile = zipfile.ZipFile('ch01/evil.zip')\n",
" passFile = open('ch01/dictionary.txt')\n",
" for line in passFile:\n",
" password = line.strip('\\n')\n",
" t = Thread(target=extractFile, args=(zFile, password))\n",
" t.start()\n",
" \n",
"if __name__ == '__main__':\n",
" main()"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/unzip_thread.py\n"
]
}
],
"prompt_number": 208
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!python ch01/unzip_thread.py"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] Password = secret\r\n",
"\r\n"
]
}
],
"prompt_number": 209
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"import zipfile\n",
"from threading import Thread\n",
"from multiprocessing import Process, Queue\n",
"\n",
"def extractFile(zFile, password):\n",
" try:\n",
" zFile.extractall(pwd=password)\n",
" print '[+] Password = ' + password + '\\n'\n",
" except:\n",
" pass\n",
" \n",
"def main_original():\n",
" zFile = zipfile.ZipFile('ch01/evil.zip')\n",
" passFile = open('ch01/dictionary.txt')\n",
" for line in passFile:\n",
" password = line.strip('\\n')\n",
" extractFile(zFile, password)\n",
" \n",
"def main_thread():\n",
" zFile = zipfile.ZipFile('ch01/evil.zip')\n",
" passFile = open('ch01/dictionary.txt')\n",
" for line in passFile:\n",
" password = line.strip('\\n')\n",
" t = Thread(target=extractFile, args=(zFile, password))\n",
" t.start()\n",
"\n",
"# Queue\ub97c \uc0ac\uc6a9\ud558\uc9c0 \uc54a\uc544 \ub611\uac19\uc740 \ubcc0\uc218\ub97c \ubc1b\uc544\uac00\uc11c \uc2e4\ud589\ud558\ub294 \uba4d\uccad\ud55c multiprocess\n",
"def main_multi():\n",
" zFile = zipfile.ZipFile('ch01/evil.zip')\n",
" passFile = open('ch01/dictionary.txt')\n",
" \n",
" for line in passFile:\n",
" password = line.strip('\\n')\n",
" result = Queue()\n",
" pr1 = Process(target=extractFile, args=(zFile, password))\n",
" pr2 = Process(target=extractFile, args=(zFile, password))\n",
" pr1.start()\n",
" pr2.start()\n",
" pr1.join()\n",
" pr2.join()\n",
"\n",
"def main_multi2():\n",
" zFile = zipfile.ZipFile('ch01/evil.zip')\n",
" passFile = open('ch01/dictionary.txt')\n",
" \n",
" result = Queue()\n",
" for line in passFile:\n",
" result.put(line.strip('\\n'))\n",
" \n",
" pr1 = Process(target=extractFile, args=(zFile, result.get()))\n",
" pr2 = Process(target=extractFile, args=(zFile, result.get()))\n",
" pr1.start()\n",
" pr2.start()\n",
" pr1.join()\n",
" pr2.join()"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 210
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"main_multi()"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] Password = secret\n",
"[+] Password = secret\n",
"\n",
"\n"
]
}
],
"prompt_number": 211
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"main_thread()"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 212
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"#### Why? \n",
"- main()\uc73c\ub85c \uc124\uc815\ud574\uc11c \ub3cc\ub9ac\uba74 \uacc4\uc18d kernel restart \ub41c\ub2e4.\n",
"- \ubb50\uc9c0? \uc65c \uacc4\uc18d kernel restart\uac00 \ub418\ub0d0..\n",
"- \ub108\ubb34 \ub9ce\uc740 \uc5f0\uc0b0\uc791\uc5c5\uc744 \ud574\uc11c?\n",
"- \uc544... **exit(0)**\uc744 \ub123\uc5b4\uc918\uc11c \uadf8\ub807\uad6c\ub098\n",
"- exit(0)\uc740 console\uc5d0\uc11c \uc801\uc6a9.. \ub300\uc2e0 break \ub123\uc5c8\ub2e4.\n",
"\n",
"\n",
"#### original vs thread vs multi\n",
"\n",
"- \uc9c0\uae08 \uc774\uc0c1\ud558\uac8c original \uc774 \uc81c\uc77c \ube60\ub974\ub2e4.\n",
"- \uc774\uac74 \ubb54\uac00 \uc18c\uc2a4\ucf54\ub4dc\uac00 \uc798\ubabb\ub410\ub2e4\ub294 \uac78\ub85c \uc0dd\uac01\ub418\ub294\ub370\n",
"\n",
"#### \ud615\uc11d\uc774 \uc870\uc5b8\n",
"\n",
"- Queue\ub97c \ub9cc\ub4e4\uc5b4\uc11c \ud55c \ubc88 \uaebc\ub0b8 \uac83\uc740 \ub2e4\uc2dc \ucc38\uc870\ud558\uc9c0 \ubabb\ud558\uac8c \ud574\ub77c.\n",
"\n",
"-----"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"# %timeit main_multi()"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 213
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%timeit main_multi2()"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] Password = secret\n",
"\n"
]
},
{
"output_type": "stream",
"stream": "stdout",
"text": [
"100 loops, best of 3: 17.4 ms per loop\n"
]
}
],
"prompt_number": 214
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"#### [\ud558\uc6a9\ud638\ub2d8 2011 H3 \ucee8\ud37c\ub7f0\uc2a4 - \ud30c\uc774\uc36c\uc73c\ub85c \ud074\ub77c\uc6b0\ub4dc \ud558\uace0 \uc2f6\uc5b4\uc694. \ud14c\uc2a4\ud2b8 \uc608\uc81c](http://www.slideshare.net/yongho/2011-h3)"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/1thread.py\n",
"from threading import Thread\n",
"\n",
"def do_work(start, end, result):\n",
" sum = 0\n",
" for i in range(start, end):\n",
" sum += i\n",
" result.append(sum)\n",
" return\n",
"\n",
"if __name__ == '__main__':\n",
" START, END = 0, 20000000\n",
" result = list()\n",
" th1 = Thread(target=do_work, args=(START, END, result))\n",
" th1.start()\n",
" th1.join()\n",
"print 'Result : ', sum(result)"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/1thread.py\n"
]
}
],
"prompt_number": 215
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!time python ch01/1thread.py"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Result : 199999990000000\r\n"
]
},
{
"output_type": "stream",
"stream": "stdout",
"text": [
"\r\n",
"real\t0m2.009s\r\n",
"user\t0m1.659s\r\n",
"sys\t0m0.339s\r\n"
]
}
],
"prompt_number": 216
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/2thread.py\n",
"from threading import Thread\n",
"\n",
"def do_work(start, end, result):\n",
" sum = 0\n",
" for i in range(start, end):\n",
" sum += i\n",
" result.append(sum)\n",
" return\n",
"\n",
"if __name__ == '__main__':\n",
" START, END = 0, 20000000\n",
" result = list()\n",
" th1 = Thread(target=do_work, args=(START, END, result))\n",
" th2 = Thread(target=do_work, args=(START, END, result))\n",
" th1.start()\n",
" th2.start()\n",
" th1.join()\n",
" th2.join()\n",
"print 'Result : ', sum(result)"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/2thread.py\n"
]
}
],
"prompt_number": 217
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!time python ch01/2thread.py"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Result : 399999980000000\r\n"
]
},
{
"output_type": "stream",
"stream": "stdout",
"text": [
"\r\n",
"real\t0m5.159s\r\n",
"user\t0m3.810s\r\n",
"sys\t0m2.485s\r\n"
]
}
],
"prompt_number": 218
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/2process.py\n",
"from multiprocessing import Process, Queue\n",
"\n",
"def do_work(start, end, result):\n",
" sum = 0\n",
" for i in range(start, end):\n",
" sum += i\n",
" result.put(sum)\n",
" return\n",
"\n",
"if __name__ == '__main__':\n",
" START, END = 0, 20000000\n",
" result = Queue()\n",
" pr1 = Process(target=do_work, args=(START, END/2, result))\n",
" pr2 = Process(target=do_work, args=(END/2, END, result))\n",
" pr1.start()\n",
" pr2.start()\n",
" pr1.join()\n",
" pr2.join()\n",
" result.put('STOP')\n",
" sum = 0\n",
" while True:\n",
" tmp = result.get()\n",
" if tmp == 'STOP':\n",
" break\n",
" else:\n",
" sum += tmp\n",
"print 'Result : ', sum"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/2process.py\n"
]
}
],
"prompt_number": 219
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!time python 2process.py"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"/Users/re4lfl0w/Library/Enthought/Canopy_64bit/User/Resources/Python.app/Contents/MacOS/Python: can't open file '2process.py': [Errno 2] No such file or directory\r\n",
"\r\n",
"real\t0m0.025s\r\n",
"user\t0m0.012s\r\n",
"sys\t0m0.009s\r\n"
]
}
],
"prompt_number": 220
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"- \uc2a4\ud06c\ub9bd\ud2b8\ub97c \uc218\uc815\ud558\uc5ec \ud06c\ub799\ud560 \uc555\ucd95 \ud30c\uc77c\uc758 \uc774\ub984\uacfc \ud06c\ub799\uc5d0 \uc0ac\uc6a9\ud560 \ub515\uc154\ub108\ub9ac \ud30c\uc77c\uc758 \uc774\ub984\uc744 \uc0ac\uc6a9\uc790\uac00 \uc9c1\uc811 \uc815\uc758 \uac00\ub2a5\n",
"- optparse \ub77c\uc774\ube0c\ub7ec\ub9ac \ud65c\uc6a9\n",
"- \ud50c\ub798\uadf8\ub97c \uad6c\ubb38 \ubd84\uc11d\ud558\uace0 \uc2a4\ud06c\ub9bd\ud2b8 \ub4a4\uc5d0 \uc624\ub294 \uc120\ud0dd\uc801 \ud30c\ub77c\ubbf8\ud130\ub97c \ucc98\ub9ac\ud55c\ub2e4\ub294 \uac83\ub9cc \uc54c\uace0 \uc788\uc73c\uba74 \ub428\n",
"- \uc6b0\ub9ac\uc758 \uc555\ucd95 \ud30c\uc77c \ud06c\ub798\ud0b9 \uc2a4\ud06c\ub9bd\ud2b8\uc5d0\ub294 2\uac1c\uc758 \ud544\uc218 \ud50c\ub798\uadf8\ub97c \ucd94\uac00\ud560 \uac83\n",
"- \uc555\ucd95 \ud30c\uc77c \uc774\ub984, \ub515\uc154\ub108\ub9ac \ud30c\uc77c \uc774\ub984\n",
"\n",
"#### \ud604\uc7ac \uc704\uc5d0 \uc801\uc5b4\ub193\uc740 thread, process\uac00 \uc81c\ub300\ub85c \ub3d9\uc791\ud558\uc9c0 \uc54a\uc74c\n",
"\n",
"- \uc774 \ubd80\ubd84\uc740 \uc880 \ub354 \uacf5\ubd80\ud574 \ubd10\uc57c \ud568\n",
"\n",
"-----"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%writefile ch01/zipcrack.py\n",
"import zipfile\n",
"import optparse\n",
"from threading import Thread\n",
"from multiprocessing import Process, Queue\n",
"\n",
"def extractFile(zFile, password):\n",
" try:\n",
" zFile.extractall(pwd=password)\n",
" print '[+] Found password ' + password + '\\n'\n",
" except:\n",
" pass\n",
" \n",
"def main():\n",
" parser = optparse.OptionParser('usage%prog ' + \\\n",
" '-f \\\n",
" -d ')\n",
"\n",
" parser.add_option('-f', dest='zname', type='string', \\\n",
" help='specify zip file')\n",
" parser.add_option('-d', dest='dname', type='string', \\\n",
" help='specify dictionary file')\n",
"\n",
" (options, args) = parser.parse_args()\n",
"\n",
" if(options.zname == None) | (options.dname == None):\n",
" print parser.usage\n",
" exit(0)\n",
" else:\n",
" zname = options.zname\n",
" dname = options.dname\n",
" \n",
" zFile = zipfile.ZipFile(zname)\n",
" passFile = open(dname)\n",
" \n",
" passQueue = Queue()\n",
" \n",
" for line in passFile:\n",
" passQueue.put(line.strip('\\n'))\n",
" \n",
" pr1 = Process(target=extractFile, args=(zFile, passQueue.get()))\n",
" pr2 = Process(target=extractFile, args=(zFile, passQueue.get()))\n",
" pr1.start()\n",
" pr2.start()\n",
" pr1.join()\n",
" pr2.join()\n",
" \n",
"if __name__ == '__main__':\n",
" main()"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"Overwriting ch01/zipcrack.py\n"
]
}
],
"prompt_number": 1
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"!python ch01/zipcrack.py -f ch01/evil.zip -d ch01/dictionary.txt"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 222
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"def extractFile(zFile, password):\n",
" try:\n",
" zFile.extractall(pwd=password)\n",
" print '[+] Password = ' + password + '\\n'\n",
" except:\n",
" pass"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 223
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"def main_original():\n",
" import zipfile\n",
" zFile = zipfile.ZipFile('ch01/evil.zip')\n",
" passFile = open('ch01/dictionary.txt')\n",
" for line in passFile:\n",
" password = line.strip('\\n')\n",
" extractFile(zFile, password)"
],
"language": "python",
"metadata": {},
"outputs": [],
"prompt_number": 224
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"main_original()"
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"[+] Password = secret\n",
"\n"
]
}
],
"prompt_number": 225
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"![](\"files/images/I_can_do_it.jpg\")
\n",
"![](\"files/images/I_can_do_it2.jpg\")
"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## [About my IPython in github](https://github.com/re4lfl0w/ipython)"
]
}
],
"metadata": {}
}
]
}