hack like it's 2013 (the workshop)
DESCRIPTION
Try to imagine the amount of time and effort it would take you to write a bug-free script or application that will accept a URL, port scan it, and for each HTTP service that it finds, it will create a new thread and perform a black box penetration testing while impersonating a Blackberry 9900 smartphone. While you’re thinking, Here’s how you would have done it in Hackersh: “http://localhost” \ -> url \ -> nmap \ -> browse(ua=”Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.346 Mobile Safari/534.11+”) \ -> w3af Meet Hackersh (“Hacker Shell”) – A new, free and open source cross-platform shell (command interpreter) with built-in security commands and Pythonect-like syntax. Aside from being interactive, Hackersh is also scriptable with Pythonect. Pythonect is a new, free, and open source general-purpose dataflow programming language based on Python, written in Python. Hackersh is inspired by Unix pipeline, but takes it a step forward by including built-in features like remote invocation and threads. This 120 minute lab session will introduce Hackersh, the automation gap it fills, and its features. Lots of demonstrations and scripts are included to showcase concepts and ideas.TRANSCRIPT
![Page 1: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/1.jpg)
Hacking Like It's 2013 /* The Workshop */
#include “Itzik Kotler“
![Page 2: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/2.jpg)
Agenda
● Pythonect● Developing Domain-specific Language w/ Pythonect● Hackersh● Q&A
![Page 3: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/3.jpg)
Pythonect
● Pythonect is a portmanteau of the words Python and Connect● New, experimental, general-purpose dataflow programming language
based on Python● Current “stable“ version (True to Apr 9 2013): 0.4.2● Made available under 'Modified BSD License'● Influenced by: Unix Shell Scripting, Python, Perl● Cross-platform (should run on any Python supported platform)● Website: http://www.pythonect.org/
![Page 4: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/4.jpg)
A few words on the Development
● Written purely in Python (2.7)– Works on CPython 2.x, and Jython 2.7 implementations
● Tests written in PyUnit● Hosted on GitHub● Commits tested by Travis CI
![Page 5: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/5.jpg)
Installing and Using The Pythonect Interpreter
● Install directly from PyPI using easy_install or pip:– easy_install Pythonect
OR– pip install Pythonect
● Clone the git repository:– git clone git://github.com/ikotler/pythonect.git
– cd pythonect
– python setup.py install
![Page 6: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/6.jpg)
The Pythonect Interpreter
● Written and integrated with the Python environment:
% pythonect
Python 2.7.3 (default, Aug 1 2012, 05:14:39)
[Pythonect 0.4.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>
![Page 7: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/7.jpg)
Dataflow Programming
Programming paradigm that treats data as something originatingfrom a source, flows through a number of components and arrives at a final destination - most suitable when developing applications that
are themselves focused on the "flow" of data.
![Page 8: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/8.jpg)
Dataflow Example
A video signal processor which may start with video input, modifies it through a number of processing components (i.e. video filters),
and finally outputs it to a video display.
LocalFile
Reader
ScreenOutputDisplay
VideoB&W
FrameProcressor
![Page 9: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/9.jpg)
Dataflow Example
Want to change a feed from a local file to a remote file on a website?
No problem!
URLDownloader
ScreenOutputDisplay
VideoB&W
FrameProcressor
![Page 10: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/10.jpg)
Dataflow Example
Want to write the Video B&W Frame Processor output to both a screen and a local file?
No problem!
URLDownloader
LocalFile
WriterVideoB&W
FrameProcressor Screen
OutputDisplay
![Page 11: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/11.jpg)
Dataflow Programming Advantages
● Concurrency and parallelism are natural● Data flow networks are natural for representing process● Data flow programs are more extensible than traditional
programs
![Page 12: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/12.jpg)
Dataflow Programming Disadvantages
● The mindset of data flow programming is unfamiliar to most programmers
● The intervention of the run-time system can be expensive
![Page 13: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/13.jpg)
Dataflow Programming Languages
● Spreadsheets are essentially dataflow (e.g. Excel)● VHDL, Verilog and other hardware description languages are
essentially dataflow● XProc● Max/Msp● ... Etc.
![Page 14: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/14.jpg)
<Pythonect Examples>
![Page 15: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/15.jpg)
'Hello, world' -> print
String Function
![Page 16: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/16.jpg)
What do we have here?
● -> is a Pythonect Control Operator, it means async forward.
● There's also | (i.e. Pipe) which means sync forward.
● 'Hello, world' is a literal string
● print is a function
![Page 17: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/17.jpg)
"Hello, world" -> [print, print]
String
Function
Function
![Page 18: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/18.jpg)
["Hello, world", "Hello, world"] -> print
Function
String
String
![Page 19: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/19.jpg)
range(99, 0, -1) \ | [ _ % 2 == 0 ] \ -> str \ -> _ + " bottle(s) of beer on the wall," \ -> print \ -> _.split(' on')[0] + '.' \ -> print \ -> print("Take one down, pass it around,")
Integer Filter ExpressionFunction Function FunctionFunction Function
![Page 20: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/20.jpg)
Basic Pythonect Syntax Summary
● -> is async forward.
● | (i.e. Pipe) is sync forward.
● _ (i.e. Underscore) is current value in flow
![Page 21: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/21.jpg)
<Pythonect Security Scripts/Examples>
![Page 22: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/22.jpg)
raw_input() -> _.encode('rot13') -> print
Function Function
ROT13 Encrypt & Decrypt
Function
![Page 23: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/23.jpg)
'ftp.gnu.org' \ -> ftplib.FTP \ -> _.login() \ -> print("Allow anonymous")
String Class
Check if FTP Server Supports Anonymous Login
Function Function
![Page 24: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/24.jpg)
sys.argv[1] \ -> [str(_ + '/' + x) for x in open(sys.argv[2],'r').read().split('\n')] \ -> [(_, urllib.urlopen(_))] \ -> _[1].getcode() != 404 \ -> print "%s returns %s" % (_[0], _[1], _[1].getcode())
String Nested Loop
(Multi-thread) HTTP Directory Brute-force
...
Function Filter Function
![Page 25: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/25.jpg)
['%s', '%n', 'A', 'a', '0', '!', '$', '%', '*', '+', ',', '-', '.', '/', ':'] \ | [_ * n for n in [256, 512, 1024, 2048, 4096]] \ | os.system('/bin/ping ' + _)
Array Nested Loop
Command line Fuzzer
Function
![Page 26: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/26.jpg)
open('dana.jpg', 'r').read() \ -> itertools.permutations \ -> open('output_' + hex(_.__hash__()) + '.jpg', 'w').write(''.join(_))
String Function
(Multi-thread) Generic File format Fuzzer
...
Function
![Page 27: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/27.jpg)
"MALWARE.EXE" -> [os.system("/usr/bin/md5sum " + _), os.system("/usr/bin/sha1sum " + _)]
String
Compute MALWARE.EXE's MD5 & SHA1
Function
Function
![Page 28: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/28.jpg)
Compute MALWARE.EXE's Entropy
● Entropy.py:import math
def entropy(data):
entropy = 0
if data:
for x in range(2**8):
p_x = float(data.count(chr(x))) / len(data)
if p_x > 0:
entropy += - p_x * math.log(p_x, 2)
return entropy
● Pythonect:"MALWARE.EXE" \
-> open(_, 'r').read() \
-> entropy.entropy \
![Page 29: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/29.jpg)
References / More Examples
● My Blog– Scraping LinkedIn Public Profiles for Fun and Profit– Fuzzing Like A Boss with Pythonect– Automated Static Malware Analysis with Pythonect
● LightBulbOne (Blog)– Fuzzy iOS Messages!
![Page 30: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/30.jpg)
Pythonect Roadmap
● Support Python 3k● Support Stackless Python● Support IronPython● Support GPU Programming● Fix bugs, etc.
![Page 31: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/31.jpg)
Questions?
![Page 32: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/32.jpg)
Moving on!
Developing Domain-specific Language (DSL)with Pythonect
![Page 33: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/33.jpg)
Domain-specific Language
● Domain-specific language (DSL) is a mini-language aiming at representing constructs for a given domain
● DSL is effective if the words and idioms in the language adequately capture what needs to be represented
● DSL can also add syntax sugar
![Page 34: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/34.jpg)
Why?
Why create a custom tag or an object with methods?
Elegant Code Reuse
Instead of having to recode algorithms every time you need them, you can just write a phrase in your DSL and you will have shorter, more easily maintainable
programs
![Page 35: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/35.jpg)
Example for DSL's
● Programming Language R● XSLT● Regular Expression● Graphviz● Shell utilities (awk, sed, dc, bc)● Software development tools (make, yacc, lex)● Etc.
![Page 36: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/36.jpg)
<DSL/Examples>
![Page 37: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/37.jpg)
Example #1: XSLT 'Hello, world'
<?xml version="1.0"?>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:template match="p">
Hello world! - From hello.xsl.
</xsl:template>
</xsl:stylesheet>
![Page 38: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/38.jpg)
Example #2: Graphviz/DOT 'Hello, world'
digraph G
{
Hello → World
}
![Page 39: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/39.jpg)
Domain-specific Language with Pythonect
● Pythonect provides various features to let you easily develop your own DSLs:– Built-in Python module Autoloader– Concurrency (Threads & Processes)– Abstract Syntax (i.e. Generic Flow Operators)
![Page 40: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/40.jpg)
Built-in Python AutoLoader
● The AutoLoader loads Python modules from the file system when needed
● In other words, no need to import modules explicitly. ● The sacrifice is run-time speed for ease-of-coding and speed
of the initial import()ing.
![Page 41: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/41.jpg)
'Hello, world' -> string.split
i.e.
import stringreturn string.split
![Page 42: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/42.jpg)
Concurrency (Threads & Processes)
● Multi-threading:– 'Hello, world' -> [print, print]
● Multi-processing:– 'Hello, world' -> [print, print]
● Mix:– 'Hello, world' -> [print, print &]
![Page 43: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/43.jpg)
Abstract Syntax
● Brackets for Scope:– []
● Arrows and Pipes for Flows:– | and ->
● Dict and Logical Keywords for Control Flow:– {} and not/or/and
![Page 44: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/44.jpg)
from_file('malware.exe') \ -> extract_base64_strings \ -> to_xml
So, imagine the following is a real script:
![Page 45: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/45.jpg)
IT IS!(with Pythonect)
![Page 46: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/46.jpg)
Meet SMALL
Simple Malware AnaLysis Language
● Toy language for analyzing malware samples ● Single Python file (14 functions, 215 lines of text)● Runs on top of Pythonect
![Page 47: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/47.jpg)
SMALL Features
● Extract IPv4 Addresses from Binaries● Extract Base64 Strings from Binaries● Calculate MD5/SHA1/CRC32● Determine File Type (via /usr/bin/file)● Create XML Reports
![Page 48: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/48.jpg)
How Does SMALL Work?
● SMALL functions are divided into two groups:– Root, these functions start a flow– Normal, these functions continues or closes the flow
● Root functions accept String and return dict– e.g. from_file()
● Normal functions accept dict and return dict
– e.g. extract_base64_strings()
![Page 49: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/49.jpg)
<Pythonect/Security DSL (i.e. SMALL) Examples>
![Page 50: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/50.jpg)
How to Start the SMALL Interpreter
pythonect -m SMALL -i
● The '-m' means - run library module as a script● The '-i' means - inspect interactively after running script● Just like Python :)
![Page 51: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/51.jpg)
from_file('malware.exe') \ -> extract_base64_strings \ -> to_xml
Function Function
Extract Base64 Strings and Save As XML
Function
![Page 52: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/52.jpg)
from_file('malware.exe') \ -> extract_ipv4_addresses \ -> to_xml
Function Function
Extract IPv4 Addresses and Save As XML
Function
![Page 53: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/53.jpg)
from_file('malware.exe') \ -> md5sum \ -> sha1sum \ -> crc32 \ -> file_type \ -> to_xml
Function Function
Compute MD5, SHA1, CRC32, and FileType
Function
![Page 54: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/54.jpg)
Other (Potential) Security Domains:
● Reverse Engineering● Malware Analysis● Penetration Testing● Intelligence Gathering● Fuzzing● Etc.
![Page 55: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/55.jpg)
Questions?
![Page 56: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/56.jpg)
Moving on!
Hackersh
![Page 57: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/57.jpg)
Hackersh
● Hackersh is a portmanteau of the words Hacker and Shell● Shell (command interpreter) written with Pythonect-like syntax,
built-in security commands, and out of the box wrappers for various security tools
● Current “stable“ version (True to Apr 1 2013): 0.1.0● Made available under GNU General Public License v2 or later● Influenced by: Unix Shell Scripting and Pythonect● Cross-platform (should run on any Python supported platform)● Website: http://www.hackersh.org
![Page 58: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/58.jpg)
A few words on the Development
● Written purely in Python (2.7)● Hosted on GitHub
![Page 59: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/59.jpg)
Motivation
● Taking over the world● Automating security tasks and reusing code as much as
possible
![Page 60: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/60.jpg)
Problems
● There are many good security tools out there... – but only a few can take the others output and run on it– but only a few of them give you built-in threads/processes
controling for best results
● No matter how well you write your shell script, the next time you need to use it - for something slightly different - you will have to re-write it
![Page 61: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/61.jpg)
Hackersh – The Solution
● Hackersh provides a “Standard Library“ where you can access your favorite security tools (as Components) and program them as easy as a Lego
● Hackersh lets you automagically scale your flows, using multithreading, multiprocessing, and even a Cloud
● Hackersh (using Pythonect as it's scripting engine) gives you the maximum flexibility to re-use your previous code while working on a new slightly-different version/script
![Page 62: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/62.jpg)
Installing and Using The Hackersh
● Install directly from PyPI using easy_install or pip:– easy_install Hackersh
OR– pip install Hackersh
● Clone the git repository:– git clone git://github.com/ikotler/hackersh.git
– cd hackersh
– python setup.py install
![Page 63: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/63.jpg)
Implementation
● Component-based software engineering– External Components
● Nmap● W3af● Etc.
– Internal Components● URL (i.e. Convert String to URL)● IPv4_Address (i.e. Convert String to IPv4 Adress)● Etc.
![Page 64: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/64.jpg)
Component as Application
● Components accepts command line args: – "localhost" -> hostname -> nmap("-P0")
● They also accept internal flags options as:– "localhost" -> hostname -> nmap("-P0", debug=True)
![Page 65: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/65.jpg)
Input/Output: Context
● Every Hackersh component (except the Hackersh Root Component) is standardized to accept and return the same data structure – Context.
● Context is a dict (i.e. associative array) that can be piped through different components
![Page 66: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/66.jpg)
Same Context, Different Flow
● "http://localhost" -> url -> nmap -> ping
– Port scan a URL, if *ANY* port is open, ping it● "http://localhost" -> url -> ping -> nmap
– Ping the URL, if pingable, scan for *ANY* open ports
![Page 67: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/67.jpg)
Ask The Context
● Context stores both Data and Metadata● The Metadata aspect enables potential AI applications to fine-
tune their service selection strategy based on service-specific characteristics
![Page 68: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/68.jpg)
"http://localhost" \ -> url \ -> nmap \ -> [_['PORT'] == '8080' and _['SERVICE'] == 'HTTP'] \ -> w3af \ -> print
Conditional Flow
![Page 69: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/69.jpg)
Hackersh High-level Diagram
Literal(e.g. String)
RootComponent(e.g. URL)
Context Component ...
![Page 70: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/70.jpg)
<Hackersh Scripts/Examples>
![Page 71: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/71.jpg)
"localhost" -> hostname -> nmap
TargetBuilt-in
Component
TCP & UDP Ports Scanning
ExternalComponent
![Page 72: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/72.jpg)
'192.168.1.0/24' -> ipv4_range -> ping
TargetBuilt-in
Component
Class C (256 Hosts) Ping Sweep
ExternalComponent
![Page 73: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/73.jpg)
'127.0.0.1' -> ipv4_address -> nmap -> nikto
TargetBuilt-in
Component
Web Server Vulnerability Scanner
ExternalComponent
ExternalComponent
![Page 74: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/74.jpg)
"localhost" \ -> hostname \ -> [nslookup, pass] -> ...
TargetBuilt-in
Component
Fork: Target as Hostname + Target as IP
Targetas Hostname
...
Targetas IPv4 Addr.
...
![Page 75: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/75.jpg)
"http://localhost" \ -> url \ -> nmap \ -> browse \ -> w3af \ -> print
TargetBuilt-in
Component
Black-box Web App Pentration Testing
ExternalComponent
Built-inComponent
ExternalComponent
Built-inComponent
![Page 76: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/76.jpg)
Hackersh Roadmap● Unit Tests● Documention● More Tools
– Metasploit– OpenVAS– TheHarvester– Hydra– …
● Builtin Commands● Plugins System● <YOUR IDEA HERE>
![Page 77: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/77.jpg)
Hackersh Official TODO
https://github.com/ikotler/hackersh/blob/master/doc/TODO
![Page 78: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/78.jpg)
Questions?
![Page 79: Hack Like It's 2013 (The Workshop)](https://reader034.vdocuments.net/reader034/viewer/2022052618/5549aa11b4c9050c738b5697/html5/thumbnails/79.jpg)
Thank you!
My Twitter: @itzikkotlerMy Email: [email protected]
My Website: http://www.ikotler.org
Pythonect Website: http://www.pythonect.orgHackersh Website: http://www.hackersh.org
Feel free to contact me if you have any questions!