Thursday, March 27, 2014

Configuring Pyinstaller

1. Install Python 2.7
2. Create a folder for all your scripts
a. C:\bin
3. Install PyWin32
b. Select pywin32 and the latest build.
c. Choose the installer for your system
i. Processor architecture
ii. Python version
d. Execute the installer

4. Install Pip-Win
b. Download current version and move to your scripts folder (C:\bin)
c. Run the executable following the directions
d. When the Pip-Win window opens, enter the following command and hit run:
i. venv -c -i  pyi-env-name

e. A new command window opens.  Run the following command within this window:
i. pip install PyInstaller

f. The previous task will finish setting up the environment.  Subsequent sessions require you to open pip-Win with the following parameters for the run command:
i. venv pyi-env-name

5. Creating a Windows executable.
a. Launch pip-Win
i. Use venv pyi-env-name in the run command
ii. Ensure your python script is in the c:\bin folder
iii. Use the following command:
(pyi-env-name) C:\bin>Pyinstaller --onefile
iv. Browse to the following folder for .exe
1) C:\bin\dist

Sunday, December 22, 2013

Python Threading - An Intro from my learning

This is my first attempt at utilizing threading within a python script.  I've kept it simple so that others can use it as an example while they tackle the process of learning some of these more advanced concepts of python.  Comments and feedback are appreciated.

The first step involves importing the "treading" module.  Next, you'll need to use threading.Thread(target=<your code/function call>).  The last step will be to begin your threads with the start() method.  First get your code running without using threading, then modifying it to be used with threading.  Hope this helps someone.


# Import the necessary modules
import threading
import ftplib

# FTP function - Connects and performs directory listing
def ftpconnect(target):
        ftp = ftplib.FTP(target)
        print "File list from: %s" % target
        files = ftp.dir()
        print files

# Main function - Iterates through a lists of FTP sites creating theads
def main():
sites = ["","",""]
for i in sites:
myThread = threading.Thread(target=ftpconnect(i))
print "The thread's ID is : " + str(myThread.ident)
if (__name__ == "__main__"):

Thursday, December 12, 2013

Python Classes

As I struggled to better understand Python classes, I took a few notes from the research I did and created this example class. Hopefully this will provide some insight for those who are new to Python as well. Please post any questions or comments.
#Classes begin with the word 'class' followed by the class name class identity: # Statements or functions follow, referred to as methods. # Method attributes always start with 'self' # 'self' is a temporary placeholder for the object # The value of the attribute 'first' is passed into the method def createFirst(self,first): # The object's value for 'first' will be assigned based on the input self.first = first def createLast(self,last): self.last=last # The objects assigned value of 'first' is returned def displayFirstname(self): return self.first def displayFullname(self): return self.first + " " + self.last def saying(self): print "Hello %s %s " % (self.first, self.last)
Once your class is created you can start to create objects that use the methods within the class.
# Associate object with class
# Use methods to assign values
# Retrieve properties of an object
'Bill Jones'
# Create another object that uses all the same methods of the class
# If you ever forget what methods are available:

Wednesday, December 11, 2013

Python & Scapy - Simple port scanner

I have been learning more about python and taking some courses with the Pentester Academy.  One of the projects is to create a simple port scanner using scapy.  The next iteration will incorporate threading.  Hopefully you find this interesting and see the value of Python and Scapy!  Comments, suggestions, observations encouraged. Enjoy!


# Import necessary modules
import logging
from scapy.all import *
import itertools
import thread

# Parse and create IP range
def ip_range(input_string):
    octets = input_string.split('.')
    chunks = [map(int, octet.split('-')) for octet in octets]
    ranges = [range(c[0], c[1] + 1) if len(c) == 2 else c for c in chunks]
    for address in itertools.product(*ranges):
        yield '.'.join(map(str, address))

# Scan each IP address with the identified port number
def scanner(ips):
    for i in ip_range(ips):
        src_port = RandShort()
        dst_port = port
        scan = sr1(IP(dst=i)/TCP(sport=src_port,dport=dst_port,flags="S"),timeout=10)
        if scan is None:
            print "This port is closed on IP: " + i
                print "This port is open for IP: " + i
            print "Unknown state"

# Request port number from user
port = int(raw_input('Enter which port to scan --> '))

# Request IP range from user - form should follow this format ''
ips = raw_input('Enter your range using this format x.x.x.x-x --> ')


Wednesday, September 11, 2013


Here is a quick script I created that gathers Domain Admin members and emails this using an HTML formatted message.

   <A brief description of the script>
   <The script gathers Domain Admin members and emails them to users specified in the script with an HTML formatted email.>
.PARAMETER <paramName>
   <None required>
# Import Module of Active Directory
Import-Module -Name ActiveDirectory

$today = (Get-Date).ToString()

# Html
$a = "<style>"
$a = $a + "BODY{background-color:Lavender ;}"
$a = $a + "TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}"
$a = $a + "TH{border-width: 1px;padding: 5px;border-style: solid;border-color: black;background-color:thistle}"
$a = $a + "TD{border-width: 1px;padding: 5px;border-style: solid;border-color: black;background-color:PaleGoldenrod}"
$a = $a + "</style>"

# Email Variables
$smtp = ""
$to = "", "", "" 
$from = "Report Sender<>"
$subject = "Domain Admin Group Members"

# Run Command 
# Get Domain Admins
$Users = Get-ADGroupMember 'domain admins' | select name, samaccountname | ConvertTo-html -Head $a -Body "<H2>Domain Admin Members.</H2>"

$body = "Report Date $today ."
$body += "`n"
$body += $Users
$body += "`n"

# Send mail - If authentication is needed, you'll need to add those parameters
Send-MailMessage -SmtpServer $smtp -To $to -From $from -Subject $subject -Body $body -BodyAsHtml

Thursday, August 29, 2013

Reverse Lookup - Python Style

I won't claim to be a master of Python, but thought I'd share some quick scripts I've written from my readings and hacking together snips from what I've found online.  Hopefully this will inspire others to learn a scripting language.  The code is not perfect, and I will probably want to include some error checking at some point.


import optparse
import socket
from socket import *

def rlookup(tgtHost):
hostname = tgtHost
ip = gethostbyname(tgtHost)
print '[+] the IP Addres for ' + hostname + ' is: ' + ip

def main():
parser = optparse.OptionParser('usage %prog -H' +\
'<target host>')
parser.add_option('-H', dest='tgtHost', type='string', \
help='specify target host')
(options, args) = parser.parse_args()
tgtHost = options.tgtHost

if __name__ == '__main__':

Sunday, August 25, 2013

Post Defcon

As usual, Defcon was quite inspirational.  I have decided to dig deeper into Python so that I can better understand many of the great pentesting tools out there.  I also picked up a great book - Violent Python. I wrote this simple script after just reading the first 20 or so pages:

# Import Modules
import hashlib
# Gather value to hash
v = raw_input("Enter your value: ")
print "Which hash algorithm do you want to use?"
# Select has algorithm
a = raw_input("md5, sha1, sha224, sha256, sha384, sha512: ")
# Generate hash
h =
# Present has to user
o = h.hexdigest()
print "Your hash value using the " + a + "value is: " + o

More to come!