Found a use for python

Alight so I guess this is kind of a stupid to post but whatever...
I've been learning Bash and Python for some time but the beginner books seem (to me) that they don't really have any use. I usually end up doing the whole "Hello World!", Loops (attempt to), Variables and whatever else. I know that these books are to start out with but I'm like, how am I gonna really use this stuff.

So I checked out a book on Amazon for pentesting and python. I saw something about sockets and it looked interesting so I started to do some research and something about DNS lookups came up. So today I wrote a script to do DNS lookups by IP address. At first it was by Domain Name but it was static in the script like google.com or yahoo.com. Then I changed it so that I can input the ip address for DNS server and I would get the name.

For Bash, I would just make a script to add a user account with a directory or make Nmap scans easier. I'm looking to do more with Bash in the future...

I wondered how someone would take the OSCP course and edit the exploits for Metasploit but now I guess I'm getting closer to understanding. I gotta learn some Ruby for the eCPPT.

I'm kinda exciting that I'm actually getting learn how this stuff can be applied to daily use. I just gotta be creative about stuff

Find more posts tagged with

Comments

varelg

Congratulations, the same curve you described actually is pretty valid when learning other programming languages. Loops and variables first and then it's on with the API's. In your case, you found socket programming interesting.
It's when you start drowning in those API's that things stop being fun.

OctalDump

Python is great for system programming in Linux/Unix, since you are dealing with text based commands and configs all the time. And writing things to manipulate text is fairly straight forward with Python. You can mix bash and python together, calling Bash commands from python and parsing the output, or inserting python into bash scripts for more custom tasks.

HTML, CSS and Javascript are all just textfiles as well. So you can use that python to generate webpages.

jamesleecoleman

Thanks for the input varelg and OctalDump.

I think that it's great to be able to realize that I can create a tool if I need to, such as a port scanner. I'll have to see about using Bash and Python together later on but I hope it'll be something easy to catch on to because that would be super awesome. I don't a reason to use this stuff at work but I think I'll have some fun learning a few things.

YFZblu

With regard to mixing Bash and Python, I would recommend using the best tool for the job. Generally speaking, avoid breaking the cross-platform nature of Python if you don't have to.

I was in the same boat - I wanted to do something other than count to 100 with my scripting. Early on, it can be difficult to identify opportunities for automation. Over time it becomes much easier and those automation pieces will make themselves obvious to you.

OP, if you're interested in taking a look, I have a few of my Python projects publicly hosted on GitHub here. A couple of my tools found their way into the SANS SIFT kit which was really cool. Keep working at it - learning to programatically solve problems will really set you free in IT.

ITSpectre

jamesleecoleman wrote: »

So I checked out a book on Amazon for pentesting and python.

Do you remember the name of the book???

p@r0tuXus

ITSpectre wrote: »

Do you remember the name of the book???

It was likely https://www.nostarch.com/blackhatpython
A great site with lots of useful books. Give it a go.

the_Grinch

I asked a buddy once, who was great with Python, how do I get great with Python? He said: write Python. Years later, picking up books and viewing video courses, finally at work I had a project that I wanted to use Python with. Everything started to click. Hit a problem, Google and Stack Overflow, problem solved. It really comes down to having a project otherwise there isn't another way to learn, in my humble opinion.

ITSpectre

p@r0tuXus wrote: »

It was likely https://www.nostarch.com/blackhatpython
A great site with lots of useful books. Give it a go.

Thank you so much!

I will bookmark this when I get home and read away

icebear

p@r0tuXus wrote: »

It was likely https://www.nostarch.com/blackhatpython
A great site with lots of useful books. Give it a go.

looks like a site I've been dreaming of! thank you for sharing

Dr. Fluxx

p@r0tuXus wrote: »

It was likely https://www.nostarch.com/blackhatpython
A great site with lots of useful books. Give it a go.

Ha!

I have that book and Violent Python.
Working on Violent Python as we speak!

Dr. Fluxx

I think its Py version 2.7 which comes standard with ubuntu.

yoba222

I've been putting in 3-10 hours per week of Python for many months now. Regarding the Python pentesting books, Black Hat Python, Grey Hat Python, Violent Python, etc. I'm afraid to crack any of them open that are not Python 3 because I don't know what I'd be getting myself into mixing 2 and 3.

wd40

I bought a 36 Hr+ python course on Udemy 2 weeks ago (it was on a 10$ sale period), planning to start learning it soon.

recently (this week) I learned that python is used by data analysts for data mining, one more reason to learn python.

https://www.udemy.com/python-the-complete-python-developer-course/

EagerDinosaur

I started learning Python because I wanted to read data from some sensors attached to a Raspberry Pi, and I recommend that as a way to start out with Python. I found the learning curve in that environment very easy compared to most languages.

JoJoCal19

yoba222 wrote: »

I've been putting in 3-10 hours per week of Python for many months now. Regarding the Python pentesting books, Black Hat Python, Grey Hat Python, Violent Python, etc. I'm afraid to crack any of them open that are not Python 3 because I don't know what I'd be getting myself into mixing 2 and 3.

Isn't 3 backwards compatible with 2? If so, shouldn't be an issue to either learn what's in those books and mix it in with 3 code, or update/rewrite the stuff to 3.

DoubleNNs

There's a few differences between Python 2 and 3. For the beginner, the differences rarely ever come up. And simply knowing that there is a difference helps a ton so that when something you think should work, doesn't, you know it might be worth Googling if it's not something supported in the version you're using.

veritas_libertas

My problem is that whenever I go to Google for help, I find out someone has already created the script I need :P Oh well, that's how it goes until you run into a use case that requires you to modify or create your own script.

aditya5670

here the web online course https://www.welookups.com/Python/default.html

ImYourOnlyDJ

varelg wrote: »

Congratulations, the same curve you described actually is pretty valid when learning other programming languages. Loops and variables first and then it's on with the API's. In your case, you found socket programming interesting.
It's when you start drowning in those API's that things stop being fun.

^This

I was stuck in the same boat for the longest time because I didn't really know where to go after learning the basics. Once you start learning APIs and libraries then it all starts to click. I too just started working with sockets recently and already have a few scripts that use them.

the_Grinch

I tell IT people all the time that you need to learn Python. It can make your job some much easier and can be learned in such a short period of time that there is no reason not to learn it. Every week I end up writing something in Python to automate a task or to develop a tools for our Detectives to use.