I’m a java developer.Let’s agree on that, i was always a java developer, since i started out in Telmap, true i’ve made some projects in C/C++, even private one in assembler thanks to Perter Norton’s Assembly language for the PC, but it was always java, i envied C# for the new abilities like properties and Generics (until generics came to java) and for the visual Editor (until i learned that absolute layout is shit…). But in java i put my trust and there i stayed. Until i met python.
Scripting languages were always a weakness for me
god of the unix said why compile when you can simple run ? i liked having the great cygwin on my win7, i liked the linux\mc\FreeBSD shell, i really liked the use of grep and sed, someimtes AWK as well for the little tasks u need here and there (in the opportunity i would like to thank tr, cat, cut , bash , uniq and the like which i used so many times. let’s not forget ant which is not shell like but it is script like and did a lot for me.
When I started looking on buffer overflows and shellcodes as well as quick socket opening (u can use nc/netcat these days for that though) i wanted a scripting lang that can do it pretty easy for me to write’em and to use something that is main stream and easy to use. i tried Perl, ahhh perl, perl ,i could never get the grip of that lang, i had little experience with RE at that time and perl didn’t make it easy! also the non readable nature of the language didn’t help as well to get to like it. So eventually i decided to dive into python and try to see what it stores.
So here are some stories about python and my experience with it.
First of all python is available for all 3 major OS’s: Linux, mac and win. Also for freeBSD. for windows the support is a little painful if you want to install special modules like numPY since you need someone to compile it for you, if not you need to download dead old VS compiler to compile the modules…
Either than that it’s quite nice and comfortable, the IDLE that comes with python doesn’t work so well on my iMac at work, if i keep the window for 1-2 minutes in the background i can never put it in the foreground again! eclipse got a very nice plugin to work with, don’t use it as much since it’s meant for projects and not such a small pieces of code like i use it.
python feats right in with shell codes, you can run it as a shell script like so:
1 2 3 | #!/usr/local/bin/python script |
don’t forget to change permissions to 0755 so it’s executable…
On windows you can just double click it.
You can easily list files, read files, read binary or text, run regular expressions on the files, open sockets, open urls etc..
Regarding URL’s i must admit that the Apache (java) http library is better than the python one, most examples for the python urllib and urllib2 are pretty simple, no redirect handler examples no error handles example.
It’s really easy in python to install new libraries, it has a central repo and easysetup command usually cut it.To install it since it doesn’t come ‘out of the box’ usually you can reffer to: setup tools(EasySetup) installation instructions.
python have several well known libraries including ‘twisted’, numPy, Request’ HTTP Library, ‘matplot’, ‘mechanize’ (scrapping library).
Some of the links are scientific libs for matices and math calculations and are implemented in C for python and some are just network and scrapping libraries, these are the one i know, by no means they are the only existing libs!
The variables in python much like java script and other scripting lange are loose, no type declaration, what ou put inside defines it’s type. Also indentation is a must and makes the language much more readable since you have to Indent your code or it wont compile. the ‘import’ keyword keeps namespaces separate (prevents bugs that exist for example in javascript that do not use commonJS), tuple and array plus the easy conversion from bytes to string (usually utf-8) and back makes it very easy for shellcodes, binary payload etc…
The ctypes library which i first encounter in Gray Hat Python book, showed me the power of integration between python and the native OS you work on, BTW ctypes is not only good for integration it’s also very useful for binary file parsing, by defining your own structure you can later on read from a file like so:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | #import all ctypes types into the current name space ,convenient. from ctypes import *; class ExampleStruct(Structure): _fields_=[('firstField',c_int),('secondField', c_ubyte), ('arrayField', c_char*9)]; def readFromFile(self, file): with open(file, 'rb') as f: f.readinto(self); f.close(); def writeToFile(self, file): with open(file, 'wb') as f: f.write(self); f.flush(); f.close(); |
This is very short and very nice
it’s not a very nice way to save python types to the disk but it’s anice way to read binary files (dex ? java ?) and transform them into a data structure.
Another options is structure.pack and unpack but i found it more tedious and not so good for arrays since every char in the unpack string is just one type so ‘BBBB’ (array of 4 unsigned chars or bytes) is just tuple of four distinct variables and not an array of 4 bytes, if you really want consistent data (pointer to a buffer of 4 bytes) then this is NOT what you want.
In the next few articles i’ll try to give some more highlights of the lang, all sorts of while i discover them myself, the project i’m now taking on me is building the DexToXML that is described (using java though) in the great book Decompling Android