1 / 21

Introduction to Information Security

Introduction to Information Security. Python. Python motivation. Python is to a Hacker what Matlab is to an engineer Lots of built-in modules Lots of 3 rd party modules IDA-Python! Very popular language, very well supported Has implementation in every OS. Human readible Its free.

ernst
Download Presentation

Introduction to Information Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to Information Security Python

  2. Python motivation • Python is to a Hacker what Matlab is to an engineer • Lots of built-in modules • Lots of 3rd party modules • IDA-Python! • Very popular language, very well supported • Has implementation in every OS. • Human readible • Its free

  3. Python Diff • In this quick overview of python: • We will note the major differences between python and other familiar languages. • And talk of some useful tools

  4. White spaces if you can read this: it must be python! • Python hierarchy is defined by whitespaces • Indentation has to be the same (3 spaces != 1 tab) for every nest within the chain.

  5. Hello, World Example #1: #!/usr/bin/python print “Hello, World!” Example #2: #!/usr/bin/python def main(): print “Hello, World!” if __name__ == ‘__main__’: main()

  6. Datatype behavior Datatypes behave differently in python: A = 5 A = 6 Now A is a different variable! Therefore if use: A = A + 5 Now A is a new variable containing the result!

  7. Basic functions • Using the interpreter allows us to view two basic things: dir(object) – shows us the structure of the object help(object) – shows help created by the developer of the object

  8. Strings • Many builtin string machnisms. • A = “” • len(“123”) == 3 • A[0] = “a” – not possible, strings are immutable. • A.find(“asd”) returns the location of asd in A • A.split()/A.join() , eg.: “\n”.join(data.split(“\n”)[0:-1]) • A.lower() • replace() – returns a new string with data • Uses regular indexing.

  9. Lists and Tuples • A = (1, 2, 3) • A is of fixed length and is immutable. • A = [ 1, 2, 3] • A is mutable, and the length can be changed by using append: • A.append(4) • print A results in: • [1, 2, 3, 4] • A is not a new variable.

  10. Spans • Spans makes things very comfortable: A = “asd” A[0:] == “asd” A[1:] == “sd” A[0:-1] == “as” A[0:1] == “a” A[0:-2] == “a” A[:2] == “as” A[1:2] == “s” • Works on tuples, and lists!!

  11. dict()s >>> b = dict() >>> b["hello"] = "world" >>> b {'hello': 'world'} >>> b.keys() [‘hello’] • [Demo dicts]

  12. Mutable vs Immutable • Mutable A = [1,2,3,4] B = A A.append(5) print B [1,2,3,4,5] • Immutable A = “foo” B = A A = A + “bar” print B “foo”

  13. Format conversion • print “%d %s 0x%08X” % (0xdeadbeef, “ == “ 0xdeadbeef) • 5 / 3 == 1 • 5 / 3.0 == 1.666666… • int(5/3.0) == 1 • str(1) == “1” • ord(“0”) == 0x30 • chr(0x30) == “c”

  14. File operations • Reading from a file: f = file(“c:\\filename”) # file(“/tmp/filename”) for linux buf = f.read() # buf now contains entire file. lines = buf.split(“\r\n”) # lines contains a list with all lines excluding the “\r\n” f.close() • Writing to a file: file(“filename”, “wb”).write(data) # using returning # object to write the data # if reference is lost file is automatically closed.

  15. Functions • Functions can return arbitrary objects such as: • strings • Tuples! (very common) • int • Etc. global_var = 6 deffuncname(arg1, arg2): local_var = 5 return (var1, var2) • Updating global variables needs special handling: globvar = 0 defset_globvar_to_one(): global globvar # Needed to modify globvar globvar= 1

  16. if,else if 1: print “always here” else: print “never here” • switch case alternative: if key = “x”: exit() elif key = “z”: suspend() else: print “default”

  17. for, while • for (i=1; i < 10; i++) alternative: for i in range(1,10): # help(range) for more options print A[i] while 1: cmd = get_next_cmd() if cmd == “stop”: break elifcmd == “dothis”: dothis() continue print “always here ?!?”

  18. import,reload • import– a way to import libraries, eg.: import sys • Access to variables is now through the namespace: • sys.argv[1] • Alternatively: • from sys import * • Now we can access in our namespace: • argv[1] # direct access. • If library was modified after import we can use reload, eg.: reload(sys)

  19. Useful functions • Complex binary operations: • import struct • struct.pack(“L”, 0xdeadbeef) – result contains DEADBEEF in little endian (EFBEADDE) (0xdeadbeef is treated as unsigned long) • (port) = struct.unpack(“>H”) - read unsigned short from a string represented as bigendian • OS operations: • import os • os.rename(old_name, new_name) • os.system(“run command”)

  20. 3rd party modules • You can install many modules by using pypi • On UNIX installing modules is very easy: • sudo pip install [modulename] • Also available easy_install • Useful imports: • scapy (packet manipulation lib works with libpcap), numpy/scipy, pylab, pylib, hashlib, socket, sqllite, gzip, zip, bz2, html, json, wave/audioop (audio operations), PIL (image processing), wave, pygame • Google: [something I need] python

  21. ipython • Extended interpreter capabilities • Acts almost like a shell • Adds history • Adds file completion by tab. • + Many more features.

More Related