January 15, 2014  

This Python is Violent

I have made it no secret that I am the farthest thing from a programmer.  I don’t enjoy it.  I’m not that good at it.  And it is just flat out not something I think I am particularly wired to do.  But as I continue to ramp up in Information Security is more than obvious that it is a skill I need to pick up and be proficient at.  So as the great Iron Mike Tyson says “do what you hate to do but do it like you love it.”

One of the barriers to entry for my foray into coding was taking the first step of….well what am I to program?  To capture and maintain my interest I need to work towards something that has a tangible use for me or is just friggin’ cool.  Printing Hello World just doesn’t do much for me.

I have decided to make Python my language of choice and immerse myself in it.  To facilitate the journey I have picked up the books Violent Python by TJ O’Connor along with Gray Hat Python: Python Programming for Hackers and Reverse Engineers by Justin Seitz.  I will regularly go through the exercises outlined in the book and attempt as best I can to provide additional insights and wrinkles that may not be highlighted in the texts.   There isn’t much out there that’s cooler than just hacking stuff.

Ultimately my goal is to just get to a point where experienced programmers who may have accidentally wound up here don’t think I’m a complete idiot.  I realize these are lofty goals.

I begin with Violent Python because this text is a touch more beginner oriented than Gray Hat is.  The first chapter does a good job of explaining different variable types.  I was exposed to the Dictionary data structure which was brand new to me.  TJ gave a great example of use as defining various services (ftp, http, smtp, etc) in a dictionary.  Therefore throughout the program you can refer to the service name which is already mapped to the corresponding port number.

The first thing in the examples that gave me pause as a newbie was the following excerpt:

import socket
def retBanner(ip, port):
try:
socket.setdefaulttimeout(2)
s = socket.socket()
s.connect((ip, port))
banner = s.recv(1024)
return banner
except:
return

def main():
ip1 = ‘192.168.95.148’
ip2 = ‘192.168.95.149’
port = 21
banner1 = retBanner(ip1, port)

if banner1:
print ‘[+] ‘ + ip1 + ‘: ‘ + banner1

banner2 = retBanner(ip2, port)

if banner2:
print ‘[+] ‘ + ip2 + ‘: ‘ + banner2

if __name__ == ‘__main__’:
main()

This is a pretty straight forward program I think.  The main program passes into the module retBanner an IP address and a port.  retBanner then tries to connect to that provided IP address and port and capture up to 1024 characters.  If the connection attempt fails it just returns back to main.  The thing that I didn’t quite understand from the beginning is:

if __name__ == ‘__main__’:
main()

Huh?  I don’t see __name__ defined anywhere.  What is it doing?  I also don’t see __main__ defined anywhere.  Luckily, thanks to my Google-Fu I was quickly able to find an answer via stackoverflow.  Prior to executing a program, python interpreter browses the code and assigns special variables.  Among them is the __name__ variable.  If the Python interpreter is running the above sample of code as the main program it will assign __name__ the value of __main__.  If the code is being called from another module then __name__ will be assigned the name of that module.  So the if __name__ check assures that the main function is only ran if it is not being imported from another module.

The __name__ variable allows for modular programming.  The coder is able to execute and test samples of code instead of the entire project.

I think that was a nice, simple, and painless intro.   The next half of the chapter is meant to teach how to write some password crackers that took a couple of leaps that lost me initially.  In the next day or so I will overview that portion and try to bridge the gaps.