nano http1.py
In nano, enter the code
shown below:
Save the file with Ctrl+X, Y, Enter.
Explanation
This code connects on TCP port 80 just like the scanner you made in a previous project, but once it connects, it sends an HTTP request like this:The HEAD method grabs only the banner, without getting any pages from the server.
HEAD / HTTP/1.1 Host: www.ccsf.edu
python http1.py
Enter a target host of www.ccsf.edu.
You should see the banner, as shown below:
Click on the host system's taskbar, at the bottom of the screen.
Press the PrntScrn key to capture the whole desktop. Open Paint and paste in the image.
Save the image as "Proj 5a from YOUR NAME".
YOU MUST SEND IN A WHOLE-DESKTOP IMAGE FOR FULL CREDIT
Now run Wireshark, and start it sniffing traffic. At the top left of the Wireshark window, in the Filter box, type http and press Enter.
Try to log in with a username of a and a password of b
In Wireshark, stop the capture.
Find the packet in Wireshark with an "Info" column of "POST /python/login1.php HTTP/1.1", as shown below:
Right-click the "POST /python/login1.php HTTP/1.1" line and click "Follow TCP Stream".
The POST request appears, as shown below. Notice the portions outlined in red--they are the essential lines in the request.
nano http2.py
In nano, enter the code
shown below:
Save the file with Ctrl+X, Y, Enter.
Explanation
This code sends an HTTP POST request like this:
POST /python/login1.php HTTP/1.1 Host: attack.samsclass.info Content-Type: Application/x-www-form-urlencoded u=a&p=b
python http2.py
Enter a Username of a
and a Password of b
You should see the message "Credentials rejected!", as shown below:
Now run the login script again, with the correct username of root and a password of password
You should see the message "Successful login!", as shown below:
Save a whole-desktop image as "Proj 5b from YOUR NAME".
YOU MUST SEND IN A WHOLE-DESKTOP IMAGE FOR FULL CREDIT
nano loop1.py
In nano, enter the code
shown below. Do NOT omit the indentation--in
Python, indentation is required to indicate
what code is inside a loop:
Save the file with Ctrl+X, Y, Enter.
Execute this command to run the script:
python loop1.py
As you can see below, the code loops through all
the listed fruits.
nano loop2.py
In nano, enter the code
shown below. Do NOT omit the indentation--in
Python, indentation is required to indicate
what code is inside a loop:
Save the file with Ctrl+X, Y, Enter.
Execute this command to run the script:
python loop2.py
As you can see, the code loops through all
the numbers to the one before the
last one, that is, one through four:
The user name is one of these:
Write a script that finds the correct credentials and logs in.
Don't forget to start by capturing a login with Wireshark, to see the correct format of the HTTP request!
When you find it, save an image showing the correct user name and PIN, and also the secret word the server sends, as shown below:
Save a whole-desktop image as "Proj 5c from YOUR NAME".
Save the whole-desktop images as "Proj 5d", "Proj 5e", "Proj 5f", and "Proj 5g".
Credits
CEO: Sarah Bellum
Staff: Pete Moss, Sandy Beach
(Stolen from A Prairie Home Companion)