Understanding Network Hacks : Attack and Defense with Python 3

This book explains how to see one's own network through the eyes of an attacker, to understand their techniques and effectively protect against them. Through Python code samples the reader learns to code tools on subjects such as password sniffing, ARP poisoning, DNS spoofing, SQL injection, Google harvesting, Bluetooth and Wifi hacking. Furthermore the reader will be introduced to defense methods such as intrusion detection and prevention systems and log file analysis by diving into code. Introduction Foreword Contents 1 Installation 1.1 The Right Operating System 1.2 The Right Python Version 1.3 Development Environment 1.4 Python Modules 1.5 Pip 1.6 Virtualenv 2 Network 4 Newbies 2.1 Components 2.2 Topologies 2.3 ISO/OSI Layer Model 2.4 Ethernet 2.5 VLAN 2.6 ARP 2.7 IP 2.8 ICMP 2.9 TCP 2.10 UDP 2.11 An Example Network 2.12 Architecture 2.13 Gateway 2.14 Router 2.15 Bridge 2.16 Proxies 2.17 Virtual Private Networks 2.18 Firewalls 2.19 Man-in-the-middle-Attacks 3 Python Basics 3.1 Every Start is Simple 3.2 The Python Philosophy 3.3 Data Types 3.4 Data Structures 3.5 Functions 3.6 Control Structures 3.7 Modules 3.8 Exceptions 3.9 Regular Expressions 3.10 Sockets 4 Layer 2 attacks 4.1 Required modules 4.2 ARP-Cache-Poisoning 4.3 ARP-Watcher 4.4 MAC-Flooder 4.5 VLAN hopping 4.6 Let's play switch 4.7 ARP spoofing over VLAN hopping 4.8 DTP abusing 4.9 Tools 4.9.1 NetCommander 4.9.2 Hacker's Hideaway ARP Attack Tool 4.9.3 Loki 5 TCP / IP Tricks 5.1 Required Modules 5.2 A Simple Sniffer 5.3 Reading and Writing PCAP Dump Files 5.4 Password Sniffer 5.5 Sniffer Detection 5.6 IP-Spoofing 5.7 SYN-Flooder 5.8 Port-scanning 5.9 Port-scan Detection 5.10 ICMP-Redirection 5.11 RST Daemon 5.12 Automatic Hijack Daemon 5.13 Tools 5.13.1 Scapy 6 WHOIS DNS? 6.1 Protocol Overview 6.2 Required Modules 6.3 Questions About Questions 6.4 WHOIS 6.5 DNS Dictionary Mapper 6.6 Reverse DNS Scanner 6.7 DNS-Spoofing 6.8 Tools 6.8.1 Chaosmap 7 HTTP Hacks 7.1 Protocol Overview 7.2 Web Services 7.3 Required Modules 7.4 HTTP Header Dumper 7.5 Referer Spoofing 7.6 The Manipulation of Cookies 7.7 HTTP-Auth Sniffing 7.8 Webserver Scanning 7.9 SQL Injection 7.10 Command Injection 7.11 Cross-Site-Scripting 7.12 HTTPS 7.13 SSL / TLS Sniffing 7.14 Drive-by-Download 7.15 Proxy Scanner 7.16 Proxy Port Scanner 7.17 Tools 7.17.1 SSL Strip 7.17.2 Cookie Monster 7.17.3 Sqlmap 7.17.4 W3AF 8 Wifi Fun 8.1 Protocol Overview 8.2 Required Modules 8.3 Wifi Scanner 8.4 Wifi Sniffer 8.5 Probe-Request Sniffer 8.6 Hidden SSID 8.7 MAC-Address-Filter 8.8 WEP 8.9 WPA 8.10 WPA2 8.11 Wifi-Packet-Injection 8.12 Playing Wifi Client 8.13 Deauth 8.14 PMKID 8.15 WPS 8.16 Wifi Man-in-the-Middle 8.17 Wireless Intrusion Detection 8.18 Tools 8.18.1 KRACK Attack 8.18.2 KrØØk attack 8.18.3 WiFuzz 8.18.4 Pyrit 8.18.5 Wifiphisher 9 Feeling Bluetooth on the Tooth 9.1 Protocol Overview 9.2 BLE – Bluetooth Low Energy 9.3 Required Modules 9.4 Bluetooth-Scanner 9.5 BLE-Scanner 9.6 GAP 9.7 GATT 9.8 SDP-Browser 9.9 RFCOMM-Channel-Scanner 9.10 OBEX 9.11 BIAS 9.12 KNOB Attack 9.13 BlueBorne 9.14 Blue Snarf Exploit 9.15 Blue Bug Exploit 9.16 Bluetooth-Spoofing 9.17 Sniffing 9.18 Tools 9.18.1 BlueMaho 9.18.2 BtleJack 10 Bargain box Kung Fu 10.1 Required Modules 10.2 Spoofing e-mail Sender 10.3 DHCP Hijack 10.4 IP Brute Forcer 10.5 Google-Hacks-Scanner 10.6 SMB-Share-Scanner 10.7 Login Watcher A Scapy reference A.1 Protocols A.2 Functions Secondary links Index This book explains how to see one's own network through the eyes of an attacker, to understand their techniques and effectively protect against them. Through Python code samples the reader learns to code tools on subjects such as password sniffing, ARP poisoning, DNS spoofing, SQL injection, Google harvesting, Bluetooth and Wifi hacking. Furthermore the reader will be introduced to defense methods such as intrusion detection and prevention systems and log file analysis by diving into code. This book addresses interested Python programmers who want to learn about network coding and to administrators, who want to actively check the security of their systems and networks. The content should also be useful for white, gray and black hat hackers, who prefer Python for coding. You neither need deep knowledge on how computer networks are build up nor in programming