lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: nd at felinemenace.org (ned)
Subject: hooking python send()

hello,
attached is a patch to timeoutsocket.py which records all the data that is 
parsed to a socket to be sent. timeoutsocket.py already does this but only 
to make sure that the send or recv or connect doesn't time out. download 
and patch timeoutsocket.py from here:

http://www.timo-tasi.org/python/timeoutsocket.py

anyway...why would i want to see what is been sent? it's perfect for 
capturing packet data that is sent via a binary protocol, like DCERPC or  
NetBIOS or SMB and it's perfect for building payload-only exploits which 
can be distributed without worrying about copyrights. yes, although im am 
still unsure about some of the licenses, it is fine to distribute exploits 
that dont contain routines that are copyrighted. after all its the 
physical (code) thats proprietory and not the impulses it creates!

have a good one,
- nd

---- 
http://felinemenace.org/~nd/HOONCGI.html
-------------- next part --------------
-bash-2.05b$ diff -u timeoutsocket.py timeouthacked.py
--- timeoutsocket.py    2003-06-26 01:18:34.000000000 -0700
+++ timeouthacked.py    2003-09-18 23:18:25.000000000 -0700
@@ -166,6 +166,7 @@
     def __init__(self, sock, timeout):
         self._sock     = sock
         self._timeout  = timeout
+        self.count     = 0
     # end __init__

     def __getattr__(self, key):
@@ -229,6 +230,7 @@
         # ONLY if dumbhack indicates this is pass number one.
         #   If select raises an error, we pass it on.
         #   Is this the right behavior?
+        self.count = 0
         if not dumbhack:
             r,w,e = select.select([], [sock], [], timeout)
             if w:
@@ -289,6 +291,7 @@
                 #no raising for me!
                 return 0
                 raise Timeout("Send timed out")
+            self.dump(data)
         return sock.send(data, flags)
     # end send

@@ -314,6 +317,25 @@
         else:
             self._copies = self._copies -1
     # end close
+
+    def dump(self,data):
+        t = ""
+        single = 0
+        self.count += 1
+        for x in data:
+            t += "0x%2.2x " % ord(x)
+            if single == 8:
+                t += "\n"
+                single = 0
+            else:
+                single += 1
+        f = "\n[HEXDUMP] ----------------------------------- [%d]\n" % (self.count)
+        q = "\n[ASCII] ------------------------------------ [%d]\n" % (self.count)
+        t = f + t + q + data
+        handle = open("data.txt","a")
+        handle.write(t)
+        handle.close()
+

 # end TimeoutSocket

@@ -426,3 +448,4 @@
 del socket
 socket = timeoutsocket
 # Finis
+

Powered by blists - more mailing lists