Finished chapter 2

Yesterday, I finished did a few things in Python that were pretty fun. The first was writing some string and regex parsing scripts for my database class. My instructor wanted us to write 150+ lines of INSERT INTO.. statements trying to introduce us to SQL, but I've written plenty of SQL in the past and really don't need the practice writing INSERT statements. So I picked up the text and saw some basic patterns that were pretty easy to go through. All but one of the text format tables had fields as headers and values separated by ' '. Easy enough. String manipulation always makes me think a bit about how to go about it, so I'm pretty happy this went so smoothly.string[:-2] was a crowning moment too since it let me easily strip crap out. It feels lame talking about something so simple, but it made me happy.

I wrote up a socket based file transfer client and server yesterday because I didn't know how it was done. My idea was to connect, open the file, send it from the server to the client, client writes it to a file. Pretty simple. I'm not on my laptop right now and the code isn't sync'd between devices so I can't share it right now, but I plan on getting to it.

The third point is what I'm excited about. I came home for lunch and had a bit of extra time so I decided to look for a video on python networking. I found gold with Python Network Sniffer. This goes through the implementation of raw sockets on python's socket module and talks about how to deconstruct an IP header aided by the information at www.networksorcery.com.

The basic organization of an IP header is as follows (and borrowed from the above website):

00	01	02	03	04	05	06	07	08	09	10	11	12	13	14	15	16	17	18	19	20	21	22	23	24	25	26	27	28	29	30	31
Version				IHL				Differentiated Services								Total length
Identification																Flags			Fragment offset
TTL								Protocol								Header checksum
Source IP address
Destination IP address
Options and padding :::

What this taught me is bitwise operations and how they actually work with what I had learned about headers. The first line of this diagram is 32 bits: 4 bytes. When I receive an IP packet, I'm going to grab the first 20 bytes to cover the version to the dest IP. The first byte is VVVVIIII, so the first four bits from left to right are the version and the last four are the header length, but binary numbers start counting from right to left. This code shows how it is shifted four bits to the right then the header length is added.

version = 4 #IPv4
IHL = 5 #5 * 32-bit words = size of IP header
ver_IHL = (version << 4) + IHL

I'm excited about this. With some practice, I will be constructing my own packets and segments. In my information assurance and computer security class, we've been discussing, in an abridged format, network attacks and have mentioned TCP SYN flooding and ARP poisoning. This weekend, I want to write my own simple scripts to initiate these as proof of concept on my own network.

Onto today. I finished chapter 2 of Violent Python and started chapter 3 - Forensic Investigations. At the end of the pen testing stuff in chapter 2, I was way out of my league and need to revisit the chapter when I understand more about shell/assembly and have done some reading up on stack overflows. I understood ftp and ssh just fine, but when it came to what metasploit was actually doing, I was LOST. Like I said in my last post, I'm learning python right now and some concepts of how I can relate it to network security and pen testing. Python being the focus. I'll get back to the other stuff when I have time. Till next time (or later when I post my filetransfer stuff)