Python 3 "Violent Python" Source Code
Source code for the book "Violent Python" by TJ O'Connor. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate issues involving the implementation of deprecated libraries.
A conversion similar to this one has been made available by myself on the source code of the book "Black Hat Python", by Justin Seitz. Check it out here if you haven't done it yet.
Simply make a new directory (DIR) for the project, create a new
virtual environment or
venv for it (recommended),
clone this repository using
git clone and install the
[email protected]:~/DIR$ git clone https://github.com/EONRaider/violent-python3 [email protected]:~/DIR$ python3 -m venv venv [email protected]:~/DIR$ source venv/bin/activate (venv) [email protected]:~/DIR$ pip install -r requirements.txt
- The directories and files have been named in a way that they can be easily related to the content that is presented at each chapter.
- The frequent use of string concatenation by the author has been replaced by string interpolation in order to allow greater readability and conform to a more modern standard.
- Names of files, variables, functions, classes and methods now conform to PEP 8 naming standards.
- The now deprecated
optparselibrary has been replaced for
argparsethroughout the entire source code. All argument parsing is now contained under the
__main__execution scope for each file. All CLI arguments that were mandatory for the execution of scripts but were treated as optional in the original code are now implemented as positional. A usage prompt is now available for all scripts that use
argparseby supplying a -h argument to the CLI. Leaving the responsibilities of both boundary and controller object to the CLI parser is definitely not the best choice in terms of software architecture, but was left as-is due to the necessity of conformity to the original coder's intent.
- All occurrences of
PEP 8: E722 do not use bare exceptviolations have been refactored with more specific exception clauses.
- The author has a habit of opening files/databases and leaving
them in this state instead of calling the
close()method on the open file/database objects. For this reason all instances of file and database manipulation have been refactored by using context managers.
- Though completely inadequate from the perspective of best-practices, the use of global variables was left untouched in preference to producing heavy deviations from the original code's logic.
- The code included in Chapter 5 of the book has been refactored even though in practical terms it can be, at best, historical. Much of its functionality depends not only on very specific cases outlined as examples by the author but also exploit vulnerabilities that ceased to be realistic in the last few years (such as sniffing traffic from 802.11 wireless networks that still rely on the WEP security algorithm for traffic encryption or, worst, that maintain no security at all) or the absurd expectation of acquisition of a specific UAV model by the reader if he intends to see the code at work. To avoid stating straight away that the effort invested in reading this chapter is nearly pointless, I might add that some utility can be extracted from the code related to the sniffing of probing and beacon requests, though.
- The code on Chapter 6 that makes reference to Google and Twitter proved too outdated in the way they handle current APIs to be worth the trouble of refactoring. If you're interested in dealing with them, perform the refactoring and issue a pull request to this repository.
Files not listed below can be assumed to have been refactored in one way or another as established in the "Notes" section.
chapter01/vuln_scanner.pywas structured in such a way that a non-existent file would lead to a
OSErrorexception at runtime. For that reason the iteration control that calls
check_vulns()was moved into the conditional statement defined in the main function.
chapter02/nmap_scan.pyimplemented a main function solely for the purpose of calling the deprecated
optparselibrary, which has been replaced by
argparse. Because of that the main function was removed. An iteration control structure that was part of the
optparsecall in the original code was implemented in such a way that a new call to nmap was executed for each port scanned. The iteration was moved into the
nmap_scanfunction to prevent wasting cycles.
chapter02/ssh_command.pyhad its initialization code moved into the
__main__execution scope. The names of variables used in the outer scope that used to conflict with the names of parameters of functions were changed. The returning prompt information was originally encoded and now has been decoded in order to afford better readability.
pxsshas a standalone library, but in fact it is a library under the
pexpectlibrary. The bug led to a
ModuleNotFoundErrorand has been corrected. The code itself as presented in the book was littered with indentation errors that made it unusable and has been brought to a functioning state.
chapter02/ssh_brutekey.pyrequired a number of pre-generated keys to work; furthermore the book points the reader to acquire such keys in a URL that currently returns a 403 response. Because of that a compressed archive containing the keys has been added to the
chapter02/ssh_botnet.pyhad an unused import statement to
optparsethat was removed. It looks like it was a fragment from an aborted attempt to implement a CLI to this script. Surprisingly it was just left hanging there, even in the printed version of the book. The code that initializes the botnet and issues its commands was organized under the
__main__execution scope for the sake of standardization. The two commands issued to the bots have been unified to avoid an unnecessary number of return statements.
chapter02/conficker.pyremoved unused call to
chapter03/discover_networks.pyhad to be reimplemented instead of just refactored. It originally not only used the deprecated
mechanizelibrary but also interacted with the WiGLE service in a way that is no longer necessary, once WiGLE now provides an API. For that reason the code has been standardized and a new
wigle_printfunction was implemented by using the
requestslibrary to send an authenticated HTTP GET request to WiGLE. The response returns a JSON object that can be directly accessed, making the use of the
relibrary also unnecessary. Exception handling was added to make the script capable of dealing with error response messages sent by the API. Notice that this script depends on
winreg, which only runs on Python installations under the Microsoft Windows OS, and requires Administrator privileges during execution for access to the Registry keys. An account has to be registered on https://wigle.net/account for access to the API.
chapter03/pdf_read.pynow uses the
PyPDF4library instead of the deprecated
PyPDF. The book refers to a specific PDF file in the text and it has been added to the
features="html.parser"argument on the call to the
BeautifulSoupobject constructor. It was added on line 15 . This script only works on web applications that wrap images between
main.dbfile as an example. It has been added to the
chapter03/skype_profilesubdirectory for convenience.
.sqlitefiles as examples. They have been added to the
chapter03/firefox_profilesubdirectory for convenience.
chapter03/iphone_messages.pyreferences iPhone backup files that were not made available by the author. Because of this the code has been refactored but remains untested.
chapter04/geo_ip.pyused the deprecated
pygeoiplibrary. As suggested by its creator,
geoip2should now be used. An attempt was made to keep the newly implemented code as similar as possible to the original implementation on the book, but some changes had to be made to accommodate the new package structure of
geoip2and its attributes. The database file necessary to run the script was downloaded from MaxMind and made available in the
chapter04directory. A CLI was also implemented using
UnicodeDecodeErrorexception when opening the file in the original implementation. It has been fixed by adding a rb argument to the context manager handling the file.
chapter04/find_ddos.pyprinted the source address of the Hivemind attack as its destination, making the output useless. The correct dst variable is now displayed on stdout. The book references a file called
traffic.pcapthat was not made available by the author, so the code has been refactored but remains untested.
chapter04/test_domain_flux.pyreturns that zero unanswered requests were made when analyzing the pcap file provided by the author. For some reason the packets themselves don't have the DNS Resource Record field value set, so the condition in the dns_QR_test function always evaluates as false. That being the case, the condition evaluating the DNSRR field has been removed from the conditional statement and all UDP packets that have port 53 as their source are now analysed. It does result in less efficient code but at least it outputs the results as intended in the book.
PyBluezlibrary, which in turn requests the
BlueZlibrary and header files as stated in its installation instructions. These dependencies must be installed prior to installing
PyBluezas a requirement. In Linux this can be performed by issuing the command
apt install bluetooth libbluetooth-dev. The original code references a non-existent
client_sockobject that has been replaced by
chapter05/ftp_sniff.pyhad a logic flaw that made it present a sniffed username but no password due to poor implementation of a
if... elsestatement. It has been corrected by replacing the conditional statement with a nested
obexftplibrary to work. This library was written for Python 2 and has not been ported or replaced by an equivalent one to the present date, so the code remains as written by the author in its Python 2 version.
chapter06/__init__.pywere added to enable the importing of modules from
chapter06/anon_proxy.pywas re-implemented with the
MechanicalSoupPython 3 library. It integrates the modifications that were necessary to
chapter06/anon_browser.pywas also re-implemented with
MechanicalSoupand went through some modifications in the code. The
cookieliblibrary was replaced by
http.cookiejarin the constructor method for the AnonBrowser class and the parameter user_agents now accepts a list of strings instead of a tuple.
chapter06/link_parser.pywas refactored by using new ways to handle the implementations of
As a matter of common sense, first try to discuss the change you wish to make to this repository via an issue.
- Ensure the modifications you wish to introduce actually lead to a pull request. The change of one line or two should be requested through an issue instead.
- If necessary, update the README.md file with details relative to changes to the project structure.
- Make sure the commit messages that include the modifications follow a standard. If you don't know how to proceed, here is a great reference on how to do it.
- Your request will be reviewed as soon as possible (usually within 48 hours).