Post

Basic Networking with python

Posted Updated
By Azer Sioud 3 min read

Hacking with python

After getting into a target’s machine/server/device you may find yourself in a bit of a conundrum You will have no tools to execute attacks (compiler, netcat, wireshark) and no permissions to install these tools But you’ll be suriprised how many times you’ll have python installed. and that’s where you can do some nasty stuff.

Python, often seen as a non-threatening tool, so it has the power (aka the permissions) to be used for perform initial reconnaissance and basic penetration testing tasks.

Note: A lot of concepts and variables present in this article are already explained in a previous article Socket Programming in C for exmaple what is AF_INET or the difference between SOCK_STREAM and SOCK_DGRAM. So make sure to check that out, even if you’re not interested in C, these variables remain the same.

Creating a TCP Client

Sometimes inside a network you need a TCP Client to test for a service and you have no tools for that You can easily make your own TCP client in python and get the job done.

1
2
3
4
5
6
7
8
9
10
11
12

import socket

TARGET_IP = "www.target.com"  # Target domain or IP
TARGET_PORT = 80  # Common HTTP port

client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  # Create a socket object
client.connect((TARGET_IP, targetPort))  # Connect to the server
client.send(b"GET / HTTP/1.1\r\nHost: google.com\r\n\r\n")  # Send a simple HTTP request
response = client.recv(4096)  # Receive the response, 4096 is the number of bytes to read

print(response.decode())  # Print the decoded response
client.close()  # Close the connection

What can you do with this simple tiny script?

  • This script can quickly test if a TCP connection can be established with the target on a specific port. This is a fundamental step in network penetration testing.
  • By changing the targetPort, you can check different services (like HTTP, FTP, SSH) running on the target.
  • Unlike standard tools, python allows you to craft custom TCP requests. This can be particularly useful in testing how a server responds to non-standard or malicious requests.
  • This script can be the starting point for more complex scripts. It can be extended to automate various tasks like banner grabbing, vulnerability scanning, or even exploitation.

Creating a UDP Client

A UDP Client is not much different

1
2
3
4
5
6
7
8
9
10
11

import socket 

TARGET_IP = "127.0.0.1"  # Localhost - replace with target IP or hostname
TARGET_PORT = 9997  # Target port

client = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)  # Create a UDP socket
client.sendto(b"ASDFASDF", (TARGET_IP, TARGET_PORT))  # Send data to target
data, addr = client.recvfrom(4096)  # Receive response

print(data.decode())  # Print the decoded response
client.close()  # Close the socket

Here we change the socket type from stream to dgram and use the sendto function because we’re sending data instead of a request

UDP is a connectionless protocol so there’s no need to connect() beforehand.

Creating a Multithreaded TCP Server

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

import socket
import threading

IP = "0.0.0.0"  # Listen on all available IPs
PORT = 9998  # Port to listen on

def main():
    server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  # TCP Socket
    server.bind((IP, PORT))  # Bind to IP and port
    server.listen(5)  # Start listening with a maximum of 5 queued connections
    print(f"[*] Listening on {IP}:{PORT}")

    while True:
        client, addr = server.accept()  # Accept a connection
        print(f"[*] Accepted connection from {addr[0]}:{addr[1]}")
        client_handler = threading.Thread(target=handle_client, args=(client,))  # Handle client in a new thread
        client_handler.start()

def handle_client(client_socket):
    with client_socket as sock:
        request = sock.recv(1024)  # Receive data from the client
        print(f'[*] Received: {request.decode("utf-8")}')
        sock.send(b'ACK')  # Send acknowledgment

if __name__ == '__main__':
    main()
  • The server captures incoming requests, which can be analyzed for content, headers, and other data. This is particularly useful in scenarios like testing web application attacks (e.g., SQL injection, buffer overflow).

Now if you combine the client and the server: You can send some test packets to the server. You’ll get the following output

1
2
3

[*] Listening on 0.0.0.0:9998 
[*] Accepted connection from: 127.0.0.1:62512 
[*] Received: ASDFASDF

And that’s it, Pretty Simple, But also very useful. Next articles will depend on these basic programs. Related Articles: Socket Programming in C
Netcat in python
Ping in C
TCP Proxy in python
Packet Sniffer in python

Networking, Socket Programmingh, python
python networking socket programming security multithreading
This post is licensed under CC BY 4.0 by the author.