{"id":995,"date":"2024-03-25T02:38:13","date_gmt":"2024-03-25T02:38:13","guid":{"rendered":"https:\/\/hacking.cool\/?p=995"},"modified":"2024-03-25T02:41:10","modified_gmt":"2024-03-25T02:41:10","slug":"beyond-eyewitness-crafting-custom-python-scripts","status":"publish","type":"post","link":"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/","title":{"rendered":"Beyond EyeWitness: Crafting Custom Python Scripts"},"content":{"rendered":"
\n
\"\"<\/figure><\/div>\n\n\n

Welcome to the second part of Python for penetration testing. Today, we embark on a noble quest: to check if the digital gates (ports, for the uninitiated) of our fortresses (servers, in tech-speak) are up or inviting trouble.<\/p>\n\n\n\n

Gathering Your Tools<\/h3>\n\n\n\n

Before our adventure begins, ensure your satchel is equipped with Selenium and python-docx, potent Python spells that automate browsers and conjure Word documents from thin air. Installing these is as simple as whispering to your terminal:<\/p>\n\n\n\n

pip install selenium python-docx webdriver-manager<\/code><\/pre>\n\n\n\n
Beware, young apprentice, for you also need the socket<\/code> library, but fear not – it comes pre-packed with your Python installation, ready to reveal the open ports in your quest.<\/p>\n\n\n\n
The Plan of Attack<\/h3>\n\n\n\n
Our journey has three pivotal steps:<\/p>\n\n\n\n
    \n
  1. Scouting Ahead:<\/strong> Use the ancient socket<\/code> technique to see if the castle gates (ports 80 and 443) are open.<\/li>\n\n\n\n
  2. Capturing the Flag:<\/strong> Summon a headless steed (headless browser) with Selenium to visit the open gates and capture their essence (screenshots).<\/li>\n\n\n\n
  3. Telling the Tale:<\/strong> Employ python-docx to scribe your findings into a magical tome (Word document), detailing the exploits of your journey.<\/li>\n<\/ol>\n\n\n\n
    Casting the Spells<\/h3>\n\n\n\n
    1. Scouting Ahead with socket<\/code><\/h4>\n\n\n\n
    Our first spell determines if the ports are open, a task most crucial. The socket<\/code> library, with its mystical powers, allows us to peer into the abyss and see if the gates stand unguarded:<\/p>\n\n\n\n
    import socket\n\ndef is_port_open(host, port, timeout=10):\n    try:\n        # Whispering to the gates to see if they respond\n        with socket.create_connection((host, port), timeout=timeout):\n            return True\n    except socket.error:\n        return False  # Alas, the gates are closed\n<\/code><\/pre>\n\n\n\n
    2. Capturing the Essence with Selenium<\/h4>\n\n\n\n
    With the gates open, we summon our headless steed, Firefox, through the enchanted forests of the web:<\/p>\n\n\n\n
    from selenium import webdriver\nfrom selenium.webdriver.firefox.options import Options\nfrom webdriver_manager.firefox import GeckoDriverManager\n\noptions = Options()\noptions.headless = True  # Our steed shall remain unseen\ndriver = webdriver.Firefox(executable_path=GeckoDriverManager().install(), options=options)\n<\/code><\/pre>\n\n\n\n
    We approach each gate, capturing its essence if it stands ajar:<\/p>\n\n\n\n
    if is_port_open(host, 80):\n    # HTTP - The old, less secure gate\n    capture_screenshot('http', host)\nif is_port_open(host, 443):\n    # HTTPS - The new, fortified gate\n    capture_screenshot('https', host)\n<\/code><\/pre>\n\n\n\n
    3. Telling the Tale with python-docx<\/h4>\n\n\n\n
    Finally, we document our journey, inscribing each screenshot next to its corresponding port in a tome for the ages:<\/p>\n\n\n\n
    import docx\nfrom docx.shared import Inches\n\ndoc = docx.Document()\ntable = doc.add_table(rows=1, cols=2)\n# And so, we add our captured essences and tales to the table\n<\/code><\/pre>\n\n\n\n
    The Full Incantation<\/h3>\n\n\n\n
    Behold, the full spell woven together, ready to reveal the openness of digital fortresses and document the findings for posterity:<\/p>\n\n\n\n
    #Capture screens and place them in a word document (docx)\n#Usage example: python script.py hosts.txt web_screenshots.docx\n#Note the hosts.txt file should contain IPs or URLs without schemes (http or https)\n#Author: Atom \/ hacking.cool\n\n\nimport os\nimport socket\nimport sys\nfrom selenium import webdriver\nfrom selenium.webdriver.firefox.options import Options\nfrom webdriver_manager.firefox import GeckoDriverManager\nimport docx\nfrom docx.shared import Inches\nimport argparse\n\ndef parse_arguments():\n    parser = argparse.ArgumentParser(description='Take screenshots of webpages listed in a file and add them to a Word document.')\n    parser.add_argument('hosts_file', help='The path to the file containing hosts (one per line)')\n    parser.add_argument('output_file', help='The path where the Word document will be saved')\n    return parser.parse_args()\n\ndef print_green(text):\n    print(f\"\\033[92m{text}\\033[0m\")\n\ndef is_port_open(host, port, timeout=10):\n    try:\n        with socket.create_connection((host, port), timeout=timeout):\n            return True\n    except socket.error:\n        return False\n\ndef take_screenshots_for_host(driver, host, schemes, doc):\n    for scheme in schemes:\n        url = f\"{scheme}:\/\/{host}\"\n        try:\n            driver.get(url)\n            screenshot_path = f'temp_screenshot_{scheme}.png'\n            driver.save_screenshot(screenshot_path)\n            row_cells = doc.add_row().cells\n            row_cells[0].text = url\n            paragraph = row_cells[1].paragraphs[0]\n            run = paragraph.add_run()\n            run.add_picture(screenshot_path, width=Inches(3.5))\n            os.remove(screenshot_path)\n            print_green(f\"Successfully captured {url}\")\n        except Exception as e:\n            print(f\"Failed to capture {url}: {e}\")\n\ndef main(hosts_file, output_file):\n    doc = docx.Document()\n    table = doc.add_table(rows=1, cols=2)\n    hdr_cells = table.rows[0].cells\n    hdr_cells[0].text = 'Web Request Info'\n    hdr_cells[1].text = 'Web Screenshot'\n\n    options = Options()\n    options.headless = True\n    driver = webdriver.Firefox(executable_path=GeckoDriverManager().install(), options=options)\n    driver.set_page_load_timeout(20)\n\n    with open(hosts_file, 'r') as file:\n        for host in file:\n            host = host.strip()\n            if not host:\n                continue\n            schemes_to_try = []\n            if is_port_open(host, 443):\n                schemes_to_try.append('https')\n            if is_port_open(host, 80):\n                schemes_to_try.append('http')\n            \n            if not schemes_to_try:\n                print(f\"Both ports 80 and 443 are closed for {host}\")\n                continue\n\n            take_screenshots_for_host(driver, host, schemes_to_try, table)\n\n    driver.quit()\n    doc.save(output_file)\n\nif __name__ == \"__main__\":\n    args = parse_arguments()\n    main(args.hosts_file, args.output_file)\n<\/code><\/pre>\n\n\n\n
    In Conclusion<\/h3>\n\n\n\n
    Armed with Python, your journey through the realms of penetration testing is both noble and necessary. Remember, with great power comes great responsibility. Use these spells wisely, and may your path be clear, your findings true, and your documentation ever helpful.<\/p>\n\n\n\n
    Embarking on this scripting journey wasn’t just a whim; it was born out of necessity. EyeWitness, a tool often praised in our realm for its keen ability to observe and report, somehow didn’t align with what I envisioned, especially in how the results were presented. My quest was not only to tailor the reconnaissance to my specific needs but also to capture the essence of these digital expeditions in a format that resonates with the old-school charm and structure – a Word document. This concoction of code isn’t just a workaround; it’s a testament to the power of creating bespoke tools when off-the-shelf solutions fall short.<\/p>\n\n\n\n
    And thus concludes our tale. <\/p>\n","protected":false},"excerpt":{"rendered":"
    Welcome to the second part of Python for penetration testing. Today, we embark on a noble quest: to check if the digital gates (ports, for the uninitiated) of our fortresses (servers, in tech-speak) are up or inviting trouble. Gathering Your Tools Before our adventure begins, ensure your satchel is equipped with Selenium and python-docx, potent…<\/span><\/p>\n
    Read More<\/a><\/p>\n","protected":false},"author":3,"featured_media":1000,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-995","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"yoast_head":"\nBeyond EyeWitness: Crafting Custom Python Scripts - hacking.cool<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Beyond EyeWitness: Crafting Custom Python Scripts - hacking.cool\" \/>\n<meta property=\"og:description\" content=\"Welcome to the second part of Python for penetration testing. Today, we embark on a noble quest: to check if the digital gates (ports, for the uninitiated) of our fortresses (servers, in tech-speak) are up or inviting trouble. Gathering Your Tools Before our adventure begins, ensure your satchel is equipped with Selenium and python-docx, potent…Read More\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/\" \/>\n<meta property=\"og:site_name\" content=\"hacking.cool\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-25T02:38:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-25T02:41:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/hacking.cool\/atomanya\/wp-content\/uploads\/2024\/03\/2d3d9bea-5cbf-4199-abf8-4bfa2911e9e6.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1792\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Atom\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Atom\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/hacking.cool\/atomanya\/#website\",\"url\":\"https:\/\/hacking.cool\/atomanya\/\",\"name\":\"hacking.cool\",\"description\":\"is the hacking school \ud83d\udc69\ud83c\udffb\u200d\ud83d\udcbb\ud83e\uddd1\ud83c\udffb\u200d\ud83d\udcbb\ud83d\uddfa\ud83d\udcda\ud83d\udcd6\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/hacking.cool\/atomanya\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/#primaryimage\",\"url\":\"https:\/\/hacking.cool\/atomanya\/wp-content\/uploads\/2024\/03\/2d3d9bea-5cbf-4199-abf8-4bfa2911e9e6.webp\",\"contentUrl\":\"https:\/\/hacking.cool\/atomanya\/wp-content\/uploads\/2024\/03\/2d3d9bea-5cbf-4199-abf8-4bfa2911e9e6.webp\",\"width\":1792,\"height\":1024},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/\",\"url\":\"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/\",\"name\":\"Beyond EyeWitness: Crafting Custom Python Scripts - hacking.cool\",\"isPartOf\":{\"@id\":\"https:\/\/hacking.cool\/atomanya\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/#primaryimage\"},\"datePublished\":\"2024-03-25T02:38:13+00:00\",\"dateModified\":\"2024-03-25T02:41:10+00:00\",\"author\":{\"@id\":\"https:\/\/hacking.cool\/atomanya\/#\/schema\/person\/804a839cfa61d89d69fb2cf1d2f0adc2\"},\"breadcrumb\":{\"@id\":\"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/hacking.cool\/atomanya\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Beyond EyeWitness: Crafting Custom Python Scripts\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/hacking.cool\/atomanya\/#\/schema\/person\/804a839cfa61d89d69fb2cf1d2f0adc2\",\"name\":\"Atom\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/hacking.cool\/atomanya\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ac4d05ec7d617e7f2dee5855900a855a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ac4d05ec7d617e7f2dee5855900a855a?s=96&d=mm&r=g\",\"caption\":\"Atom\"},\"url\":\"https:\/\/hacking.cool\/atomanya\/author\/atom\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Beyond EyeWitness: Crafting Custom Python Scripts - hacking.cool","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/","og_locale":"en_US","og_type":"article","og_title":"Beyond EyeWitness: Crafting Custom Python Scripts - hacking.cool","og_description":"Welcome to the second part of Python for penetration testing. Today, we embark on a noble quest: to check if the digital gates (ports, for the uninitiated) of our fortresses (servers, in tech-speak) are up or inviting trouble. Gathering Your Tools Before our adventure begins, ensure your satchel is equipped with Selenium and python-docx, potent…Read More","og_url":"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/","og_site_name":"hacking.cool","article_published_time":"2024-03-25T02:38:13+00:00","article_modified_time":"2024-03-25T02:41:10+00:00","og_image":[{"width":1792,"height":1024,"url":"https:\/\/hacking.cool\/atomanya\/wp-content\/uploads\/2024\/03\/2d3d9bea-5cbf-4199-abf8-4bfa2911e9e6.webp","type":"image\/webp"}],"author":"Atom","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Atom","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/hacking.cool\/atomanya\/#website","url":"https:\/\/hacking.cool\/atomanya\/","name":"hacking.cool","description":"is the hacking school \ud83d\udc69\ud83c\udffb\u200d\ud83d\udcbb\ud83e\uddd1\ud83c\udffb\u200d\ud83d\udcbb\ud83d\uddfa\ud83d\udcda\ud83d\udcd6","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hacking.cool\/atomanya\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/#primaryimage","url":"https:\/\/hacking.cool\/atomanya\/wp-content\/uploads\/2024\/03\/2d3d9bea-5cbf-4199-abf8-4bfa2911e9e6.webp","contentUrl":"https:\/\/hacking.cool\/atomanya\/wp-content\/uploads\/2024\/03\/2d3d9bea-5cbf-4199-abf8-4bfa2911e9e6.webp","width":1792,"height":1024},{"@type":"WebPage","@id":"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/","url":"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/","name":"Beyond EyeWitness: Crafting Custom Python Scripts - hacking.cool","isPartOf":{"@id":"https:\/\/hacking.cool\/atomanya\/#website"},"primaryImageOfPage":{"@id":"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/#primaryimage"},"datePublished":"2024-03-25T02:38:13+00:00","dateModified":"2024-03-25T02:41:10+00:00","author":{"@id":"https:\/\/hacking.cool\/atomanya\/#\/schema\/person\/804a839cfa61d89d69fb2cf1d2f0adc2"},"breadcrumb":{"@id":"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/hacking.cool\/atomanya\/beyond-eyewitness-crafting-custom-python-scripts\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/hacking.cool\/atomanya\/"},{"@type":"ListItem","position":2,"name":"Beyond EyeWitness: Crafting Custom Python Scripts"}]},{"@type":"Person","@id":"https:\/\/hacking.cool\/atomanya\/#\/schema\/person\/804a839cfa61d89d69fb2cf1d2f0adc2","name":"Atom","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hacking.cool\/atomanya\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ac4d05ec7d617e7f2dee5855900a855a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ac4d05ec7d617e7f2dee5855900a855a?s=96&d=mm&r=g","caption":"Atom"},"url":"https:\/\/hacking.cool\/atomanya\/author\/atom\/"}]}},"jetpack_featured_media_url":"https:\/\/hacking.cool\/atomanya\/wp-content\/uploads\/2024\/03\/2d3d9bea-5cbf-4199-abf8-4bfa2911e9e6.webp","_links":{"self":[{"href":"https:\/\/hacking.cool\/atomanya\/wp-json\/wp\/v2\/posts\/995","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hacking.cool\/atomanya\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hacking.cool\/atomanya\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hacking.cool\/atomanya\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/hacking.cool\/atomanya\/wp-json\/wp\/v2\/comments?post=995"}],"version-history":[{"count":7,"href":"https:\/\/hacking.cool\/atomanya\/wp-json\/wp\/v2\/posts\/995\/revisions"}],"predecessor-version":[{"id":1003,"href":"https:\/\/hacking.cool\/atomanya\/wp-json\/wp\/v2\/posts\/995\/revisions\/1003"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hacking.cool\/atomanya\/wp-json\/wp\/v2\/media\/1000"}],"wp:attachment":[{"href":"https:\/\/hacking.cool\/atomanya\/wp-json\/wp\/v2\/media?parent=995"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hacking.cool\/atomanya\/wp-json\/wp\/v2\/categories?post=995"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hacking.cool\/atomanya\/wp-json\/wp\/v2\/tags?post=995"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}