Connect to Airport Extreme Shared Disk from Linux

Recently I bought an Apple Airport Extreme to improve my house WiFi network, the result was remarkable, my old access point signal wasn’t able to reach all rooms on the house but the Airport Extreme performed very well on this task.

Anyway, as you know, you are allowed to share a hard drive using the network created by the Airport, and since one of my computers runs only Linux (on #! flavor) I decided to modify my fstab file in order to auto mount my Airport shared drive and access to it on this Linux box.

The process is quite simple:

marin@Corsair$> sudo mkdir /media/airport
marin@Corsair$> sudo vim /etc/fstab

Add the following information at the end of that file (in one line):

//YOUR.AIPORT.IP.ADDR/YOURAIRPORTWORKDIR 
/media/airport/ cifs auto,
iocharset=utf8,nobr1,username=AirportUsername,
password=AirportPass,
_netdev,uid=LinuxUser,gid=LinuxGroup

And then auto mount your new fstab entry using:

marin@Corsair$> sudo mount -a

That’s all!

Violent Python Chapter #1 Final

And that’s all for the chapter #1! The last exercise was quite easy after the ones before. It is a Zip File cracker. It uses a dictionary attack, hope you like it.


# Violent Python
# Chapter #1
# Exercise #3 Zip file cracker
# By: Marin Alcaraz

import zipfile
import sys


def decrypt_file(filename):
    zFile = zipfile.ZipFile(filename)
    dict_file = open("dict.txt", 'r')
    print "[*] Decrypting file..."
    for line in dict_file.readlines():
        password = line.strip('\n')
        try:
            zFile.extractall(pwd=password)
            return password
        except Exception, e:
            pass

def main():

    if (len(sys.argv) == 2):
        filename = sys.argv[1]
        p = decrypt_file(filename)
        if p:
            print "[+] Password[" + p + "]"
    else:
        print "Usage: python py-pass.py file.zip"
        exit(0)

if __name__ == '__main__':
    main()

Violent Python Chapter #1 Part 2

I’ve finished the second exercise from the Chapter #1 “The cuckoo’s egg” it’s a password decrypter. It uses dictionary method and sha512.
Here’s the code:


#
# Violent Python Chapter #1
# The Cuckoo's Egg: a simple password decrypter
# By: Marin Alcaraz
#

import crypt
import hashlib

def testPass(cryptPass):
    salt = cryptPass[0:2]
    dictFile = open('dictionary.txt', 'r')
    for word in dictFile.readlines():
        word = word.strip('\n')
        cryptWord = crypt.crypt(word, salt)
        if (cryptWord == cryptPass or hashlib.sha512(word) == cryptPass):
            print "[+] Found Password: " + word + "\n"
            return
    print "[-] Password not found.\n"
    return

def main():
    passFile = open("passwords.txt", 'r')
    for line in passFile.readlines():
        if ":" in line:
            user = line.split(':')[0]
            cryptPass = line.split(':')[1].strip(' ')
            print "[*] Cracking Password for: user[" + user + "]\n"
            testPass(cryptPass)
    return

if __name__ == "__main__":
    main()

Violent Python Chapter #1 Part 1

Violent Python Chapter #1

I’ll try to post a little brief about violent python chapters here.
This is the first part of chapter #1.

As any Python book “Violent Python” starts with the basic Python stuff, a quick review to
the well known basics: variables, data types, control flow, etc…
The difference with this book and what makes it cool is the purpose of the book and the
examples. Violent Python is oriented to pentest topics so the examples are related to it.

In chapter one you work on three mini projects:

  • Vulnerability Scanner
  • The Cuckoo’s egg
  • Zip file Cracker

This is my first mini-project: Vuln Scanner:


#
# Violent Python Chapter #1
# Vuln Scanner
# By: Marin Alcaraz
#

import sys
import os
import socket

def retBanner(ip, port):
    try:
        socket.setdefaulttimeout(2)
        s = socket.socket()
        s.connect((ip, port))
        banner = s.recv(1024)
        return banner
    except Exception, e:
       return  str(e)

def checkFile(filename):
    try:
        if not os.path.isfile(filename):
            raise Exception("File doesn't exist")
            return -1
        if not os.access(filename, os.R_OK):
            raise Exception("Permission Denied")
        f = open(filename, 'r')
        return f
    except Exception, e:
        print str(e)
        return -1


def checkVulns(banner, filename):
    print "[+] Reading Vulnerable Banner list from: " + filename
    f = checkFile(filename)
    for line in f.readlines():
        print "[+] Checking for banner: " + line.strip('\n')
        if line.strip('\n') in banner:
            print "[+] Server is Vulnerable: " + banner.strip('\n')
        else:
            print '[-] FTP Server is not vulnerable'
    return

def main():
    portList = [21, 22, 25, 80, 110, 443]
    if (len(sys.argv) == 2):
        filename = sys.argv[1]
    else:
        filename = "vuln_banners.txt"
    for x in range(1, 255):
        ip = '192.168.95.' + str(x)
        for port in portList:
            banner = retBanner(ip, port)
            if banner:
                print '[+] ' + ip + ': ' + banner
                if (checkVulns(banner, filename) == -1):
                    return


if __name__ == '__main__':
    main()

Notes:

  • Python reserves memory space for variables when programmer declares them. Python interpreter decides the type of the variable. You can get the type of a variable via type() function.
  • Python string module provides a very robust series of methods for strings.
  • The list data structure in Python provides an excellent method for storing arrays of objects. The list can be from any type. There are many built in methods to manipulate the list.
  • The Python dictionary provides a hash table that can store any number of Python objects. It follows the classic key->value method. You can get the available keys via the .keys() function, you are also able to verify the existence of one key with has_key() or see the whole list with items(). Direct access to the elements is provided via data['key'] scheme.
  • The socket module provides a library for making network connections using Python.
  • Python provides exception handling capability with try and except.
  • The keyword def() begins a function, the variables between de () are passed by reference meaning that any changes to these variables inside the function will affect their value from the calling function.
  • Python provides an easy way to interact with files through the open() and readlines functions. Full i/o API is of course available at Python’s website.
  • The built in sys modules provides access to objects used or maintained by the Python interpreter. Ex: argv.
  • OS module allows Python to communicate with local OS library.

Django-Vim code autocomplete

Recently I came back on Django development and after a year my own set of coding tools had changed a lot, mainly because Vim became my main text editor. On this came back many of my friends suggested PyCharm as the right tool to use (I’m working as Django developer) but I just can’t work with an IDE, it just doesn’t feel smooth and fast as Vim.

So, if you are like me and love Vim a simple wrapper will transform Vim into a more powerful tool to work with Django and Python, but before we set up the wrapper we have to configure some things inside or .vimrc:

"--ENABLE PYTHON/DJANGO OMNICOMPLETE

filetype plugin on
set omnifunc=syntaxcomplete#Complete
autocmd FileType python set omnifunc=pythoncomplete#Complete
autocmd FileType javascript set omnifunc=javascriptcomplete#CompleteJS
autocmd FileType html set omnifunc=htmlcomplete#CompleteTags
autocmd FileType css set omnifunc=csscomplete#CompleteCSS

"--SuperTab Integration
set completeopt-=previewtj
let g:SuperTabDefaultCompletionType = ""
let g:SuperTabDefaultCompletionType = "context"

First lines are activating the Omni Completion feature of Vim for those type of files and the last lines are very helpful and comfortable to work with Super Tab which must be inside of our .vim folder.

Now we will be able to define or little wrapper which I built based on a few examples that I found over the internet, those examples were not working for me but once I understood the idea it was very easy to code.

paste this lines inside a file called djvim (DON’T FORGET TO MODIFY YOUR PROJECT PATH):

PROJECT_PATH="/home/marin/Code"
if [ $# -eq 2 ]
then
        export PYTHONPATH="$PROJECT_PATH/$1"
        export DJANGO_SETTINGS_MODULE=$1.settings
        vim $2
else
        echo "Usage: djvim [Project] [File]"
fi

then make the file executable and move it to your /bin folder, that will do the trick. Test djvim with:

user@machine:$ djvim myproject models.py

and inside Vim type:

:python from django import db

Then test the autocomplete with some functions, launch it with the Tab key.

if it doesn’t work you can check out my dotfiles repo and use them as personal files or guide. Happy Coding, improvements are always welcome