The Practical Ethical Hacking course by TheCyberMentor includes several scripts that students can either recreate themselves or download from the official repository. I decided to put up some of my own slightly modified versions mainly for minor fixes regarding performance, error handling and/or python3 compatibility. These scripts are just for following along with the course - they are intended to be simple not perfect.
If you encounter any problems with the code please let me know by opening an issue.
| File | Changes |
|---|---|
| port-scanner.py | 🟢 explicit python3 shebang 🟢 code wrapped in a main function 🟢 general exception handler 🟢 using sys.argv[0] instead of a hardcoded file name 🟢 moving the setdefaulttimeout() out of the for loop (it only needs to be called once before creating a socket) timeout seconds. |
| fuzzer.py | 🟢 explicit python3 shebang 🟢 more precise error messages to help the user understand what happened 🟢 colored output just for fun... 🟢 timeout detection (so we don't have to cancel the fuzzer manually) 🟢 safe python3 encoding with latin1 🔵 If the script hangs make sure the script is configured correctly (check IP etc.) and the vulnserver is accessible. 🔵 If the script crashes at 100 bytes you'll receive an error output that should give you a hint about what's wrong. |
| bof-exploit.py | 🟢 explicit python3 shebang (already included in the updated course content though) 🟢 safe python3 byte encoding (using latin1 avoids double bytes for values greater than 0x7f) 🟢 inline generation of bad characters 🟢 colored output just for fun... 🔵 There are hundreds of ways this can be rewritten - this is just my own quick and dirty working python3 version. |
| find-badchars.py | 🟠 This script can be used to compare the Immunity stack dump to bad character values. The same step could be done with mona or any other tool. Or you just look at the bytes. |