Add to collection(s) Add to saved
  1. No category
Uploaded by Chaitanya

HW1 (1)

advertisement 
CSEC-471
Spring 2024
Homework 1
Deadline (18/02/2024)
Description
Penetration Testing is NOT all about using pre-packaged tools. The best Pentesters
write their own tools that are very task specific.
Python is a modern scripting language that was influenced by C, C++, Java, Lisp, and
many other languages. It is an object-oriented interpreted language than can be
written line by line in the Python interpreter or in scripts to be run. You can do
everything from port scanning, to writing exploits, to making websites (flask,
django) in Python. What makes it so useful especially for Penetration Testing is that
it is cross platform and has many modules that are already out there to help with
just about any task you need to get done.
Rubrics
1- The ability to write a script that accepts only requested types of inputs (input
sanitization) (25%)
2- The ability to scan ports in a given target (40%)
3- The ability to display errors to the user in cse of errors (proper error
handling) and deliver a well-commented/documented code (25%)
4- The ability to program a given problem and output in the specified format
(10%)
Deliverables
- Your script should be well-formed, and should be tested to be sure that it
ONLY accepts input of the appropriate format (e.g. if asked for a host,
alphanumeric inputs, if a number, numeric ONLY, etc)
- Your script should run interactively with the user and should display an
appropriate descriptive message if any of the ‘’normal’’ query parameters
have been passed to it (e.g. “/?”, -h, --help, --version, or similar) (You
should include at least 2 query parameters)
- The script should provide the user with sufficient messages to lead them
through the interactive session, as well as providing error messages when
appropriate. Overall, it should give closed/open/filtered type of feedback.
- The script will take three arguments
1- Target domain(string)
2- Starting value (numeric 0-1000)
3- Ending value (numeric 0-1000)
- In interactive mode, the script will ask the user for their target and store
that value in a variable. It will then ask for two numbers: a starting port
-
-
(between 0 and 99) and an ending port (between the starting number
and 99).
Be sure to capture and address any and all errors in your code, sending
messages to the user when appropriate. Errors & poorly commented code
are likely to significantly reduce your grade and might even result in a
failing grade for coding assignments.
The script will create sockets with the target domain name and port
numbers and print the port status in colors.
Example:
kali/$>python scanhost.py
Enter your domain: www.rit.edu
Enter a starting port between 0 and 1000: 79
Enter an ending port between 79 and 1000: 80
www.rit.edu Port 79: closed
www.rit.edu Port 80: open
Related documents
Planning to Present a Report
Planning to Present a Report
Talk Show
Talk Show
Download
advertisement