Closed as off-topic by, Jan 8 '15 at 16:21 This question appears to be off-topic. The users who voted to close gave these specific reasons:. 'Questions asking us to break the security of a specific system for you are off-topic unless they demonstrate an understanding of the concepts involved and clearly identify a specific problem.' – GdD, AJ Henderson. 'This question does not appear to be about Information security within the scope defined in the.' – RoraΖ, Jens Erat If this question can be reworded to fit the rules in the, please. About writing tools like this SYNFlood, python is as good as any other language you feel comfortable with.
There is an excellent book called where you will learn to write security auditing tools and malwares. From network scanners, login bruteforcers, behavior to mimicking botnet functionalities, you will learn a lot about them. Writing malware in python can make your life easier (in a part) as it is very quick and easy to code.
Python is really an uncommon choice for viruses and the like because it needs an installed interpreter to run. You may overcome that by turning the script into a windows executable using available tools (like ), but that tends to produce big executables (maybe 5MB, depending on the imported modules) and as malware tend to survive on its subtlety, it may be spotted sooner than you expect, not only because of executable size but also memory footprints.
Compiled python scripts can be turned back to its script form with great ease, using modules like. Once it is found, that will allow the malware analyst to quickly know what it does, how it does, where the command and control servers are, etc., making it extremely fast to uncover your whole operation and reducing the effectiveness of your malware as AV vendors push your signature into their products. On the other side, as someone said in this post about a Bluecoat report (linked below), AV detection rate for scripted languages tend to be low, as many installers use them to deploy softwares. Doing some more research, i heard about the malware and according to the article, it was 20MB in size, including libraries, sqlite databases and all. So, size may not be 'that great burden' after all. Here is a from the security company Bluecoat about a python malware that relates to the operation in 2013. Most malware are written using C/C/C#, VB, Assembly,.NET, etc., but that is not a law.
To understand setuid programs, we first need to understand how User Identity is stored in a UNIX OS. Let's take a look at a real virus in Python. May 10, 2012 computer virus, django virus, engineering, hacking, hacks, how to make a virus, language python, programming, python, python virus, virus, virus def How to Make a Simple Computer Virus with Python May 10, 2012.
These languages have advantages, but also does python. Everything depends on your goal. Balance what you want with what you need and take your shot with what feels the best option to fulfill them.
Introduction I have been programming in C and C since 1994 and have led many teams in Windows system programming. In 2007, in the context of the Armadillo anti-spam software project at, I was given the requirement that the software must run both under Windows and Linux.
To do this, I had to re-train my team of seasoned Windows system developers to also be able to deliver a product on Linux. I chose to re-evaluate the tools and programming language available to me, and this led to my investigation of Python as a cross-platform development solution. About Armadillo The Armadillo project is an SMTP email filtering proxy that works across multiple domains and platforms. The project came into being to satisfy the needs of partner businesses that produce Windows email servers and provide email hosting with an anti-spam and virus filtering proxy. We considered using and improving on an open source email server but ran into trouble making them work on Windows. Most of the mail servers with significant anti-spam development (see ) are strictly Unix/Linux-based. Porting them to Windows looked too difficult.
SendMail, for example, uses a process instance model that won't work well on Windows, while some of the mail storage formats employed (such as ) rely on characteristics of Unix filesystem implementations to perform well. Armadillo is based on some filtering components that we had written previously and some that we could license from a third party.
All of these were written in C and available only as a C library. The filtering SMTP proxy consists of a smart spooler, plugin architecture for filtering libraries, spam/virus report generator, receiver, relayer, policy object for multiple independent domains, monitor object, and a web configuration GUI that runs on PHP in Apache and IIS. We did consider C# since 'Mono' supports it and the guys here were already well-versed in C# development on Windows. However, we lacked confidence that code developed on Windows would work equally well on Mono, and all development would need to actively avoid API that would be missing on Mono.
The differences in stability and feature set of the IDEs on Windows and Linux was also an issue. As a result, we looked at other options, including Python. At the time of our investigation, Python had reached version 2.5, and a what we felt was a credible level of maturity. While not a 'main-stream' choice, Python was attractive because of its cross-platform abilities and the productivity I felt the language could bring to the team. Some of my team members were skeptical and preferred the tried-and-true power of C/C for systems programming.
We decided that those members would work on the web GUI for configuration of the product, while the rest of us would use Python for the other components. Implementation We chose to implement Armadillo in an asyncronous style, rather than using threads. Initially we planned to use, a popular framework for asyncronous programming. However, upon conducting some stress tests, we found that the Python standard library module asyncore was not only robust and fast enough but also easy enough to use for our purposes. A number of the other standard libraries were also used, and we made use of some of the provided by ActiveState.
The C filtering libraries that we integrated into the project were wrapped as extension modules. For a development environment, we used as the preferred IDE. While our test machines ran both on Linux and Windows, we were able to do all our primary development on Windows, with Wing IDE. Outcome Four months later, the team was surprized to see the filtering product completed three months earlier than we expected had we used C/C for the whole project. The feature set at this time included: Filtering anti-spam/virus with support for independent policies across multiple domains, robust 24x7 operation with low resource usage, self-generated spam reporting, anti-DoS (denial of service) capabilities, plug-ins for English and Chinese anti-spam as well as localized spam filters, SMTP-authentication proxy for AUTH LOGIN/PLAIN that could relay to popular SMTP servers transparently, and it all ran on both Windows and Linux. We have since successfully licensed the product to a number of companies and beat popular branded competitor products in reviews. The product stands as a testament, at least to the team here, that Python is viable for commercial systems-level development and not just a scripting language.
Python is now a preferred language at our company for any systems development projects - except, of course, device drivers!
Comments are closed.
|
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |