23-04-13 clase

1.- Ejercicios/sqlinjection_ejercicioonline.txt

@@ -0,0 +1,13 @@
+SQLINJECTION TEST:
+
+https://www.hacksplaining.com/exercises/sql-injection#/start
+http://www.techpanda.org/
+
+EJERCICIOS
+
+https://www.hacksplaining.com/exercises/sql-injection
+
+
+https://www.hacksplaining.com/lessons
+
+

README.md

@@ -1,3 +1,2 @@
 # seguridad
 
-Curso Certificado de Profesionalidad Seguridad Informática

Scripts/sweep_ping.py

@@ -0,0 +1,44 @@
+import sys
+import subprocess as sp
+from threading import Thread
+
+class pingThread(Thread):
+    def __init__(self, ip = '127.0.0.1'):
+        Thread.__init__(self)
+        self.ip = ip
+    def run(self):
+        result = sp.run(['ping', '-c 1', self.ip], capture_output=True)
+        if (result.returncode != 0):
+            self.ip = None
+
+def sweep_ping(address = '127.0.0.1', mask = '255.255.255.0'):
+    hosts = []
+    ping = [] 
+    a1, a2, a3, a4 = address.split('.')
+    m1, m2, m3, m4 = mask.split('.')
+
+    for i1 in range(0, 256 - int(m1)):
+        for i2 in range(0, 256 - int(m2)):
+            for i3 in range(0, 256 - int(m3)):
+                for i4 in range(0, 256 - int(m4)):
+                    t1 = (int(a1) + i1) % 256
+                    t2 = (int(a2) + i2) % 256
+                    t3 = (int(a3) + i3) % 256
+                    t4 = (int(a4) + i4) % 256    
+                    ip = f'{t1}.{t2}.{t3}.{t4}'
+                    ping.append(pingThread(ip))
+                    ping[-1].start()
+                    #print (ip)                        
+    for p in ping:
+        p.join()
+        if p.ip:
+            hosts.append(p.ip)
+    return (hosts)
+
+def main():
+    hosts = sweep_ping(sys.argv[1], sys.argv[2])
+    for h in hosts:
+        print (h)
+        
+if __name__ == "__main__":
+    main()

seguridad/1.- Ejercicios/sqlinjection_ejercicioonline.txt

@@ -0,0 +1,13 @@
+SQLINJECTION TEST:
+
+https://www.hacksplaining.com/exercises/sql-injection#/start
+http://www.techpanda.org/
+
+EJERCICIOS
+
+https://www.hacksplaining.com/exercises/sql-injection
+
+
+https://www.hacksplaining.com/lessons
+
+

seguridad/README.md

@@ -0,0 +1,2 @@
+# seguridad
+

seguridad/Scripts/sweep_ping.py

@@ -0,0 +1,44 @@
+import sys
+import subprocess as sp
+from threading import Thread
+
+class pingThread(Thread):
+    def __init__(self, ip = '127.0.0.1'):
+        Thread.__init__(self)
+        self.ip = ip
+    def run(self):
+        result = sp.run(['ping', '-c 1', self.ip], capture_output=True)
+        if (result.returncode != 0):
+            self.ip = None
+
+def sweep_ping(address = '127.0.0.1', mask = '255.255.255.0'):
+    hosts = []
+    ping = [] 
+    a1, a2, a3, a4 = address.split('.')
+    m1, m2, m3, m4 = mask.split('.')
+
+    for i1 in range(0, 256 - int(m1)):
+        for i2 in range(0, 256 - int(m2)):
+            for i3 in range(0, 256 - int(m3)):
+                for i4 in range(0, 256 - int(m4)):
+                    t1 = (int(a1) + i1) % 256
+                    t2 = (int(a2) + i2) % 256
+                    t3 = (int(a3) + i3) % 256
+                    t4 = (int(a4) + i4) % 256    
+                    ip = f'{t1}.{t2}.{t3}.{t4}'
+                    ping.append(pingThread(ip))
+                    ping[-1].start()
+                    #print (ip)                        
+    for p in ping:
+        p.join()
+        if p.ip:
+            hosts.append(p.ip)
+    return (hosts)
+
+def main():
+    hosts = sweep_ping(sys.argv[1], sys.argv[2])
+    for h in hosts:
+        print (h)
+        
+if __name__ == "__main__":
+    main()