habu v0.1.6 released: Python Network Hacking Toolkit

Habu: Python Network Hacking Toolkit

I’m developing Habu to teach (and learn) some concepts about Python and Network Hacking.

These are basic functions that help with some tasks for Ethical Hacking and Penetration Testing.

Most of them are related to networking, and the implementations are intended to be understandable for who wants to read the source code and learn from that.

Some techniques implemented in the current version are:

• ARP Poisoning
• ARP Sniffing
• DHCP Discover
• DHCP Starvation
• Land Attack
• SNMP Cracking
• SYN Flooding
• TCP Flags Analysis
• TCP ISN Analysis
• TCP Port Scan
• Web Technologies Identification

Changelog

v0.1.6

• A lot of fixes

Install

$ pip3 install habu

Usage

habu.arpoison: ARP Poisoning

This command sends ARP ‘is-at’ packets to each victim, poisoning their ARP tables for sending the traffic to your system.

$ sudo habu.arpoison 192.168.1.5 192.168.1.6

Ether / ARP is at 00:c2:c6:30:2c:58 says 192.168.1.6

Ether / ARP is at 00:c2:c6:30:2c:58 says 192.168.1.5

Ether / ARP is at 00:c2:c6:30:2c:58 says 192.168.1.6

Ether / ARP is at 00:c2:c6:30:2c:58 says 192.168.1.5

...

Note: If you want a full working Man In The Middle attack, you need to enable the packet forwarding on your operating system to act as a router. You can do that using:

echo 1 > /proc/sys/net/ipv4/ip_forward

habu.arpsniff: Discover devices on your LAN capturing ARP packets

This command listens for ARP packets and shows information about each device.

Columns: Seconds from last packet | IP | MAC | Vendor

1   192.168.0.1         a4:08:f5:19:17:a4   Sagemcom Broadband SAS

7   192.168.0.2         64:bc:0c:33:e5:57   LG Electronics (Mobile Communications)

2   192.168.0.5         00:c2:c6:30:2c:58   Intel Corporate

6   192.168.0.7         54:f2:01:db:35:58   Samsung Electronics Co.,Ltd

habu.contest: Check your connection capabilities

This command tries to connect to various services and check if you can reach them using your internet connection.

$ habu.contest

IP:    True

DNS:   True

FTP:   True

SSH:   True

HTTP:  True

HTTPS: True

habu.dhcp_discover: Discover DHCP servers

This command sends a DHCP request and shows what devices have replied. Using the ‘-v’ parameter (verbose) you can see all the options (like DNS servers) included in the responses.

$ sudo habu.dhcp_discover

Ether / IP / UDP 192.168.0.1:bootps > 192.168.0.5:bootpc / BOOTP / DHCP

habu.dhcp_starvation: Fill the DHCP leases

This command sends multiple DHCP requests from forged MAC addresses to fill the DHCP server leases. When all the available network addresses are assigned, the DHCP server doesn’t send responses. So, some attacks, like DHCP spoofing can be made.

$ sudo habu.dhcp_starvation

Ether / IP / UDP 192.168.0.1:bootps > 192.168.0.6:bootpc / BOOTP / DHCP

Ether / IP / UDP 192.168.0.1:bootps > 192.168.0.7:bootpc / BOOTP / DHCP

Ether / IP / UDP 192.168.0.1:bootps > 192.168.0.8:bootpc / BOOTP / DHCP

habu.eicar: Prints the EICAR test string

This command prints the EICAR test string that can be used to test antimalware engines. More info: http://www.eicar.org/86-0-Intended-use.html

$ habu.eicar

X5O!P%@AP[4\XZP54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Note: The below string is incorrect because is not a good idea write the complete in this text file. Some antivirus program can be detect it like a virus. :)

More

Tutorial

Copyright (c) 2018, Fabian Martinez Portantier
All rights reserved.

Source: https://github.com/portantier/