Beginning Ethical Hacking with Python - prognoztech.com · hacking. Let us clear it first: Ethical...

SanjibSinha

BeginningEthicalHackingwithPython

SanjibSinhaHowrah,WestBengal,India

Anysourcecodeorothersupplementarymaterialsreferencedbytheauthorinthistextareavailabletoreadersatwww.apress.com.Fordetailedinformationabouthowtolocateyourbook’ssourcecode,gotowww.apress.com/source-code/.ReaderscanalsoaccesssourcecodeatSpringerLinkintheSupplementaryMaterialsectionforeachchapter.

ISBN978-1-4842-2540-0 e-ISBN978-1-4842-2541-7DOI10.1007/978-1-4842-2541-7

LibraryofCongressControlNumber:2016963222

©SanjibSinha2017

Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartofthematerialisconcerned,specificallytherightsoftranslation,reprinting,reuseofillustrations,recitation,broadcasting,reproductiononmicrofilmsorinanyotherphysicalway,andtransmissionorinformationstorageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodologynowknownorhereafterdeveloped.

Trademarkednames,logos,andimagesmayappearinthisbook.Ratherthanuseatrademarksymbolwitheveryoccurrenceofatrademarkedname,logo,orimageweusethenames,logos,andimagesonlyinaneditorialfashionandtothebenefitofthetrademarkowner,withnointentionofinfringementofthetrademark.Theuseinthispublicationoftradenames,trademarks,servicemarks,andsimilarterms,eveniftheyarenotidentifiedassuch,isnottobetakenasanexpressionofopinionastowhetherornottheyaresubjecttoproprietaryrights.

Whiletheadviceandinformationinthisbookarebelievedtobetrueandaccurateatthedateofpublication,neithertheauthorsnortheeditorsnorthepublishercanacceptanylegalresponsibilityforanyerrorsoromissionsthat

http://www.apress.com

http://www.apress.com/source-code/

maybemade.Thepublishermakesnowarranty,expressorimplied,withrespecttothematerialcontainedherein.

Printedonacid-freepaper

DistributedtothebooktradeworldwidebySpringerScience+BusinessMediaNewYork,233SpringStreet,6thFloor,NewYork,NY10013.Phone1-800-SPRINGER,fax(201)348-4505,[email protected],orvisitwww.springeronline.com.ApressMedia,LLCisaCaliforniaLLCandthesolemember(owner)isSpringerScience+BusinessMediaFinanceInc(SSBMFinanceInc).SSBMFinanceIncisaDelawarecorporation.

DR.AVIJITSEN,DRISTIPRADIP,KOLKATA.(ForBringingLightintoDarkness)

Prologue–Hacker’sGoalThisbookisintendedforcompleteprogrammingbeginnersorgeneralpeoplewhoknownothingaboutanyprogramminglanguagebutwanttolearnethicalhacking.

Letusclearitfirst:EthicalHackingisnotassociatedwithanykindofillegalelectronicactivities.Theyalwaysstaywithinlaws.Thisbookisintendedforthosepeople–youngandold–whoarecreativeandcuriousandwhowanttodevelopacreativehobbyortakeupinternetsecurityprofessionactingasethicalhacker.Keepingthatinmindwe’llalsolearnPython3programminglanguagetoenhanceourskillasethicalhackers.

Thisbookisnotintendedforanykindofmalicioususer.Ifanyonetriestousethisbookoranytypeofcodeexamplesfromthisbookforillegalpurposethisbookwilltakenomoralresponsibilityforthatmaliciousbehaviours.

Ifyouthinkthatyoucanusethisbookforanymaliciouspurposethenyouareadvisedtoreadthefirstchapter“LegalSideofEthicalHacking”.Ihopeyouwon’tliketheideaofendingupinjailbyharmingsomeothersystems.

Iwouldliketostartthisbriefintroductionwithanimage.ThisimagedepictsmanythingsthatIwilllaterdiscussindetail.Itsays,“Theauthorisusing“Ubuntu”Linuxdistributionashisdefaultoperatingsystem.HehasinstalledVirtualBox–akindofvirtualmachine–thatrunsinWindowsalso.AndinthatVirtualBoxhehasinstalledthreemoreoperatingsystems.Oneis“WindowsXP”andtheothertwoare“KaliLinux”and“Windows7Ultimate”.Theimagealsosays,andthatisveryimportant,“Currentlythreeoperatingsystemsarevirtuallyrunningonthedesktop”.

(ThevirtualBoxisrunningthreeoperatingsystems.YoucantryanykindofexperimentonthisVirtualOS.Thatwillnotdamageyourmainsystem.)

Asanethicalhackeryouwilllearnhowtodefendyourself.Todefendyourselfsometimeyouneedtoattackyourenemy.Butitisapartofyourdefensesystem.Itisapartofyourdefensestrategy.Moreyouknowaboutyourenemy’sstrategy,moreyoucandefendyourself.Youneedtolearnthosetoolsarefrequentlyusedbythemalicioushackersorcrackers.Theyusethesametoolthatyouusetodefendyourself.

Whetheryouareanethicalhackeroramaliciouscracker,youdothesamething.Youusetheidenticalsoftwaretoolstoattackthesecuritysystem.Onlyyourpurposeorintentiondiffers.

Probablyyouknowthatabigcarcompanybeforelaunchinganewmodelofcargenerallyteststhelockingsystem.Theyhavetheirownsecurityengineersandbesidestheycallforthelockingexpertstotestthevulnerability.Theypayagoodamountofmoneyifyoucanbreakthelockingsystemofthecar.Basicallyitisaworkof“PENTESTING”.ThelockingexpertsPENTESTSthesystemandseeifthereisanyweaknessinthesystem.

Itisgoodexampleofethicalhacking.Thelockingexpertsareinvitedtodothejobandtheyarepaidwell.Onthecontrarycarthievesdothesamejobwithoutanyinvitation.Theysimplybreakthelockingsystemofanunattendedcarparkedontheroadsideandtakeitaway.Ihopebynowyouhave

understoodthedifferencebetweenethicalhackingandcracking.Yourmainintentioncentersonthesecurityofthesystem.Securityconsists

offourkeycomponents.Asthebookprogressesyouwillincreasinglybefindingwordslike“PENTESTING”,“EXPLOIT”,“PENETRATION”,“BREAKINTHESYSTEM”,“COMPROMISETHEROUTER”etcetera.Thefourkeycomponentsmentionedbelowmainlydealwiththeseterms.Thekeycomponentsare:

1. Availability 2. Integrity 3. Authenticity 4. Confidentiality

Wewillseehowcrackerswanttoattackthesecomponentstogainaccesstothesystem.Sinceahacker ’smaingoalistoexploitthevulnerabilitiesofthesystemsohewantstoseeifthereisanyweaknessinthesecorecomponents.

Letusassumethehackerwantstoblocktheavailabilityofthedata.Inthatcasehewillusethe“DenialofAttack”or‘DoS’method.Todothisattackusuallyhackersusesystem’sresourceorbandwidth.ButDoShasmanyotherforms.Whentheresourceorbandwidthofyoursystemiseatenupcompletely,theserverusuallycrashes.Thefinaltargetisonesystembutthenumberofvictimsisplenty.Itissomethinglikemillionsofpeoplegatherinfrontyourhousemaindoorandjamitwithakindofhumanchainsothatyouandyourfamilymemberscannotenterintoit.

ThesecondkeycomponentIntegrityshouldnotbecompromisedatanycost.Whatdoesthisterm“integrity”mean?It’sbasicallycenteredonthenatureofdata.Whenthisnatureofdataistamperedwithsomekindof‘BIT-FLIPPING’attacks,theintegrityofthesystemisalsocompromised.Itcanbedonejustbychangingthemessageitself.Thedatamayeitherbeinthemoveoratrest,butitcanbechanged.Imaginewhathappenswhenatransactionofmoneyistamperedwiththeadditionoffewmorezeroesattheend!Letusassumeabankistransferringmoney.Initsinstructionitiswritten:“transfer$10,000”.Nowtheattackerchangesthecryptictextinsuchamannersothattheamountchangesto$10,000000.Sotheattackisintendedforthemessageitselforaseriesofmessages.

TheissueofauthenticationisnormallyhandledbytheMediaAccessControl(MAC)filtering.Ifitisproperlyplacedthenetworkdoesnotallowunauthorizeddevice.WhathappensifsomeonespoofstheMACAddressofalegitimatenetworkstationandtakesitoff?Hecantakeonthestation’sidentityandcontrolit.ThisiscalledauthenticationattackorMACAddressspoofing.

Finallytheissueofconfidentialityrisesaboveall.Datatravelincleartextacrossthetrustednetwork.Heredatameaninformation.Theinformationtheftlikecrackingsomeone’spasswordisconfidentialityattack.Thedataorinformationisintendedforsomeonebutinsteadoftherecipientthehackergainstheaccess.Actuallythecrackerstealsitwhenthedataismovingacrossthetrustednetworkascleartext.

AcknowledgmentsKARTICKPAUL,SYSTEMMANAGER,AAJKAAL,KOLKATA,Withouthispersistentandinspiringhelp,Icouldnotwritethisbook.

ContentsPartI

Chapter1:LegalSideofHacking

Chapter2:HackingEnvironment

EthicalHackingandNetworking

WhatDoesNetworkMean?

Summary

Chapter3:InstallingVirtualBox

Chapter4:InstallingKaliLinuxandOtherOperatingSystemsonVB

Chapter5:LinuxTerminal,BasicCommands

Summary

PartII

Chapter6:Python3andEthicalHacking

Chapter7:PythonEnvironment

Chapter8:GeneralSyntaxes

Createthemain()function

IndentationandWhiteSpace

Commenting

AssigningValues

Chapter9:Variables,ObjectsandValues

UsingNumbers

String

WhatisTypeandID

LogicalValues

TuplesAndLists

Dictionary

Object

Chapter10:Conditionals

Chapter11:Loops

WhileLoops

ForLoops

Chapter12:RegularExpressions

Using“re”Module

ReusingWithRegularExpressions

SearchingwithRegularExpressions

Chapter13:Exceptions,CatchingErrors

Chapter14:Functions

ReturnValues

GenerateFunctions

ListsofArguments

NamedArguments

Chapter15:Classes

Object-OrientedMethodology

TheFoundationofObjectOrientation

UnderstandingClassesandObjects

WriteYourOwnGame,“GoodVsBad”

PrimaryClassandObject

AccessingObjectData

Polymorphism

UsingGenerators

Inheritance

Decorator

Chapter16:StringMethods

Chapter17:FileInputAndOutput

Chapter18:Containers

OperatingonTupleandListObject

OperatingonDictionaryObject

Chapter19:Database

LetusstartwithSQLite3

MySQLforBigProject

Chapter20:Module

Chapter21:Debugging,UnittestModule

Chapter22:SocketandNetworking

Chapter23:ImportingNmapModule

Chapter24:BuildinganNmapNetworkScanner

PartIII

Chapter25:ProtectAnonymityontheInternet

Chapter26:DarkWebandTor

HiddenWikipedia

Chapter27:ProxyChains

Chapter28:VirtualPrivateNetworkorVPN

Chapter29:MACAddress

Epilogue—WhatNext

Index

ContentsataGlanceAbouttheAuthor

AbouttheTechnicalReviewer

Acknowledgments

Prologue–Hacker ’sGoal

PartI

Chapter1:LegalSideofHacking

Chapter2:HackingEnvironment

Chapter3:InstallingVirtualBox

Chapter4:InstallingKaliLinuxandOtherOperatingSystemsonVB

Chapter5:LinuxTerminal,BasicCommands

PartII

Chapter6:Python3andEthicalHacking

Chapter7:PythonEnvironment

Chapter8:GeneralSyntaxes

Chapter9:Variables,ObjectsandValues

Chapter10:Conditionals

Chapter11:Loops

Chapter12:RegularExpressions

Chapter13:Exceptions,CatchingErrors

Chapter14:Functions

Chapter15:Classes

Chapter16:StringMethods

Chapter17:FileInputAndOutput

Chapter18:Containers

Chapter19:Database

Chapter20:Module

Chapter21:Debugging,UnittestModule

Chapter22:SocketandNetworking

Chapter23:ImportingNmapModule

Chapter24:BuildinganNmapNetworkScanner

PartIII

Chapter25:ProtectAnonymityontheInternet

Chapter26:DarkWebandTor

Chapter27:ProxyChains

Chapter28:VirtualPrivateNetworkorVPN

Chapter29:MACAddress

Epilogue—WhatNext

AbouttheAuthorandAbouttheTechnicalReviewer

AbouttheAuthorSanjibSinha

writesstoriesandcodes—notalwaysinthesameorder.HestartedwithC#and.NETframeworkandwonaMicrosoftCommunity

ContributorAwardin2011.Later,theOpenSourceSoftwaremovementattractedhimandhebecameaLinux,PHP,andPythonenthusiast,specializinginandworkingonWhiteHatEthicalHacking.

Asabeginner,hehadtostrugglealot—always—tofindoutaneasywaytolearncoding.Noonetoldhimthatcodingislikewriting:imagininganimageandbringingitdowntoEarthwiththehelpofwordsandsymbols.

Allthroughhisbookshehastriedtohelpbeginnersfromtheirperspective—asabeginner.

AbouttheTechnicalReviewerAbirRanjanAtarthy

isaCertifiedEthicalHackerfromEc-Council,ISO27001AuditorandPCIDSSimplementer.

Hehasmorethan12yearsofextensivedomainexperienceindrivingtheInformation&CyberSecurityprogramsinallkeyaspectsi.e.Policy,Standards,Procedures,Awareness,NetworkSecurity,Websecurity,AndroidAppSecurity,IncidentResponse,SecurityAnalytics,SecurityMonitoring,Malwareprotection,Securityconfiguration,Cryptography,DataProtectionKnowledgeofmostadvancedtoolsinsecurityindustrywithcomplementingknowledgeonscriptinglanguagestomanuallyexploitvulnerabilities.

HehasauthoredseveraltechnicalarticleswhichhavebeenpublishedinITsecurityjournalsandisfrequentlyinvitedtospeakatmanycybersecurityconferencesandPythonforums.

HehasdesignedcybersecuritycoursesforCorporatesonnetworkandweb

penetrationtesting,forensics,andcryptography.Abirregularlyconductswork-shops,trainingsessionsandcertification

programsforcorporates,governmentorganizations,defenceestablishments,securityagencies,engineeringcollegesanduniversitiesonPythonprogramming,penetrationtestingandcyberforensics.

HehascreatedseveralITsecurityandcryptographictoolsusingPython.HehasaccomplishedshorttermProgramsinObject-oriented

programmingandSelectedTopicsinSoftwareEngineeringfromIndianInstituteofTechnology-Kharagpur.

Abirisconsideredasubject-matterexpertincybersecurityandisoftenquotedbyleadingnewspapersandTVchannels.

PresentlyheisleadingtheCyberthreatintelligencedepartmentinTCGDigitalSolutionsPvt.Ltd.

(1)

©SanjibSinha2017SanjibSinha,BeginningEthicalHackingwithPython,DOI10.1007/978-1-4842-2541-7_1

1.LegalSideofHacking

SanjibSinha1

Howrah,WestBengal,India

ElectronicsupplementarymaterialTheonlineversionofthischapter(doi:10.1007/978-1-4842-2541-7_1)containssupplementarymaterial,whichisavailabletoauthorizedusers.

Astimegoesbyandweprogress,ouroldenvironmentisalsochangingveryfast.Ithasnotbeenlikebeforewhenwekeeprecordsbyenteringdataintoabiglogbookandstackthemonebyonedate-wise.Nowwekeepdatainacomputer.Wedon’tgotoamarketanymoretobuyanything.WeorderitovertheInternetandpaymentismadebyusingcreditordebitcard.Thenatureofcrimehasalsochangedaccordingly.

Criminalsusedtosnatchyourdataphysicallybefore.TheynowsnatchitovertheInternetusingcomputers.Nowcomputershavebecomeanewtoolforbusinessaswellasfortraditionalcrimes.Onthebasisofwhich,aterm—“cyberlaw”—comestothefore.Asanethicalhacker,thefirstandmostbasicthingyoushouldrememberis“don’ttrytopenetrateortamperanyothersystemwithoutaskingpermission.”

YoumayaskhowIwouldexperimentwithmyknowledge.TheanswerisVirtualBox.Inyourvirtualmachineyoumayinstallasmanyoperatingsystemsasyouwantandexperimentonthem(TheaboveimagedepictsVirtualBoxandtwooperatingsystemsrunninginit).Tryeverythingonthem.Tryinganyvirusonyourvirtualmachinewillnotaffectyourmainsystem.Atthesametimeyouwillkeeplearningaboutmalware,virusesandeverykindofpossibleattack.

Afewexamplesmaygiveyouanideawhattypeofcomputercrimesarepunishableinourlegalsystem.

http://dx.doi.org/10.1007/978-1-4842-2541-7_1

Ifyouuseanysoftwaretooltogenerateacreditcardordebitcardnumber,thenitisahighlypunishableoffense.Itwillinviteafineoffiftythousanddollarsandfifteenyearsofimprisonment.Settingupaboguswebsitetotakecreditcardnumberswithafalsepromiseofsellingnon-existentproductsisahighlypunishableoffense.Rigorousimprisonmentandaheftyfinefollow.Icangiveyouseveralotherexamplesthatmayinvitetroubleforyouifyoudon’tstaywithinthelaw.

Remember,youareanethicalhackerandyouarelearninghackingtoolsforprotectingyouroryourclient’ssystem.Forthesakeofprotectionanddefense,youneedtoknowtheattack,exploitorpenetrationmethods.

Tryeverysingleexperimentonyourvirtualmachine.Thatistherulenumberoneofethicalhacking.

(1)


2.HackingEnvironment

SanjibSinha1


Theveryfirstthingthatyouneedisavirtualmachine.AsIsaidbefore,IhaveUbuntuasmydefaultoperatingsystemandinsidemyvirtualmachineIhaveinstalledtwooperatingsystems—oneisWindowsXPandtheotherisKaliLinux.

Technically,fromnowonIwouldmentionWindowsXPandKaliLinuxasmyvirtualmachines.KaliLinuxisaLinuxdistributionthatcomesupwithmanyusefulhackingtools.SoIstronglysuggestusingitasyourvirtualmachine.YoumayalsoreadthedocumentationpageofKaliLinux,whichwillalsobeanimmensehelp.

Atthesametime,I’dnotsuggestusingWindowsofanykindfortheethicalhackingpurpose.SomemayarguethatfewhackingtoolscanbeusedinWindows,sowhyyouaresuggestingotherwise?Thepointis:intheethicalhackingworld,youneedtobeanonymousallthetime.Youwon’twanttokeepyourtrail,anyway,sothatyoucanbetracedback.Remaininganonymousisabigchallenge.InLinuxitisfairlyeasyandyoucanstayanonymousforthetimebeing.

Keepingthatinmind,Iexplainthattechniqueofbeinganonymousingreatdetailsothatbeforejumpingupintothebigtask,youmakeyourdefensemuchstronger.Beinganonymousisthemostimportantthingintheworldofethicalhacking.KeepingyourselfanonymousinWindowsisnotpossible.SoitisbettertoadapttotheLinuxenvironmentfirst.Anotherimportantthingis,mostofthegreathackingtoolsarenotavailableintheWindowsenvironment.

IfyouhaveneverheardofanyLinuxdistribution,don’tworry.Youcaneitherinstalluser-friendlyUbuntuinsideyourWindowssystemoryoucaneasilypartitionyourdiskintotwopartsandinstallUbuntuandWindows

separatelyasyourtwodefaultoperatingsystems.Itispreferabletodothelatter.Installinganduninstallingparalleloperatingsystemsalwaysteachesyousomethingnew.IfyouarefamiliarwithWindows,Iwon’ttellyoutosimplydumpitforthesakeoflearningethicalhacking.Youcankeepitanduseitforyourdailywork.Thereisnoproblemindoingthis.

IntheInternetworld,Linuxisusedmore.SoyouneedtolearnafewLinuxcommands.SoftwareinstallationinLinuxisslightlydifferentfromWindowsenvironments.ThereareLinuxdistributionslikeFedoraorDebian,andmanymore.InamedUbuntujustbecauseitisextremelypopularandWindowsusersfindthemselvescomfortableinsideit.Theoperationsaremoreorlessthesame,includingthesoftwareinstallations.Forbeginners,itisnotagoodideatoinstallKaliLinuxasyourdefaultOS.YoumustreadKalidocumentation,whereitisclearlystatedthatKaliismorefordevelopers.YouaregoingtoinstallitinsideyourVirtualBox.KaliLinuxisakindofLinuxdistributionthatcomeswithlotofhackingtools.Youneedtoknowthemandusetheminthecourseofethicalhacking.

InstallingVirtualMachineisaveryimportantstepasthefirststepofbuildingyourenvironment.InthenextchapterIwillshowyouhowyoucandothatfordifferentoperatingsystems.Anotherimportantthingislearningaprogramminglanguagethatwillreallyhelpyoulearnethicalhackingbetter.

TheobviouschoiceisPython.Atthetimeofwritingthisbook,Python3.xhasalreadyarrivedandisconsideredthefutureofthislanguage.ItisveryquicklycatchingupwiththeoldPython2.xversion,whichhasbeenaroundthemarketforawhile.TheofficialPythondownloadpageprovidestherepositoryofPythoninstallersforWindows,MacOSXandLinuxoperatingsystems.Ifyoudownloadaninstaller,itisofimmensehelpbecauseitcomeswiththePythoninterpreter,standardlibrary,andstandardmodules.Thestandardlibraryandbuilt-inmodulesarespecificallyveryimportantbecausetheyofferyouseveralusefulcapabilitiesthatwillhelpyouachieveyourgoalasanethicalhacker.Amongtheusefulmodules,youwillgetcryptographicservices,Internetdatahandling,interactionwithIPprotocols,interoperabilitywiththeoperatingsystem,andmanymore.Sogoahead,pickupanygoodbeginner ’sbookonPython,readtheofficialdocumentationandknowthatitisapartofyourlearningschedule.Pythonisanextremelyeasylanguagetolearn.

Tocreateanidealethicalhacker ’senvironment,afewstepsareextremelyimportant.Thestepsinclude:installingVirtualMachineorVirtualBox(VB),havingabasicknowledgeaboutnetworking,andlearningausefulprogramminglanguagelikePython.Letusfirsthavealookatthebasicnetworkingknowledge.

EthicalHackingandNetworkingAbasicknowledgeaboutinternetworkingisextremelyimportantifyouwanttolearnethicalhacking.Asyouprogressandwanttogodeeper,itisadvisabletolearnmoreaboutnetworking.Ethicalhackingandinternetworkingareverycloselyassociated.Asyouprogressthroughthisbookyouwillfindwordslike“packet,”“switch,”“router,”“modem,”“TCP/IP,”“OSI,”andmanymore.

Theveryfirstthingyouneedtoknowis:datatravelsthroughmanylayers.Ethicalhackerstrytounderstandtheselayers.Oncetheyhaveunderstoodthemovement,theyeitherwanttotrackandblockthedataortheywanttoretrievedata.

Inthischapter,wewillverybrieflyseehowinternetworkingmodelswork.Wewilllookintothedifferenttypesofnetworkingmodels.Wewillalsolearnaboutthedevicesthatcompriseanetwork.

WhatDoesNetworkMean?Anetworkisacollectionofdevicesthatareconnectedthroughmedia.Oneofthemaincharacteristicsofanetworkis:devicescontainservicesandresources.Devicescontainpersonalcomputers,switches,routers,andservers,amongothers.Whatdotheydobasically?Theysenddataandgetdataeitherbyswitchingorbyrouting.Actually,theyconnectuserssothatusersultimatelygetfulldatainsteadofgettingitbypieces.Sothebasicservicesthesedevicesprovideincludeswitching,routing,addressing,anddataaccess.

Wecanconcludethatanetworkprimarilyconnectsuserstoavailtheseservices.Thatisitsfirstjob.Thesecondjobisalsoveryimportant.Anetworkalwaysmaintainsasystemsothatthedevicesallowtheuserstosharetheresourcesmoreefficiently.

Nowaproblemarises—notatrivialproblem.Hardwareandsoftwaremanufacturersdon’tknoweachother.Theybelongtodifferentcountriesandsharediversecultures.Whentheconceptionofnetworkingfirstcametothefore,itwasfoundthathardwareandsoftwareweren’tmatching.AsIsaidbefore,anetworkisacollectionofdevices.Thesedevicesaremainlybuiltofhardwareandsoftwarethataretalkingindifferentlanguages.

Tosolvethisproblem,acommonnetworkmodelwithcommunicationfunctionsisneededsothatdissimilardevicescaninteroperate.

Theimportanceofinternetworkingmodelsconsistsofafewmainconcepts.First,theyencourageinteroperability.Second,theyprovidea

referencethroughwhichdatawillbecommunicated.Third,theyfacilitatemodularengineering.

Therearetwotypesofinternetworkingmodels.TheyareOpenSystemsInterconnection(OSI)referencemodeland

TransmissionControlProtocol/InternetProtocol(TCP/IP)model.Bothmodelsarewidelyusedtoday.

TheOpenSystemsInterconnection(OSI)referencemodelwasdevelopedbytheInternetStandardsOrganization(ISO)andithassevenlayersinall.Thelayersareasfollows:application(layer7),presentation(layer6),session(layer5),transport(layer4),network(layer3),datalink(layer2)andphysical(layer1).

Letusverybrieflytrytounderstandhowthismodelworks.Supposeausertriestoopenawebpage.Theveryfirstthinghedoesissendarequesttotheserverthatislocatedseveralthousandmilesaway.Here,theserver ’sharddiskorhardwareisthelastlayer(layer1)whichistermedas“physical.”So,theuser ’srequestfirstknocksthe“application”layer(7)whichisthenearestandthenitproceeds.Everyprocessineachlayerinvolvesacomplicated“bitsandbytes”functioning.Acomputeronlyunderstands0and1.Buttheuserdoesnotliketoseeavideoin0and1.

Letusbreaktheprocessintomoredetail.Intheapplicationlayer(7),theuserinteractswiththedevicethatcouldbea

personalcomputerorsmartphoneoranythingyoumightguess.Sotheapplicationlayerbasicallyhandlestheuser ’sinteraction.Thenameofthedatagramis“data.”Theuserrequeststhedataandultimatelyretrievesthedata.Whathappenswhentheusersendsrequestsfromlayer7?Itentersintothenextlayer:(6)presentation.Theprocessofencapsulationstarts.Dataisformattedandencrypted.Next,thelayer5orsessionentersintothescene.Thislayermanagesend-to-endcommunication.Supposeyoutypeapasswordandlogintoyoursocialmediaaccount.Thislayermaintainstheend-to-end(user-to-server)communicationsothatyoucanremainloggedintoyourpage.Tellthislayerthenameofthedatagramis“data.”

Toassistyouinmaintainingyoursession,thenextthreelayersworkveryhard.Theyare:transport(layer4),network(layer3),datalink(layer2),respectively.Thenameofthedatagramoftransportlayeris“segment.”Whyisthiscalled“segment”?Itiscalled“segment”becauseitbreaksyourrequestintoseveralfractions.First,itaddssourceanddestinationportnumbers.Next,ittriestomakeitreliable,addingsequencenumbers.So,inanutshell,itprovidesflowcontrol,sequencing,andreliability.

Whathappensnext?

Yourrequestentersintothelayer3thatiscallednetwork.Thenameofthedatagramis“packet.”ItaddssourceanddestinationIPaddresses.Italsomakessurethatyourrequestfindsthebestpathtoreachthedestination.

Nowyourdatarequestalmostreachesthefinalstage.Itentersintothelayer2thatisdatalink.Itisnearingtheendpointthatistheserver ’shardware.SothislayeraddssourceanddestinationMediaAccessControl(MAC)addresses.Next,itgoesthroughFrameCheckSystem(FCS)processes.Itchecksframebyframewhetherthesourcerequestsreachtherightdestination.Thatiswhythedatagramisknownas“frame.”

Nowithasenteredintothefinaldestinationthatislayer1orphysical.Thereareonlybitsoverthephysicalmedium.Thenameofthedatagramis“bitsandbytes.”

Nowwecanimagineasmallofficewithonerouter,twoswitchesandafewdesktops,laptops,printers,andservers.Therouterisconnectedtotheswitchesandtheswitchesareconnectedtothedeviceslikedesktops,laptops,printers,andservers.Heredesktops,laptops,printers,andserversbelongtothelayer1thatisphysical.Theswitchesbelongtothelayer2thatisdatalink,andtherouterfitsinthelayer3thatisnetwork.

Routersarelayer3devicesandperformafewdefinitetasks.Theyare:packetswitching,packetfiltering,pathselecting,andfinallycommunicating.Thetaskofpacketswitchinginvolvestheprocessofgettingapackettothenextdevice.Here,thenextdeviceistheswitches.Packetfilteringsuggestsinitsnamewhatitactuallydoes.Iteitherpermitsorblockspacketsdependingoncertaincriteria.Pathselectingisdeterminingthebestpaththroughthenetworktothedestination.Communicationisanotherimportantpartofthislayer.RouterscommunicatewithothernetworksliketheInternet.

Betweenrouters,layer3devices,andtheendapplication,physical,layer1devices,thereareswitcheswhicharelayer2devices.Insomecases,switchesperformthetaskoflayer3devices.Switchesbasicallydealwithframefilteringandforwarding.Italsomaintainstheconnectionbetweenlayer3andlayer1.

SummaryLetusquicklyrecapwhatwehavejustlearnedabouttherelationsbetweenethicalhackingandinternetworking.

1. Internetworkingmodelsencourageinteroperabilitybetweendifferent

devices,providingareferencetodescribethedatacommunication.Atthesametime,itfacilitatesmodularengineering.

2. Therearetwotypesofinternetworkingmodels.TheyareOSIReferenceModelandTCP/IPModel.

3. TheOSIModelhassevenlayers.Theyare:application(layer7),presentation(layer6),session(layer5),transport(layer4),network(layer3),datalink(layer2),andphysical(layer1).

4. TheTCP/IPModelhasfourlayers.Theyare:application(layer4),transport(layer3),network(layer2),andnetwork(layer1).

5. Anethicalhackertriestounderstandthisprocessofdatacommunicationandpenetratesaccordingtothevulnerability.

(1)


3.InstallingVirtualBox

SanjibSinha1


Thefirstquestionthatcomestoourmindis:whydoweneedavirtualboxwhenwehaveadefaultoperatingsysteminplace?Thereareseveralreasons.Themostimportantreasonis:inavirtualboxwecanplaywithanyoperatingsystemwithoutanyfearofmessingitup,evenbreakingitup.Thereiseverypossibilitythatwhiletestingahackingtoolwecouldbreakasystem.Iencourageyoutodothat.Itisavirtualmachine.So,goahead.Testeverythingthatcomestoyourmind.Anothergreatreasonforusingvirtualboxisthesafety.Whenyouvisitawebsite.youmightconsiderittobesafebutinrealityitcouldnotbeso.Butnothingmattersinthecaseofavirtualbox.Itisnotyouroriginalmachinewithconfidentialdata.Visitinganunsafewebsiteisnotannoyinganymore.

Onlyonethingyouneedtoremember.Staywithinthelaw.Whiletestingyourhackingtoolsorrunningcodes,youcannotjeopardizeanyothersystem.

TheOracleVirtualBoxofficialwebsiteoffersplentyofdownloadoptions.Youcanchooseanyoneofthem.AccordingtoyourOS,yougotothe“download”sectionandseewhatisavailableforyou.Fromthenextimageyouwillhaveanideahowyoucanproceedfurther.

Figure3-1. VirtualBoxdownloadsectionforLinuxhosts

TheselectedlineoftheaboveimageshowsthedefaultoperatingsystemIamrunningcurrently.ThatisUbuntu14.04(Trusty)andthearchitectureisAMD64.

VirtualBoxisveryeasytoinstall.WhateveryourOSis(MacOSX,Windows,orLinux),youcaninstallit.First,youneedtoknowaboutyouroperatingsystemitself.Itcouldbeeither32-bitor64-bitarchitecture.InanyLinuxdistribution,itisextremelyeasytolearn.Justopenuptheterminalandtype:“uname-a”.

Theterminalwillspitoutsomevitalinformationthatincludesalldataregardingmycurrentdefaultsystem.TheLinuxisof3.19.0versionandthesuperuser ’snameis“hagudu.”Italsoindicateswhattypeofsystemarchitecturethisis.Itlookslikethis:

Figure3-2. Aterminalimagethattellsaboutsystemarchitecture

Asinmycase,youclearlyseethat“x86_64”standsfor64bit.IntheVirtualBoxofficialdownloadpageforallLinuxdistribution,youfirstdownloadtherequiredpackagesandtheninstallitaccordingtothenatureofyourOS.ForRedHat,FedoraoranyLinuxdistributionbelongingtothatcategory,youwillnoticethatthelastextensionis“.rpm”.Inthatcase,youcanmovetotheVirtualBoxfolderandissuecommandslike“rpm-i”or“yuminstall”incaseyourunRedHatorFedora.

ButtherearemoresimplemethodstoinstallVirtualBox.FortheabsolutebeginnersitismuchhelpfultorunUbuntuLinux

distributionasyourdefaultOS.YoucaninstallVirtualBoxfromthesoftwarecenterdirectlywithoutopeninguptheterminalorissuinganycommand.

TheUbuntusoftwarecenterhasmanycategories.Oneofthemshowsthe“installed”software.

Figure3-3. UbuntusoftwarecentershowsVirtualBoxrunning

Itisnottherebydefault.Inthatcase,itisextremelyeasytoinstall.Youcanjusttype“VirtualBox”onthesearchtextboxanditwillpopup.Moveaheadandpresstheinstallationbutton.

(1)


4.InstallingKaliLinuxandOtherOperatingSystemsonVB

SanjibSinha1


OncetheVirtualBoxhasbeeninstalledonyourmachine,youneednotworryaboutinstallingseveraloperatingsystemsonit.Attheverybeginning,weareinterestedaboutinstallingKaliLinuxonourVirtualBox.GototheofficialKaliLinuxwebsiteanddownloadtheISOimageofthelateststableversion.KaliLinuxisamuchbiggerLinuxdistributionthanotherLinuxdistributions.Itmustbearound3GB.Ubuntuandothersarearound1GBoralittlebitmore.

Nowoncetheinstallationprocessisover,youcaneitherstoreitonyourlocalharddriveorburnitonaDVD.NowopenupyourVirtualBoxandclick“New”.Itwillautomaticallyopenupanewwindowthatwillaskyouwhattypeofoperatingsystemyouaregoingtoinstall.Thefollowingimageisquiteself-explanatory.

Figure4-1. HowtoinstallanoperatingsystemonVirtualMachine

YouseeontheVirtualBoxIhavealreadyinstalledtwooperatingsystems.OneisKaliLinuxandtheotherisWindowsXP.Inyourcase,whenyouaregoingtoinstallfresh,theleftpanelofyourvirtualboxwillbeempty.

Thewholeprocedureisveryexplicitinitself.Itwillguideyoutodowhattodonext.Basically,ontheInternettherearelotsofillustrativeguidesthatwillhelpyoudothesamething.Nowitistimetowritedownthenameoftheoperatingsystemyouareabouttoinstall.Nextselectthetype(whetheritisLinuxorWindows,etc.)andtheversion.Inthelonglistofversionssectionyouwon’tfindthenameofKali.Butbasicallyitis“Debian.”Sogoaheadandselectthe32-bitor64-bitDebianaccordingtoyoursystemarchitecture.Click“next”anditwillaskforthememoryusageasitisshowninthenextimage.

Figure4-2. InstallationprocessofKaliLinuxonVirtualBoxasksformemorysize

Youcanallocatethememorysizeasperyourmachinecapacity.Minimum1GBisgood.Itisbetterifyoucanallocatemore.Inthenextstepitwillaskforstoragecapacityandafewothernitty-grittythings.

Icanassureyou,asacompletebeginneryouwon’tfaceanydifficultyininstallingKaliLinuxonyourVirtualBox.ThemostimportantpartofthisinstallationprocessisyouneedtokeepyourInternetconnectionrunningsothatKaliLinuxwilladjustitsprerequisitesaccordinglyonline.

Usuallywhenanoperatingsystemisinstalledonavirtualmachineitcomesupinasmallsizeanditstayslikethat.Thenextimagewillshowyoutheoriginalsize.

Figure4-3. KaliLinuxrunningonOracleVMVirtualBox

Butworkingonthissizeisreallycumbersome.Tosolvethisproblem,normallyVirtualBoxGuestAdditionisused.Butbeforethat,youmaywanttoupdateandupgradeyournewlyinstalledKaliLinux.Thatisagoodpracticethathelpsyoutobeupdatedallthetime.Afteryouhaveloggedintypingusernameandpassword,youwillfindtheterminalontheleftpanel.Openitandtype:

apt-getupdateYoumustbeonlinesothatitwillbeupdatedonitsown.Itmighttakesome

time.Afteritfinishesoffyouissuethesecondcommand:apt-getupgradeNormallytheupgradingtakesmoretimethanupdating.Ifyouarearoot

userthenthereshouldnotbeanyproblem.Butifyouhavecreatedanotheruserandloginasthatuserthenyoumusttype“su”commandbefore.“su”standsforsuperuserorrootuserwhoistheadministrator.Itwillaskforyoursuperuserpasswordinstantly.Yougiveitanditwillworkfine.

Letuscomebacktoanoldproblem.ThenewlyinstalledKaliLinuxlookssmallinsizeandyouareobviouslyatalossandyoudon’tknowwhattodo.Howwillyougetthefullscreenview?

Hereisacommandthatwillrescueyoufromthisproblemandsolveit.Youneedtoinstallonemorepackageandupgradeyourvirtualmachineagainsothatitgetsthefullscreenview.

Figure4-4. KaliLinuxrunningOracleVMVirtualBoxwithpasswordattackstool

Openuptheterminalandtype:apt-getupdate&&apt-getinstall-ydkmslinux-

headers-$(uname-r)ThiswillinstallthenecessarypackagethatwillruntheVirtualBoxGuest

Addition.ItissomethingthatyoucanimagineasatoolthatcontrolsthescreensizeofyourhostOS.

Howwillyourunitoncethepackageisinstalled?Thenextimagewillguideyoutofindtheplacewhereyouwillgetit.

Figure4-5. GettingthefullscreensizeofKaliLinuxonVirtualBox

Takeyourmousepointertotheuppermiddlepartwhereyouwillgetthe“Devices”menu.Thelastonereadslikethis:“insertguesteditionCDimage.”Clickitanditwillautomaticallytakecareofeverything.

Normallyitshouldworkfine.Ifnot,takeitasachallenge.SearchtheInternet.Therearelotsofhelpinghandswaitingforyoutoassistwhatyouwanttoget.

NowwearegoingtoinstallWindows7Ultimate.Thestartingprocessissame.Youopenthevirtualbox.Goto“new”andclick.Itwillopenupawindowthatwillaskyoutotypethenameoftheoperatingsystemyouaregoingtoinstall.Nextitwillaskforthememorysize.ForWindows7Ultimateyouneedtoallocateatleast2GB.Biggerisbetter.Fortheharddiskstoragecapacity,50GBisenough.

NowyouarereadytoconnecttotheISOimageoftheOS.Thispartisalittletricky,butanyonlineguidewillshowyouhowyoucan

connectthem.Whenyouclickthe“storage”sectionofyourVirtualBoxitwillpopopen

awindowthattellsyoutoconnectwiththeISOimage.Itisnotatalldifficult.TheadvantageofVirtualBoxisifyoufailtodosomejobitwon’taffectyouroriginalmachine.

Figure4-6. InstallationofWindows7Ultimatetakesplace

Figure4-7. Windows7Ultimateisgettinginstalled

WhenanynewOSisinstalledonyourvirtualmachine,itisusuallysmallinsize.Butthereisatechniquethatwillhelpyougettheoriginalfullscreen

effect.ForWindows7Ultimate,thereisaVirtualBoxGuestAdditionfolder

availableinthestoragesection.Theblue-coloredboxcomeswithalabel.ItreadsVirtualBoxGuestAdditions.Justclickonit.Itwillopenup.Itwillcontainseveralfiles.Youwillnoticetwo“.exe”files.Oneisforthe32-bitandtheotherisforthe64-bitsystemarchitecture.Mymachineis64bitsoIclickandrunit.Thestepsareverysimple.Itwillaskforittobeinstalled.ClickOKandproceed.ItwillmakeyourWindows7Ultimatevirtualmachinestatefullscreen.

WehavesuccessfullyinstalledVirtualBoxonourvirtualmachineandwehaveinstalledKaliLinuxandWindows7Ultimateonit.Nowit’stimetomoveon.

(1)


5.LinuxTerminal,BasicCommands

SanjibSinha1


ItisextremelyimportanttoknowabouttheLinuxterminalandcommands.Notingreatdetail,butthisprimaryknowledgewillhelpyouimmenselyinthefuture.Themoreyoudelvedeepintotheworldofethicalhacking,themoreyouwillstartfeelingthatyouneedtoknowmoreabouttheLinuxsystem.Thisbookwillnottakeyouthatfar.Butaverybasicknowledgeisnecessarysothatyoucanunderstandwhatisgoingonaroundyou.

Itmightseemrepetitive,butIwouldlikeittobecementedinyourmindthatwithoutknowingLinuxproperlyyoucan’tgodeepintothemysteriousworldofethicalhacking.Soyoumustknowbasiccommandsfirst.Thesecommandswilltellyouaboutthecomputeritself.Itwilltellyouthelocationoffilesystem—whereyouareonyourcomputer.Bythesecommandsyoucanchangethepermissionofafilesystem,copy,orpermanentlyremoveafile.Youcanaddanewusertoyoursystem.Youcanhavealistingoffilesthatarecurrentlyinthedirectorywhereyouare.Thislistingincludesthehiddenfiles.Inanutshell,youcanatleastdothebasicoperationsthroughyourkeyboardwithoutusingyourmousepointer.Thatisgreatfromtheperspectiveofabeginner,Ipresume.

Tobeginwith,letusfirststartKaliLinux.InthefollowingimageyouwillseeafullscreenrepresentationofKali.Iamgoingtoexplainafewthingsfirst,sothatasabeginneryouwilllearnwhatyouneedtoknowfirstaboutKali.

Figure5-1. KaliLinuxfullscreenviewwithitsleftpanel

TheimageaboveisshowingthefullscreenviewofKaliLinux.Ontheleftpanelonthetop,thereisthebrowser,“Iceweasel.”Nextfollowsthecommandlinetool.Weneedthattoolprettyofteninthecominglessons.Thecommandlinetoolorterminalbasicallydealswithalltypesofkeyboardinputs.Thegoodprogrammershardlyuseamousepointer.Theyaremorecomfortablewiththisterminalandkeying.Thefilesystemfollowsit.Ifyouclickonit,itwillopenupawindowjustlikeanyWindowsNTversion.Youwillseevariousdirectoriesandfolderslike“Home,”“Downloads,”“Pictures,”etcetera.

Letusstartwiththecommandtoolbyopeningit.Youcanmakeitlookbigger.Justuseyour“control”and“shift”keyswiththe“+”sign.

Inthefollowingimageyouwillseeafewstartingcommandsthatweusuallytypetoknowwhatkindoffileswehaveinsomedirectoriesorfolders.

Figure5-2. KaliLinuxwiththecommandlinetool

Whatdoestheimageshow?ItshowsthatIhavetyped“ls”first.Whatdoesthat“ls”commandmean?It

standsforlisting.ItellKalitoshowthelistingoffilesandfoldersthatyouhaveand,inafractionofsecond,itshowsmeallithas.

NextIhaveusedthe“cd”command.Whatdoesthatmean?This“cd”commandstandsfor“changedirectory.”Youseeintheimage

thatIhavechangedthedirectoryto“home”andissuethe“ls”commandagaintoseewhatithas.Ithasonefoldercalled“sanjib”andafile.Thefolder“sanjib”meansthe“root”orsystemitselfhasausercalled“sanjib”.Nowasarootoradministrator,IhavecreatedthatusersothatatthebeginningIcanloginas“sanjib”.YoucancreateseveralusersinaLinuxsystemsothatfromvariousmachinestheycanlogintotheirfilesandfolders.Buttheuserswillneverhavetherootprivilege.Theycan’tpenetrateintotheadministrator ’sspacebuttherootoradministratorcanalwaysseewhattheusersaredoing.Asaroot,anadministratorcancreateordeleteanyuser.

Fromthisplaceyoucanguesswhatishappening.Wechangethedirectoryandlookatwhat“sanjib”hasinitsdirectory“Downloads.”

Nextwelearnaboutthe“pwd”command.Itstatesyourposition.Asaroot,ifyouareat“Home”directoryandissuea“pwd”command,ithasoutputlikethis:

root@kali:/home#pwd/homeroot@kali:/home#

Itsaysyouareat“/home”directory.This“pwd”commandisimportantwhenyouhavetocontrolalargecomplicatedsystem.Oftenyoumightforgetwhereyouareworking.Usuallyifyouwanttogobacktothepreviousdirectory,youneedtotypethis:

root@kali:/#cd/home/sanjib/root@kali:/home/sanjib#cd..root@kali:/home#

Itmeansyoufirstgoto“sanjib”directoryandthencomebackwitha“cd”commandhavingtwodots.

Nextwelearnaboutthe“cp”command.Thiscommandstandsforcopy.Youcancopyafilefromonedestinationtotheother.Wehaveseenthatinour“home”directorywehaveafile,“VBoxLinuxAdditions.run.”Letuscopythisfiletothe“Documents”directoryofuser“sanjib”.

root@kali:/home#cp-vVBoxLinuxAdditions.run/home/sanjib/Documents/

'VBoxLinuxAdditions.run'->'/home/sanjib/Documents/VBoxLinuxAdditions.run'

root@kali:/home#

Nowwewouldliketogotothe“sanjib”documentsfolderandseewhetherthefilehasbeenproperlycopiedornot.

root@kali:/home#cdsanjib/Documents/root@kali:/home/sanjib/Documents#lsVBoxLinuxAdditions.runroot@kali:/home/sanjib/Documents#

Ihavechangedthedirectoryto“sanjib/Documents”andissuethe“ls”commandtoseethelisting.Itshowsthefile.Soitisworkingproperly.

Youcanlearnaboutanycommandveryeasily.Youjustneedtoadda“—help”commandlikethis:“cp–help.”Itspitsouteverythingaboutthatcommandanditisveryverbose.Ittellsyouaboutanycommandinfulldetail.

Anotherveryimportantcommandis“mv”.Withthiscommand,youcan

moveanyfilefromonefoldertoanotherfolder.Thiscommandismoreorlesslikea“cp”command.Butthereisamajordifference.Thiscommandcompletelymovesthefilefromoneplacetotheother.Anotherimportantcommandis“cat.”Youcanreadanytextfilewiththehelpofthiscommand.

Ihaveafoldercalled“Writing”andhavesomedocumentsoverthere.Nowwiththehelpofthiscommandwecanreadanytextfile.Rememberitistrueonlyforatextfile.Foranexperiment,Iwantedtoreadafilewithextension“.odt”andthenextimageshowsyouhowitlookedontheterminal.

Figure5-3. Tryingtoreadanon-textfilewith“cat”command

InthispartIwanttoshowanothertrickthatisoftenbeingusedinLinux.Supposeyouwanttowriteatextfileveryquickly.Youcanuse“nano”.ItcomeswitheveryLinuxdistribution.Justtype“nano”onyourterminalanditwillopenupatexteditorontheterminalitself.Thenextimageshowsyouhowithappens.

Figure5-4. Nanotexteditor.Howtosaveafileandexittheeditoriswritteninit.

Nowyoucansafelyreadthisnewfile,“novel.txt”,withyour“cat”command.Allyouneedtodoisissueacommandonyourterminallikethis:

catnovel.txt

Itwillreadyourfileontheterminalitself.Nowitmightbeagoodideatoeditthisfile.Youcanedititontheterminal

using“nano”.Inthatcase,youneedtowriteonyourterminalthiscommand:

nanonovel.txt

Thiswilltell“nano”toopenthefile.Therestisthesame.Youcaneditanyportionand,withthe“control”and“o”key,youcansaveitagain.Thenyoucanexitthefilewith“control”and“x”.

Inthenextimagewewillseehowitlookswhenwetrytoreadafilebyusingthe“cat”command.

Figure5-5. Readingatextfileusing“cat”command

Usually,seasonedprogrammersusedtoworkontheterminalandtexteditorslike“VI,”“VIM,”or“NANO”areextremelypopular.

NowwearegoingtolearnaveryimportantLinuxcommandcalled“grep”.Thiscommanddoessomesortofsearchinginsideafileanditdoesitinaveryinterestingmanner.Letusfirstseewhatwehaveinourrootdirectory.

Weissueacommandlikethisonourterminalandseetheoutput.

hagudu@hagudu-H81M-S1: $cd/etc/apthagudu@hagudu-H81M-S1:/etc/apt$lsapt.conf.dsources.listsources.list.savet

rusted.gpgtrusted.gpg.dpreferences.dsources.list.dtrustdb.gpgt

rusted.gpghagudu@hagudu-H81M-S1:/etc/apt$

Asyoucansee,wehavechangedthedirectoryto“/etc/apt”andseethelisting.Wefindmanyfilesthereandpresentlyweareinterestedinthe“sources.list”file.Wecanusethe“cat”commandtoreadthefilebutwehavesomethingdifferentinmind.

Wewouldliketosearchsomeparticularwordandwanttoseparatethemandseetheminsegregation.Thecommand“grep”alongwithanother

command,“|”(pipe),willhelpusindoingso.Weactuallytelltheterminaltodisplaythecontentof“sources.list”first

andthenpipethattermtooursearchingprocess.Letusseehowitworks.Ifwesimplywriteacommandlike“catsources.list”,itwilldisplayalong

listingofthesourcesofthisLinuxsystem.Youcanwriteandseethem.Butweareinterestedaboutsearchingtheword“src”andwanttoseehowmanytimesthatwordhasbeenusedinthe“sources.list”.

Sothefinalcommandandtheoutputarelikethis:

hagudu@hagudu-H81M-S1:/etc/apt$catsources.list|grepsrc

deb-srchttp://in.archive.ubuntu.com/ubuntu/trustymainrestricted

deb-srchttp://in.archive.ubuntu.com/ubuntu/trusty-updatesmainrestricted

deb-srchttp://in.archive.ubuntu.com/ubuntu/trustyuniverse

deb-srchttp://in.archive.ubuntu.com/ubuntu/trusty-updatesuniverse

deb-srchttp://in.archive.ubuntu.com/ubuntu/trustymultiverse

deb-srchttp://in.archive.ubuntu.com/ubuntu/trusty-updatesmultiverse

deb-srchttp://in.archive.ubuntu.com/ubuntu/trusty-backportsmainrestricteduniversemultiverse

deb-srchttp://security.ubuntu.com/ubuntutrusty-securitymainrestricted

deb-srchttp://security.ubuntu.com/ubuntutrusty-securityuniverse

deb-srchttp://security.ubuntu.com/ubuntutrusty-securitymultiverse

#deb-srchttp://archive.canonical.com/ubuntutrustypartner

deb-srchttp://extras.ubuntu.com/ubuntutrustymain#deb-srchttp://archive.ubuntu.com/ubuntutrusty

universehagudu@hagudu-H81M-S1:/etc/apt$

Itisinterestingtonotethatwefirstissuedacommandlikethis:cat

sources.list|grepsrcAndthelongoutputthatfollowsthatcommandhasallthestatementsthat

have“src”init.Wecanevenfilterthesourcefilemoredistinctly.Wecannarrowdownour

searchesmoreandtelltheterminaltofindtheword“src”onlywithsmalllettersbywritingdownthiscommand:

catsources.list|grep–isrc

Inthefuture,wewillusethis“grep”commandextensivelytoscananetworkwithaparticularword.

Anotherimportantcommandis“echo”.Thiscommandliterallyechoeseverythingyouwriteonyourterminal.Youcanalsodosomethingmorewiththiscommand.Youcanevenchangeatextfilewiththiscommand.

Previouslywehavewrittenatextfile“novel.txt”andsaveditonourhomedirectory.Nowwearegoingtooverwritethatfilewiththis“echo”command.

hagudu@hagudu-H81M-S1: $echo"IDON'TLIKETHISNOVELANYMORESOICHANGEIT">novel.txt

hagudu@hagudu-H81M-S1: $catnovel.txt

IDON’TLIKETHISNOVELANYMORESOICHANGEIT

hagudu@hagudu-H81M-S1: $

Wehavefirstechoedsometextonourterminal,thenweused“>”(greaterthansign)toputthattextintothefile“novel.txt”.Inthenextcommand,wehaveagainusedthe“cat”commandtoreadthefile“novel.txt”andfoundthatthefilehasbeenchanged.

NowwewilllearnhowtomakedirectoriesinLinux.Thereisaveryusefulcommand:“mkdir”.Itplainlymeans“makedirectory.”Letusmakeadirectorynamedafterthisproject:“EthicalHacking.”Youmayguessthatthecommandisextremelysimple:mkdirEthicalHacking

No,itisnot.Inthiscase,ifyouwritethatway,Linuxterminalunderstandssomethingelse.Itcomprehendsthatyouwanttocreatetwoseparatedirectories.Oneis“Ethical”andtheotheris“Hacking.”Ithasalreadycreatedtwodirectoriesinthatway.Soletusremovethemfirstandnextwewillcreateadirectorywithmoremeaningfulmeaning.

Toremoveadirectory,youmusthave“root”privilege.Itmeansyouarean

administratororsuperuserofthesystem.InUbuntu,ifwewanttobea“root”or“superuser,”weissuethecommand“sudo”first.InKaliLinuxitisdifferent:“su”.Butinbothcasesonceyouwritethatcommand,thesystemwillaskforthepasswordthroughtheterminal.Letusseehowitworks.

Wefirstissuethecommandandinthenextstepwecheckwiththe“ls”commandtoseewhetherthosedirectoriesexistanymore.

hagudu@hagudu-H81M-S1: $sudorm-rfEthical/Hacking/

[sudo]passwordforhagudu:hagudu@hagudu-H81M-S1: $ls

Itworked—twodirectorieshavebeenremovedsuccessfully.Letustrytounderstanditmore.Wealreadyknowthatthe“rm”commandstandsfortheword“remove”Butwhataboutthe“-rf”commandthatfollowsit?Thecommand“-rf”means“doitrecursivelywithforce.”Generallythis“-rf”commandisusedtoremovedirectories.YouhavetobeverycarefulaboutusingthiscommandbecauseinLinux,onceyouhaveusedthiscommand,thefileordirectoryisdeletedpermanently.Itisnexttoimpossibletoretrievethem.Itiswisetobeverycarefulaboutusingit.

Hopefullyyouhavealsonoticedthatwehavestartedourcommandlinewith“sudo”.Andyouwrite“sudo”,itasksforthepassword.Inthiscase,youalwaysgivethepasswordthatyouusuallytypedowntologintothesystem.

Letusagainmakethedirectoryproperlyandthistimewenameit“Ethical-Hacking”,sothatthesystemwillnolongerinterpretitastwoseparatedirectories.

hagudu@hagudu-H81M-S1: $mkdirEthical-Hackinghagudu@hagudu-H81M-S1: $cdEthical-Hacking/hagudu@hagudu-H81M-S1: /Ethical-Hacking$lshagudu@hagudu-H81M-S1: /Ethical-Hacking$touch

file1file2hagudu@hagudu-H81M-S1: /Ethical-Hacking$lsfile1file2hagudu@hagudu-H81M-S1: /Ethical-Hacking$

Firstwehavemadedirectory“Ethical-Hacking”.Thenweuse“cd”togoinsideitand,withthehelpof“ls”,wecheckedthatthedirectoryisempty.Afterwardsweissuethe“touch”commandtocreatetwofiles:“file1”and

“file2”.Againweissuethe“ls”commandtocheckthattwofileshavebeencreatedsuccessfully.

InEthicalHacking,anonymityisaverybigdeal.Inthenextchapterwelearnitingreatdetail.Beforethatyouneedtounderstandthat,intheprocessofbeinganonymous,itisgoodtobeanyuserratherthantherootuser.Astherootorsuperuser,youfirstaddauserinyourvirtualKaliLinux.Setapassword.ShutdownKali.Rebootandloginasthenewuser.Itisagoodpractice.

Nowhowcouldyouaddauser?LetusopenourvirtualKaliandastherootuserwe’dusethe“adduser”commandontheterminal.Supposeournewuserhasanamelike“xman”.Inthatcase,thecommandwillbeverysimple:adduserxman.

Onceyouhaveissuedthiscommand,Kaliasksforthepasswordandotherdetails.Giveastrongpasswordofatleasteightcharacterswithalphanumericcharacters.Nowshutdownyourmachineandloginas“xman”.Forotherdetails,itisnotmandatorythatyouneedtogiveyourrealidentity.Youcanfillthemwithanydata.

Astherootorsuperuseryoucanaddasmanyusersasyouwish.Youcandeletethemanytime.Youcanrestricttheiractivitiesfromanyangle.Asanadministratoryoucanaddauserwhowillnotbeabletologinaftersixmonths.Youcancreategroupsandsetarulesothatentryisrestricted.Someuserscanenterintothatgroup.Somecan’t.

Primarilyyouneedtoaddoneuser,“xman”,andloginthesystemasthenewone.Auserisnotpermittedtoaccessortamperanyfileoftherootorsuperuser.Butassuperuseryoucanalwayschangethefilepermission.Itisaveryimportantconceptfromeveryangle.OntheInternet,theconceptoffilepermissionisextremelyimportant.

Anyfilehasthreetypesofpermissionsrelatedtoit.Itcanbeonly“readonly.”Themeaningisclear.Youcan’twriteonitorexecuteit.Itcanbe“writeonly.”Anotherstateoffileis“executablemode.”Ifitisexecutable,youcanperformanyactionbyrunningit.YoucanwriteasimplePythonprogram.Thisprogramwilltakeinputsfromusersandgiveoutputs.AfterwritingaPythonfileyoucanmakeitexecutable.

Letusseehowithappens.LetusopenourKaliLinuxterminaland,withthehelpofthe“ls”command,weseewhatwehavetherepresently.

sanjib@kali: $cdDocuments/sanjib@kali: /Documents$lsVBoxLinuxAdditions.run

sanjib@kali: /Documents$ls-latotal7048drwxr-xr-x2sanjibsanjib4096May2910:30.drwxr-xr-x18sanjibsanjib4096Jun309:59..-r-xr-xr-x1rootroot7208397May2910:30

VBoxLinuxAdditions.runsanjib@kali: /Documents$

Firstwegotothe“Documents”folderandissuethe“ls”command.Thatshowsonlyonefile:“VBoxLinuxAdditions.run”.Ournextcommandis“ls–la”.Itmeans:wewantalistingofallfileswithalldetails.Youcanseethedifferenceabove.Theoutputisinred.Itshowstwohiddenfileswiththepreviouslyseenfile.Anditalsoshowstheownersoffilesanditalsoshowsthepermissions.Letusconsiderthislineminutely.

-r-xr-xr-x1rootroot7208397May2910:30VBoxLinuxAdditions.run

Ittellsusthattheownerofthisfileis“root”.Andthestartinglineisalsoveryimportant.Ithandlesfilepermissions.

r-xr-xr-x

Whatdoesthismean?Ithasthreedistinctparts.Thefirstpartis“r-x”.Thesecondandthirdpartsarealsothesame:“r-x”.Thefirstpartisfortheownerofthefileorcurrentuser.Thesecondpartisfor“group.”Andthefinalorthirdpartisforthesuperuserwhoisviewingthisfile.Ihavealreadycreatedanotheruser,“sanjib”,andhaveloggedinas“sanjib”.Thatiswhyyouseethiskindofoutput:sanjib@kali:∼/Documents$ls-la

Nowtomakethisconceptmoreclearwewillcreateausernamed“xman”.Andwewillloginas“xman”andseewhatwehaveinourDocumentsfolder.

Tocreateanewuser,youneedtologinasarootorsuperuser.Letusassumewehaveloggedinas“root”.Thecommandsandtheoutputaregivenbelow.

root@kali: #adduserxmanAddinguser`xman'...Addingnewgroup`xman'(1002)...Addingnewuser`xman'(1001)withgroup`xman'...

Creatinghomedirectory`/home/xman'...Copyingfilesfrom`/etc/skel'...EnternewUNIXpassword:RetypenewUNIXpassword:passwd:passwordupdatedsuccessfullyChangingtheuserinformationforxmanEnterthenewvalue,orpressENTERforthedefaultFullName[]:xmananonymousRoomNumber[]:123WorkPhone[]:321HomePhone[]:213Other[]:anonIstheinformationcorrect?[Y/n]yroot@kali: #Congratulation!Youhavejustsuccessfullycreated

anewusercalled'xman'.YounoticethatithadaskedforthepasswordandtoldyoutoretypetheUNIXpasswordagain.

Letuslogoutas“root”andloginas“xman”.Letusalsogotothe“Documents”folderof“xman”andseewhatwehave.

xman@kali: $cdDocuments/xman@kali: /Documents$lsxman@kali: /Documents$ls-latotal8drwxr-xr-x2xmanxman4096Jun310:33.drwxr-xr-x14xmanxman4096Jun310:33..xman@kali: /Documents$

Everythinggoesasexpected.Onlyonethingismissing.Thisnewuserdoesnothavethisline:-r-xr-xr-x1rootroot7208397May2910:30VBoxLinuxAdditions.run.

Maybewehadmovedthatexecutablefilefromanyrootfoldertothe“Documents”folderofuser“sanjib”before.

Nowwealreadyknowhowtocreateafileusing“nano”texteditor.SowecanmoveonandhaveaverysmallPythonfile.Presumablyyoudon’tknowPython,soIkeepitverysimplejusttoshowhowwecanchangefilepermissions.

#!/usr/bin/python3print("TYpeyourname.")inputs=input(">>>>>>")outputs=inputsdefmain():print(outputs)if__name__=='__main__':main()

Inside“nano”editorwewriteasimpleprogramthatwilltakeinputandgiveoutput.Savethefileas“pyfile.py”andexit“nano,”andletusissue“ls–la”toseewhatitshows.

xman@kali: /Documents$ls-latotal12drwxr-xr-x2xmanxman4096Jun310:50.drwxr-xr-x15xmanxman4096Jun310:42..-rw-r--r--1xmanxman86Jun310:44pyfile.pyxman@kali: /Documents$

Asyousee,thefilesayseverything.Itsaysthatnow“Documents”folderhasonenewfile,“pyfile.py”,andithasbeencreatedat10:44.Theowneris“xman”andithasfilepermissionslikethis:rw-r--r--

Nowyouknowwhatthismeans.Itmeans:theuser“xman”canreadandwritethisfilebuthecan’t“execute”thisfile.

xman@kali: /Documents$chmod+xpyfile.pyxman@kali: /Documents$ls-latotal12drwxr-xr-x2xmanxman4096Jun310:50.drwxr-xr-x15xmanxman4096Jun310:42..-rwxr-xr-x1xmanxman86Jun310:44pyfile.pyxman@kali: /Documents$

Lookhowwehaveusedthe“chmod”commandtochangethefilepermissiontoexecutable.Onceyouhavechangedthefilepermissiontoexecutable,itchangesthecolortogreen.Andalsolookatthefilepermission:rwxr-xr-x

ThefirstpartImarkasredsothatyoucanunderstandthedifference

betweenthem.Thefirstpartofthepermissionsays“x”hasbeenaddedsinceweusedthe“xman@kali:∼/Documents$chmod+xpyfile.py”command.

Letusexecutethefileandseehowittakestheinputandgivestheoutput.

xman@kali: /Documents$./pyfile.py

Typeyourname.

>>>>>>xmanxman

Whenyourunthefile,itaskstotypeyournameandgentlyspitsbacktheoutput.

SummaryYouhavelearnedafewbasicLinuxcommandsinthischapter.NowatleastyouhaveanideahowaLinuxsystemisworkingandhowyoucanuseyourterminalorcommandlinetooperateyoursystem.

Inthelearningprocessofethicalhacking,youfinditextremelyuseful.Inthefuture,youneedtolearnfewmoreLinuxcommands.YourknowledgeofLinuxoranyotheroperatingsystemmustbecommendable.Asyouprogress,Ihope,your“appetitecomeswitheating.”

Wehavediscussedenoughrudimentstostompourfeetonthegroundofethicalhacking.Nowitistimetomoveforward.Wearereadytotakethefirstimportantstepintotheworldofethicalhackingbylearningaveryusefulprogramminglanguage:Python3.

WehavediscussedPython3inamannersothatyouneednoprogrammingbackground.It’sbeenelaboratelydiscussedsothatyoumightreachtheintermediatestageandwriteyourownprograminPython3.Asyouprogressinthevastuniverseofethicalhacking,you’llfindtheimportanceoflearningPython.

PartII

(1)


6.Python3andEthicalHacking

SanjibSinha1


Pythoncandomanythings,especiallyinthesocketandnetworkingfield.Additionally,insystemmonitoringithashugeimportance.Intheadvancedlevelofethicalhackingitcancastamagicalspell.YoucanwriteyourownPythonprogramforanytypeofsecuritypurpose.

Remember,anyprogramwritteninPythonoranylanguagedoesissuesomeinstructions.Andtheyaremoreorlesssame.Theyare:

INPUT:Getdatafromkeyboardoranyfileoranysource.OUTPUT:Displaydataonscreenorsendittoanyfile,deviceoranyother

source.MATHEMATICS:Dosomebasicmathematicaloperationslikeadd,

subtract,multiplyordivide.Itcanbecomplexalso.Itdependsonyourapplication.

CONDITIONALEXECUTION:Checkthattheconditionsareproperlymet.Like“ifthatistruethendosomethingelse/dosomeotherthing.”

REPETITION:Performsomeactionrepeatedly.MostpeopleusedtohaveaWindowsorMacintoshplatformattheirhome.

Beforeyoustart,IaskyoutotryLinuxasadualoperatingsystem.Therearealotofuser-friendly,freeLinuxdistributionsavailable.YoucantryUbuntu,oranyDebianpackage.JustdownloadthestableISOimageandburnitontoaDVDandinstallitalongwithyourrunningOS.Itwillhelp.PythoncomeswitheveryLinuxdistribution.

TheavailableLinuxwillruninsideWindowssowheneveryouwanttotryanyopensourceprogramminglanguagelikePythonorPHP,youcantakeadvantageofit.YoucantrytheLinuxterminalwhenevernecessary.

Basically,PythoncomeswithanyLinuxDistribution,soyouneednot

worryabouttheinstallationinLinux.Thatisalsoaplus.IfyouwanttosticktoWindows,pleasevisitthedownloadsectionofthe

officialPythonsite.Accordingtoyoursystemconfiguration,downloadthe“python-3.4.4.tar.xz”fileforwindows.Whenyouextractthatfile,youwillgetthe“python-3.4.4WindowsInstallerPackage.”Justrunitandfollowthesimplesteps.Isuggestyoudownloadthedocumentationalongwiththeinstallerpackage.Thisdocumentationisextremelyhelpful,notonlyforbeginnersbutforseasonedprogrammers.Afterdownloading,openthedocumentation.

Thisdocumentationispurelydesignedforprogrammers,notforbeginners.Butasabeginner,youneedtoaccustomyourselftothismanualsothatafteracertainperiod,itbecomesapartofyourprogramminglife.

Almosteverypossibleprogrammingproblemisdiscussedinthisdocumentationand,moreover,youcandevelopthecodeandcreatesomeawesomeapplicationwiththehelpofthisdocumentation.

Itlookslikethis:

Figure6-1. Python3documentationpage

(1)


7.PythonEnvironment

SanjibSinha1


YouaregoingtolearnPython3.Python2hasbeenaroundforalongtimeandhasahugelibraryandmodulesupport,butPython3isthefuturelanguage.YoucanalsoeasilyinstallPython3.Consultthedownloadsectionoftheofficialwebsite.InanymodernLinuxdistribution,openyourterminalandtype“python3”.ItwillgiveyouthePythoninterpreterorshellwhereyoucanwriteyourcode.

Remember,PythoncomeswitheverymodernLinuxdistribution.Soyouneednotinstallitanymore.Butafewpackagesyoumightneedtoinstall.TherearetonsoftutorialsandalotofcommunityhelpyoucangetovertheInternet.

ThePythoninterpreteronatypicalLinuxdistributionlookslikethis:

Figure7-1. ImageofPythoninterpreter

InanymodernLinuxdistribution,youneednotdoanything.Opentheterminalandtype“python3”,andyouwillhaveanoutputlikethis:

hagudu@hagudu-H81M-S1: $python3Python3.4.3(default,Oct142015,20:28:29)[GCC4.8.4]onlinuxType"help","copyright","credits"or"license"

formoreinformation.>>>

ItsaysmycomputerhasPython3.4.3.Nowyoucanwritesomecodedirectlyonittogetsomeoutputlikethis:

>>>name="Sanjib">>>print(name)Sanjib>>>

InLinux,yousaveaPythonfilefirst.Writethiscode:

<code>

#!/usr/bin/python3defmain():print("HelloPython!")if__name__=="__main__":main()</code>

IfyouarenewtoLinux,firstsavethisPythonfileas“hello.py”andthenchangeittoexecutablewiththiscommand:

sudochmod+xhello.py

Ontheterminal,runthisfilewiththiscommand:

./hello.py

Itwillgivetheoutput:HelloPython!ThisisyourfirstPythoncode.ForWindows,downloadPythoninstalleranddocument.Thedocument

comesina“.chm”file.Itwillhelplater.ToinstallPython,justruntheinstaller.Itwillbeinstalledinyour“C”driveinaminute.Nowyoucangoto“allprograms”andrunPythonfromthere.Normally,asmallIDEcalledIDLEcomeswithPython.Youcanwritecodeandjustrunit.Letusseehowitlooks:

Figure7-2. PythonIDEinWindows

Intheaboveimage,youseeonthetopisIDLE,whichisthePythonShell.Youcandirectlygetoutputfromit.YoucanalsogothefilesectionofIDLEandcreateanewfile.Ihavedonethat.Icreatedafile,”test.py”,andwrotesomecodeinit.ThenfromIDLEyoucaneitherrunthismoduleorjustpressF5anditwillkeeprunning.Asyouseeinthepicture,ourPythoncodedrewabeautifulshape.InWindows7orlater,youcanopenPowerShellandtypethesamethingandyouwillgetthesameresult.ButIpreferyouinstallagoodPythontexteditororIDEfirst.

ForLinux,“Pycharm”communityeditionisagoodchoice.Itisfree.ForWindowsorMac,thereareseveralgoodfreetexteditors.SearchontheInternetandinstall.Themainadvantageisyoudon’thavetoindenteverylineofcode.Itisautomated.Second,thesupportofalargePythonlibraryisavailableineveryIDE.

(1)


8.GeneralSyntaxes

SanjibSinha1


Inthischapterwewilllearnsomethingjusttotrysomecodes.Wewilllearnthesamethingsindetaillater.AllweneedtodonowisjusttrytowritesomecodeinPythonandseehowitworks.Atthesametime,wewilllearnaboutthegeneralsyntaxesusedofteninPython.

Createthemain()functionAsIsaid,Pythonscriptsarealmostlikehumanlanguage.Youneednotusealotofspecialcharactersorsymbols.Allyouneedtorememberisthat“indentation”playsaveryimportantroleinPython.Whenyouapplysomespecialconditionsinsideyourcode,thisindentationisimportant.

Fewthingsrepeatineverycode.SoyoucanwriteitoutinaseparatefileandjustusethemineverynewPythonfile.Thegeneralsyntaxstructurecodelookslikethis:

<code>#!/usr/bin/python3defmain():print("IamageneralsyntaxPythonfile")if__name__=="__main__":main()</code>

Savethisfileas“general-syntax.py”.Whenyouexecutethisfile,itwillsayorprintout:“IamageneralsyntaxPythonfile.”

Theveryfirstline,“#!/usr/bin/python3”,denotesthepathofPythoninterpreter.ThegreatnessofPythonisthatitremainssameineveryoperatingsystem.Inthesecondpartwehavedefinedamain()functionand,underthatmain()function,wecancallanyfunction.Withoutamain()function,youcannotcallafunctionbeforeitisdefined.Considerthisexample:

<code>#!/usr/bin/python3defmain():print("IamageneralsyntaxPythonfile")LetUsDoSomething()

defLetUsDoSomething():print("Iamdoingsomething")

if__name__=="__main__":main()</code>

Nowitwillgiveaniceoutputlikethis:

IamageneralsyntaxPythonfileIamdoingsomething

Supposeyoudon’thaveanymain()function.NowifyouwanttocallthefunctionLetUsDoSomething()beforethatfunctionisdefined,itwillgiveanerror.

Trythiscodeandseetheerror:

<code>#!/usr/bin/python3LetUsDoSomething()defLetUsDoSomething():print("Iamdoingsomething")</code>

Itsays:NameErrorLetUsDoSomething()isnotdefined.Youcanalwayscallitafterthefunctionisdefined.Inthatcase,youdon’tneedthemain()functiondefined.Butinalonglineofcodewheremanyfunctionsare

involved,itisnotalwayspossibletomaintainit.Tosolvethatproblem,itisagoodpracticetodefinethemain()functionfirst.Afterthatyoucanwriteanyfunctionafterthemain()functionandcallitinsidethemain().

IndentationandWhiteSpaceTheyplayaveryvitalrolewhenyouworkwithPython.

Indentationorwhitespaceisvery,veryimportant.BeforeyoustartlearningPython,youneedtounderstandthisproperly.Considerthiscode:

<code>#coding=utf-8defmain():print('Alineinsidemainfunction.')print("Alineoutsidemainfunction.")if__name__==main():main()</code>

Lookatthiscode.Theprint()functioninsidethemain()functionhasbeenindented.Ithasaboutfourspaces.Andthesecondprint()functionisoutsidethemain()function.Andlookatthecode;itfallsonthesamelinewiththemain()function.Sowhenwerunthisprogram,theoutsideprint()functionexecutesfirst.Andtheoutputislikethis:

//outputAlineoutsidemainfunction.Alineinsidemainfunction.//outputended

Ifwetrytopushtheoutsideprint()functionalittlebitinside,itwillgiveanerror,becausePythoninterpreterwillthinkthatitisinsidethemain()function.Actuallythisisnottrue.Ifwewanttopushthat“outsideprint()function”insidethemain()function,weneedtoplaceitonthesamelineoftheinsideprint()functionlikethis:

<code>#coding=utf-8defmain():print('Alineinsidemainfunction.')

print("Alineoutsidemainfunction.")if__name__==main():main()</code>

Nowtheoutputchanges.Itlookslikethis:

//outputAlineinsidemainfunction.Alineoutsidemainfunction.//outputended

Welearnaveryimportantlessonthatweshouldlearnbyheart.Thelessonis:whitespaceorindentationinPythonplaysamajorrole.Whenwewriteafunctionandputsomeotherfunctionsinsideit,theymustfallonthesameline.InanytexteditororIDE,itisautomaticallydone.Whenyoupressthe“enter”or“return”key,thefollowinglineskeepfallingonthesameline.Ifyouwanttogooutsidethatfunction,justfollowthefirstexample.JusttounderstandhowindentationworksinPython,wewritealittlelengthycodeandseehowitlooks.

<code>#coding=utf-8defmain():#print('Alineinsidemainfunction.')##print("Alineoutsidemainfunction.")OutsideMainFunction()defOutsideMainFunction():x=0whilex<5:print(x)x=x+1if__name__==main():main()</code>

Lookatthecode.Wehaveamain()function.Additionally,wehaveafunctioncalled“OutsideMainFunction()'”.Itisreallyoutsideofthemain()function.Sotheyaredifferentfunctionsandtheyhavetheirownindentations.Insideofthe“OutsideMainFunction()”weseea“whileloop.”That“while

loop”alsohasitsownindentation.Actuallywebettercallit“block.”Soeveryblockofcodehasitsown“whitespace”orthecodeinsidethatblockisindentedaccordingly.Ifyoudon'tuseanyIDEandtrytowriteitonyourterminal,youhavetousethespacebar.Insideafunction,ifyouuse“fourspaces,”thenwhateveryouwriteinsidethatfunctionmustfallonthesameline.Thatis,wheneveryouwriteanewline,itmusthave“fourspaces.”Youcannotgivetwoorthreespacesuddenly.Butifyouwriteanotherfunction,youcanchangethatrule.Inthatcase,thenewfunctionhasitsownblockofcodeandithasitsownrule.Youmayusetwospacesnow.

CommentingInanykindofprogramming,commentingisveryimportant.Anotherprogrammerwillreadyourprogram.Youreverystepshouldbereadable.Ifthereisanykindoftwistoryoutrysomethingspecial,youmustexplainthatinsideyourcode.Considerthiscode:

<code>#thisismain()functiondefmain():OutsideMainFunction()#thisfunctionisoutsidemain()functiondefOutsideMainFunction():x=0whilex<5:print(x)x=x+1if__name__==main():main()</code>

Normallyanycommentiswrittenwitha#(hash)mark.WhenPythoninterpretersees#,itknowsthatisacommentanditignoresit.Inourcode,weclearlydefinewhatisthemain()functionandwealsosayinourcommentsthatthereisanotherfunctionwhichisoutsidethemain()function.

Normallyaseasonedprogrammernevercommentssuchsimplestuff.Buttobeginwith,youcanaddcommentswhenyoufeelitisnecessary.Becauseaftersometime,whenyourevisityouroldcodes,youcanrememberwhyyoudidthat.Commentingisusefulinthatway.Atthesametime,youcannottrustallcomments.Programmersoftenforgettochangecommentswhenthey

changetheircodes.

AssigningValuesInPython,theassignmentoperatorisanequal(=)sign.Whenyouwrite“a=10”,itmeans“a”isavariableoracontainer.Thisvariable“a”isassignedtoanintegervalue.Whatisthatvalue?Itis10.Thisvaluecouldhavebeenastring.Whatisastring?Astringisanadditionofcharacters.Supposeyouwrite“b=Two”.Itmeansthevariable“b”isassignedtoastringvalue,andthatstringis“Two”,whichisnothingmorethanthreecharacters:“T”+“w”+“o”.Accordingtoyourassignment,Pythoninterpretsthevalueandkeepsadefinitestorageplaceforthem.Itknowshowmanybitsandbyteswillberequiredforthem.

InPython,everythingisobject.Pythonisanobject-orientedprogramminglanguage.Asabeginner,youmaynotunderstandthisconcept.Don’tworry.Wewilldiscussitindetailasweprogress.Youwilllearnit.Presentlyyoujustrememberthatanobjectmeansaninstanceofclass.Imagineyourselfasanobject.Inthatcase,youareaninstanceof“human”class.Youhavesomepropertieslikeheight,width,etc.Youalsocandosomething.The“human”classisablueprintofyouandotherhumansandin“human”class,everythinghasbeenwell-defined.Therearealotofpropertiesandalotofactionverbsdefined.Andaccordingtothatdefinition,you,me,andotherhumanskeepdoingthings.

WhenwesayinPythonthateverythingisanobject,itmeanseverythinghasaclassorblueprintbehindit.Wewritelikethis:

<code>#!/usr/bin/python3#coding=utf-8a=1print(a)print(type(a))print(id(a))a="One"print(a)print(type(a))print(id(a))</code>

Andtheoutputislikethis:

//output1<class'int'>139113568One<class'str'>3073583584//outputended

Inthenextchapterwewilllearnaboutitinmoredetail.

(1)


9.Variables,ObjectsandValues

SanjibSinha1


InPythoneverythingisanobject.Tostartwith,youneedtorememberafewthings:

1. Variables,functionsandevencodeareobjects. 2. EveryobjecthasanID,type,andvalue.

IDstandsforidentificationofaparticularinstanceofanobject.ThisIDcannotchangeinthelifetimeofthatobject.

3. Typeidentifiesaclassofanobject.Itcannotchangeforthelifeofobject.

4. Valueisthecontentoftheobjectandmutableobjectscanonlychangevalue.Immutableobjectscannotchangevalue.

5. EveryvariableinPythonisafirstclassobject.Whatlookslikeasimplevariableactuallyissomethingmorecomplex.

Letusseewhatthesetermsmean.

<code>#!/usr/bin/python3defmain():x=1

print(x)print(id(x))print(type(x))x=2print(x)print(id(x))print(type(x))x=1print(x)print(id(x))print(type(x))


Hereistheoutput:

<blockquote>110455040class'int'210455072class'int'110455040class'int'</blockquote>

Asyousee,changingvaluesof“x”doesnotaffecttheimmutableobjectsandtheuniqueidentifierofobject“1”remainssame.Whathasbeenchangedissimplythereferenceofthevariable.First,wereferred“1”(immutableintegerobject)to“x”(variable),andthenchangeit.TheIDandtyperemainsame.

Remember,numbers,strings,and“tuples”areimmutable.Lists,dictionaries,andotherobjectsaremutable(changeable),butitdepends.

Letusseeaverybriefexamplewhereitisexplainedinthecommentsection.Theoutputisgivenalongwithit.

<code>#!/usr/bin/python3#inpythoneverythingisobject#avariableisareferencetoanobject#eachobjecthasanidentityoranIDx=1print(type(x))print(id(x))###################class'int'#139113568###################number,string,tuple->immutable#list,dictionary->mutablex=1y=1print(type(x))print(id(x))print(type(y))print(id(y))ifx==y:print("True")else:print("False")ifxisy:print("True")else:print("False")###################seethelasttwolines,botharetrue#class'int'#139113568#class'int'#139113568#True#True##################a=dict(x=1,y=1)

print(type(a))print(id(a))b=dict(x=1,y=1)print(id(b))ifa==b:print("True")else:print("False")ifaisb:print("True")else:print("False")###################seethelasttwolines,oneistruebutthe

idisnotsamesoitisfalse#class'dict'#3072650252#3072692524#True#False##################foriinrange(0,3):print(i,"=",id(i))###################0=139113552#1=139113568#2=139113584##################</code>

Weseetheoutputinsidethecode.Younoticethateveryoutputiscommentedoutsothatwhenwerunthiscode,itwillneveraffectthemainscript.Therearealotofvalues.Integers,strings,tuples,lists,andfinallydictionaries.

Nowwewillunderstandwhattheyactuallyareandhowtheywork.

UsingNumbers

InPythontherearetwokindsofnumbers.Oneisanintegerandtheotherisafloat.Wehavebuilt-inmethodsinPythonthatcanchangeanintegertoafloatandchangeafloattoaninteger.Ihopeyouwillunderstandthecodebelow.Theoutputisself-explanatory.Readthecommentalso.

<code>#!/usr/bin/python3defmain():x=3print(x)print(id(x))print(type(x))print("*********")x=3/2print(x)print(id(x))print(type(x))print("*********")x=round(42/9)print(x)print(id(x))print(type(x))print("*********")#wewanttorounditupx=42//9print(x)print(id(x))print(type(x))print("*********")#howmanydigitswewanttoroundtox=round(42/9,3)print(x)print(id(x))print(type(x))print("*********")x=43%7print(x)

print(id(x))print(type(x))print("*********")x=int(34.78)print(x)print(id(x))print(type(x))print("*********")x=float(23)print(x)print(id(x))print(type(x))print("*********")if__name__=="__main__":main()</code>

Andhereistheoutputwegetfromthiscode:

<blockquote>310455104class'int'*********1.5140223146811728class'float'*********410455136class'int'*********5140223146823568class'int'*********4.667140223146811968

class'float'*********110455040class'int'*********3410456096class'int'*********23.0140223146811968class'float'*********</blockquote>

Asyouseeintheoutput,eachnumberhasaclassandanID.Fornumbers,thisIDisimmutable.Soifyouassignthesamenumber(supposeitis1)totwodifferentvariables,likethis:a=1andb=1;theIDof“a”and“b”isthesame.

StringInPythonstringisanimmutableobjectandcanbewrittenwithindoublequotesorsinglequotes.Considerthiscode:

<code>#!/usr/bin/python3defmain():strings="Iloveyou."print(strings)anotherStrings="Iloveyoubut\nIdon'tknow

howmuchyouloveme."print(anotherStrings)if__name__=="__main__":main()</code>

Andhereistheoutput:

<blockquote>Iloveyou.IloveyoubutIdon'tknowhowmuchyouloveme.</blockquote>

Asyousee,weusedabackslashtogetanewline.Andwegotanexactbreakwhereweneededit.

Thereisalsorawstringoutput.Seethiscode:

<code>#!/usr/bin/python3defmain():strings="Iloveyou."print(strings)anotherStrings="Iloveyoubut\nIdon'tknow

howmuchyouloveme."print(anotherStrings)rawStrings=r"Iloveyoubut\nIdon'tknowhow

muchyouloveme."print(rawStrings)if__name__=="__main__":main()</code>

Andhereistheoutput:

<blockquote>Iloveyou.IloveyoubutIdon'tknowhowmuchyouloveme.Iloveyoubut\nIdon'tknowhowmuchyouloveme.</blockquote>

Thelaststatementiscalledarawstring,whereabackslashisnotworkinganymoreandwegetarawoutput.Anditisusedinregularexpression.Wewilldiscussitindetailinourregularexpressionchapter.

Wecaninsertanintegerintothemiddleofastring.IshowyouboththemethodsusedinPython2andPython3butremember,youbettersticktothe

constructusedinPython3.LetusfirstseethePython2code:

<code>days=8lyrics="%sdaysaweekisnotenoughtolove

you."%daysprint(lyrics)</code>

Theoutputislikethis:

<blockquote>8daysaweekisnotenoughtoloveyou.</blockquote>

LetusnowseethePython3code:

<code>days=8lyrics="{}daysaweekisnotenoughtolove

you."print(lyrics.format(days))</code>

Theoutput:

<blockquote>8daysaweekisnotenoughtoloveyou.</blockquote>

Whatisthemajordifferencebetweenthesetwoconstructs?ThedifferenceisinthelatestversionofPython;wetreatstringasanobject.Hencea“lyrics”objectusedamethodcalledformat()andpassedaparameterthatitwantedtoformatintoit.Inthelineprint(lyrics.format(days))weusedaperiod(“.”),tocallthemethodformat()whichisbuilt-ininthestringclass.

Inyourcodinglifeyouneedtouseplentyofstringsandsomeofthemmighthavemultiplelinebreaks.Youcannotusebackslash“n”eachtime.Itiscumbersome.

ThereisatrickyoucanuseinPythontousemultiplenewlines.

<code>newLines="""\firstlinesecondlinethirdlinemoretocome..."""print(newLines)</code>

Intheoutputthelinesbreakupautomatically.

<blockquote>firstlinesecondlinethirdlinemoretocome...</blockquote>

Nowyoucanusesinglequoteinsteadofdoublequotes.Youcanusenobackslashatthebeginning,butthatwillgenerateaspaceinthebeginningoftheline.

WhatisTypeandIDPythonisanobject-orientedprogramminglanguage.Everythingisanobjecthere.Everyobjecthasauniqueidentification,whichisknownasID.LetusopenourterminalinLinuxor,ifyouhaveWindowsorMac,openthePythonShellandtestthiscode:

<code>

>>>x=10>>>x10>>>type(x)<class'int'>>>>id(x)10455328

>>>y=10

>>>y

10

>>>type(y)

<class'int'>

>>>id(y)

10455328

>>>a=dict(name='sanjib')

>>>a

{'name':'sanjib'}

>>>type(a)

<class'dict'>

>>>id(a)

139984318683592

>>>b=dict(name='sanjib')

>>>b

{'name':'sanjib'}

>>>type(b)

<class'dict'>

>>>id(b)

139984318683720

>>>a==b

True

>>>aisb

False

>>></code>

Herewefirstassignanintegervalue“10”tothevariable“x”andlaterassignthesamevalueto“y”.LaterwechecktheIDoftwovariablesandfoundthattheIDisthesame.Wesaidthisintheprevioussection.Nowyouseetheoutput.

Wecancheckwhethertwoobjectsassignedtotwodifferentvariablesisthesameornotbywritingthisway:

<code>>>>x==y

True

>>>xisy

True>>></code>

Hereitisevidentthatboththevariables“x”and“y”arepointedtothesameintegerobject,“10”.Sothevalueissameandthevariablesarealsosame.Butitdidnothappenincaseofadictionaryobjectthatwehadwrittenjustafterthat.Thedictionary“a”and“b”havethesamevalue,butsincedictionaryobjectsaremutable,itchangestheID.

<code>>>>a=dict(name='sanjib')

>>>a

{'name':'sanjib'}

>>>type(a)

<class'dict'>

>>>id(a)

139984318683592

>>>b=dict(name='sanjib')

>>>b

{'name':'sanjib'}

>>>type(b)

<class'dict'>

>>>id(b)

139984318683720

>>>a==b

True

>>>aisb

False

>>><code>

ItsaysthedictionaryIDchanges,thoughtwovariableshavesamevalues.Whenwecheckitlogically,itsays,yes,thevalueoftwovariablesissame,butsincetheIDisdifferenttheyaredifferentobjects.

Asabeginner,youmayfindthisconceptalittlebitstrange.Butlater,asyouprogress,youwillfindthisconceptisextremelyhelpful.Adictionaryobjectneedstobechangedforprogrammingpurposes.Iftwodictionary

objectshavesameID,wecannotchangethem.

LogicalValuesLetusconsideranothershellscriptfortestinglogicalvalues:TrueandFalse.

<code>>>>a,b=0,1

>>>a==b

False

>>>a<b

True

>>>a>b

False

>>>a=True

>>>a

True

>>>type(a)

<class'bool'>

>>>id(a)

10348608

>>>b=True

>>>b

True

>>>type(b)

<class'bool'>

>>>id(b)

10348608

>>>

</code>

Hereweseethereare“bool”classesandthe“==”operatorrepresentsthetestforqualitybetweentwovalues.Since“a”hasavalueof0and“b”hasvalueof1,theoutputis“False”.Is“a”lessthan“b”?Yes.Sotheoutputcomesoutas“True”.

These“True”and“False”represent“bool”classes.Anditis“immutable”,soiftwovariablesareboth“True”theyhavesameID.

TuplesAndLists.Pythonhasmanysequentialtypes(listsofthings).Letusconsiderthiscode:

<code>x=(1,2,3,4)print(x)print(type(x))</code>

Ithasoutputlikethis:

<blockquote>(1,2,3,4)class'tuple'</blockquote>

Soitisoftheclass“tuple”andithasalistofthings.Remember,tupleisimmutable.Youcannotinsertorupdateit.Butyoucaniteratethroughitlikethis:

<code>foriinx:print(i)</code>

Itwillgiveallthenumbersyouhaveinsidethetuple.Onthecontrary,“list”isanothersequentialtypethatismutableandyoucan

changeitasnecessary.Considerthiscode:

<code>a=[1,2,3,4]print(a)print(type(a))</code>

Ithasoutputlikethis:

<blockquote>[1,2,3,4]class'list'</blockquote>

Youcaninsertorupdateitasyouneed.Supposeyouwanttoappendthe“tuplex”inthislistandyoualsowanttoinsertthe“tuplex”inthebeginning.Sothefullcodelookslikethis:

<code>#!/usr/bin/python3#tuplex=(1,2,3,4)

#lista=[1,2,3,4]

#appendingtuplextolista.append(x)print(a)

#insertingtuplexinthefirstpositiona.insert(0,x)

print(a)

#Nowiteratingthefinallistaforiina:print(i)</code>


<blockquote>[1,2,3,4,(1,2,3,4)]#afterappending[(1,2,3,4),1,2,3,4,(1,2,3,4)]#after

inserting#Whenweiteratethelist'a'theoutputlooks

likethis(1,2,3,4)1234(1,2,3,4)</blockquote>

InPython,astringisalsoasequentialtypeandyoucaniteratethroughit.Considerthiscode:

<code>strings="Thisisastring."forWeWillIterateThroughItinstrings:print(WeWillIterateThroughIt)</code>

Andtheoutputisasusual:

<blockquote>This

is

a

string.</blockquote>

Astringisasequentialtype.Considerthiscode:

<code>strings="string."print(strings[1:3])</code>

Itmeansthestringgoeslikethis:

0=s1=t2=r3=i4=n5=g

Sostrings[1:3]meansthesequencestartsfromposition1anditgoesuptoposition3,excludingthe3rdposition.Itmeansitstopsat2ndposition.Sotheoutputisasexpected:

<blockquote>tr</blockquote>

Dictionary

Pythonhasanotherverystrongaggregatetypeofvalues:dictionary.Itisaclass,asusual.Itismorelikeassociativearrayorhashinotherlanguages.

Considerthiscode:

<code>#!usr/bin/python3EnglishDictionaries={'bare':'jejune',

'anger':'dudgeon','abuse':'vituperate','howl':'ululate'}

print(EnglishDictionaries)#gettinginanmorehumanreadableformforkeysinEnglishDictionaries:print(keys,"=",EnglishDictionaries[keys])</code>

Andtheoutputis:

<blockquote>{'abuse':'vituperate','bare':'jejune','howl':

'ululate','anger':'dudgeon'}abuse=vituperatebare=jejunehowl=ululateanger=dudgeon</blockquote>

Nowwecansortthisdictionaryinanalphabeticalorderlikethis:

<code>EnglishDictionaries={'bare':'jejune',

'anger':'dudgeon','abuse':'vituperate','howl':'ululate'}

forkeysinsorted(EnglishDictionaries.keys()):print(keys,"=",EnglishDictionaries[keys])</code>

Andwegetanicecleanoutputinalphabeticalorder:

<blockquote>

abuse=vituperateanger=dudgeonbare=jejunehowl=ululate</blockquote>

Wecanalsowritedictionaryanotherwayusingaconstructoftheclassdictionary.Considerthiscode:

<code>synonyms=dict(bare='jejune',anger='dudgeon',

abuse='vituperate',howl='ululate')</code>

Wehavejustchangedthevariablenamebutusedthesamepairofwords.Nowwecansortthemasbeforetogetthesameresult.Rememberonething:whenyouusedict()function,youshouldnotwritekeyswithinquotesbutstringvaluesshouldbequotedlikeIdid.Sincedictionaryismutable,youcaninsertkeyvaluepairsintoit,likelists.

ObjectPythonisanobject-orientedlanguage.Wewilldiscussitlaterindetail.Letussaythereisaclassorblueprintandfromthisclassorblueprintwecangetmanytypesofobjects.TakeHumanclass.Itisaverycomplexclassindeed!Ithasmanykindsofproperties;manykindsofactionsareperformedbythisclass.Whenwecreateanobjectorinstanceofthisclass,thisobjectorinstancecancarryforwardeverysingletraitofthisclass.Remember,therehasalwaysbeenagoodhumanbeingandabadhumanbeing.

LetusassumeaHumanclasshastwotypesofhumans:oneisgoodandtheotherisbad.Inreality,itisnotsosimple.Buttobeginwithourlearning,westartwithalesscomplexscenario.

Considerthecodebelow:

<code>#!/usr/bin/python3classHuman:def__init__(self,kind="Good"):self.kind=kind

defwhatKind(self):returnself.kinddefmain():GoodHuman=Human()print(GoodHuman.whatKind())BadHuman=Human("Bad")print(BadHuman.whatKind())if__name__=="__main__":main()</code>

Andhereistheoutput:

<blockquote>GoodBad</blockquote>

Intheabovecodetheobjectistheinstanceofaclassandencapsulateseverypropertyandmethodoftheclassorblueprint.Intheaboveclass,weassumeasortofblueprintwhereeveryhumanbeingisgood.Sointheinitializationmethod,wewritethiscode:

<code>classHuman:def__init__(self,kind="Good"):self.kind=kinddefwhatKind(self):returnself.kind</code>

Here,“self”meansareferencetotheobject.Andthenextparameterdefinesthekindofhumanobjectswewanttocreate.

Whatdoesthislinemean?

<code>defwhatKind(self):returnself.kind</code>

Itreturnsthevalueofwhatkindofhumanobjectwewanttocreate.Thenextstepsarequiteself-explanatoryasitgoes:

<code>defmain():GoodHuman=Human()print(GoodHuman.whatKind())BadHuman=Human("Bad")print(BadHuman.whatKind())if__name__=="__main__":main()</code>

Whenwecreateourfirstobject,“GoodHuman”,weneednotpassanyvalueas“good”asthedefaultvaluethathasalreadybeenpassedimplicitlythroughtheinitializationprocess.Butwhenwewanttocreate“BadHuman”,weneedtopassthevalueexplicitlyanditreturnsthatvalue.

(1)


10.Conditionals

SanjibSinha1


InPythontherearetwotypesofconditionals.Theyare:conditionalexecutionsandconditionalvaluesorconditionalexpressions.Inconditionalexecutionsweexecuteorchecktheconditionofthestatement.Weknowthatbetweentwovaluestherecouldbethreetypesofconditions.Itiseitherlessthanorgreaterthanoritisequal.Writethiscode:

<code>defconditionals_exec():a,b=1,3ifa<b:print("aislessthanb")elifa>b:print("aisgreaterthanb")else:print("aisequaltob")conditionals_exec()

</code>

Theoutputis:

##########################aislessthanb#########################

Theoutputisobvious.Nowyoucanchangethevalueandtestthecode.Nowtrytorewritetheabovestatementinadifferentway.Wecansayxiseitherlessthanyorgreaterthany.Otherwise,itisobviousthattheyareequal.

<code>defconditional_values():a,b=1,2statements="lessthan"ifa<belse"not

lessthan."print(statements)conditional_values()</code>

Thesefunctionscanbewrittenmoreconvenientlyandneatlywiththemain()functionsnow:

<code>

defmain():print("Thisismainfunction.")conditionals_exec()conditional_values()

defconditionals_exec():a,b=1,3ifa<b:print("aislessthanb")elifa>b:print("aisgreaterthanb")else:print("aisequaltob")

defconditional_values():a,b=1,2statements="lessthan"ifa<belse"not

lessthan."print(statements)

if__name__=="__main__":main()

</code>

Ifwerunthisprogramnow,theoutputwillbe:

##########################Thisismainfunction.#lessthan#aislessthanb#########################

Nowwecanchangetheplaceofconditional_values(),andconditionals_exec()andtheoutputwillchangeaccordingly:

##########################Thisismainfunction.#aislessthanb#lessthan#########################

(1)


11.Loops

SanjibSinha1


“Whileloop”isthesimplestformofloopinPython.Butyouneedtounderstanditproperly.Otherwiseitcanendupeatingupyourmemoryrunningtheinfinityloop.Usuallymostofthejobsaredoneby“forloop”.Butinsomespecialcases,youneedtouse“whileloop”.Abasicunderstandingisimportant.

WhileLoopsInplainEnglishweoftensay,“Whileitistrueitkeepsonrunning.Whileitisnottrueitstops.”Logically,thesamethinghappenshere.Whileastatementistrue,theprocessisgoingon.Youneedamechanismtostopthatprocess.Thatisimportant.Otherwisethatstatementwilleatupyourmemory.

Considerthiscode:

<code>b=1whileb<50:print(b)b=b+1</code>

Whatdoesitmean?Itmeans,thestatement“b<50”istrueuntilthesuiteorblockofcodeistrueinsideit.Insidetheblockwewrote“b=b+1”andbeforethebeginningofthewhileloopwedefinedthevalueofbas1.

Soineachstepbprogressesbyadding1toitsvalueandfinishesat49.In

theoutputyouwillget1to49.Letusmovefurther.Considerthiscode:

<code>#!/usr/bin/python3#simplefibonacciseries#sumoftwonumbersdefinethenextseta,b=0,1whileb<50:print(b,end='')a,b=b,a+b</code>

Theoutputisquiteobvious:

<blockquote>112358132134</blockquote>

Forthebeginners,letuswritethiscodeinamorereadablewayanditwillgiveadifferentoutputaltogether:

<code>#!/usr/bin/python3a,b=0,1whileb<30:print(b,end='')a=bb=a+b</code>

Letusexplainthestepsonebyonetounderstanditproperly.Theloopstartswith1.Inthefirststep,thevalueof“a”is1.Inthenextstep

valueof“b”is2.Nowthevalueof“a”is2sothevalueof“b”is4.Nowthevalueof“a”is4sothevalueof“b”is8(4+4).Nowthevalueof“a”is8sothevalueof“b”is(8+8)=16.Nowthevalueof“a”is16.Whatwillbethevalueofb?Itwillbe16+16=32.But32isgreaterthan30.Soitwillcomeoutfromthecodesuiteofthewhileloop.

Theoutputoftheabovecodewillbe:


Letuswritethewholebunchofcodeinanewformat:

<code>#!/usr/bin/python3#simplefibonacciseries#sumoftwonumbersdefinethenextseta,b=0,1whileb<30:print("a=",a,"=","b=",b,",",end='

')a,b=b,a+bprint("***********")a,b=0,1whileb<30:print("a=",a,"=","b=",b,",",end='

')a=bb=a+b</code>

Andtheoutputwillbe:

<blockquote>a=0andb=1,a=1andb=1,a=1and

b=2,a=2andb=3,a=3andb=5,a=5andb=8,a=8andb=13,a=13andb=21,

***********Linesofseparation***********a=0andb=1,a=1andb=2,a=2and

b=4,a=4andb=8,a=8andb=16,</blockquote>

Nowhopefully,thisexplainshowthewhileloopswork.

ForLoopsThemostcommonloopusedinPythonisforloop.Infact,essentiallyalmostallkindsofloopingjobscanbedonethroughthe“for”loop.

Thereisareasonofcourse.Withthehelpofforloop,wecaniteratethroughPythonobjectsandwecaniteratethroughmostofthePythonobjects.Letusseeoneexample:

<code>#!/usr/bin/python3songs=open('file.txt')forlinesinsongs.read():print(lines,end='')</code>

Andtheoutputofthesonggoeslikethis:

<blockquote>Yo,girlyoutouchedmehardyourlonelinesshasmademeweepIamasooostupidnerdIthoughtaboutthewords,IcouldnotkeepSoIweepAstupidnerd</blockquote>

Wehaveasongwrittenoverinafilecalled“file.txt”andwejustiteratethroughthisfile.Wecouldhaveiteratedthroughlinebylineastheyareindexed.Considerthiscodewherewejustused"enumerate()"functionandindexvalue:

<code>#enumeratesongs=open('file.txt')forindex,linesinenumerate(songs.readlines()):print(index,lines,end='')</cede>


<blockquote>0Yo,girlyoutouchedmehard1yourlonelinesshasmademeweep2Iamasooostupidnerd3Ithoughtaboutthewords,Icouldnotkeep4SoIweep5Astupidnerd</blockquote>

Nowwhatdoesthisfunction“enumerate()”mean?Dictionarysays:enumerationisakindofnumberingwhichisanumberedlist.Letusconsiderthislineofcode:

<code>strings="Thisisastring."#nowwearegoingtofindhowmany's'isinside

thisstringforindex,sinenumerate(strings):ifs=='s':print("HiIam's'andIamlocatedat

position{}".format(index))</code>

Andwehaveanoutput:

<blockquote>HiIam's'andIamlocatedatposition3HiIam's'andIamlocatedatposition6HiIam's'andIamlocatedatposition10</blockquote>

Thisisextremelyuseful.Youcansearchanycharacterinsideanystring.InPython,functionsorsubroutinesareextremelyimportantforreusabilityofcodes.Wecancallafunctionforseveraltimesandpassmanyargumentsorparameterstogetdifferenteffects.Nowwearegoingtopassoneparameterinsidetheloops()function.Considerthiscodebelow:

<code>#!/usr/bin/python3

defmain():loops(0)loops()loops(3)

defloops(a=4):foriinrange(a,6):print(i,"")print("*************")if__name__=="__main__":main()</code>

Whatdoesthiscodemean?Inloops()function,wehavepassedoneparameteraandassignedavalue4.Itisthedefaultvalue.Sothatinthefutureifweforgettopassanyargumentthecodewillnotbreak.

Wehavecalledthatfunctionthreetimesinsidemain()function,butwiththreedifferentvalues,andoneofthemisNULL.Thatis,wehavenotpassedanyargument.

Theoutputchangeswiththenewcode:

<blockquote>012345*************45*************345*************</blockquote>

Nowitisobviousthatyoucanplayaroundwiththiscode.Youcanpasstwoargumentsinsideloops()functionandcontroltherange()functiontogetdifferentvalues.

(1)


12.RegularExpressions

SanjibSinha1


Searchingandreplacingwithregularexpressionsisequallyeasyandverysimpleinnature.Todothatwewilltweakouroldcodealittlebit.Weuse“re”moduleanditdoesthesimplejobs.Regularexpressionisitselfabigtopic.Wetrytounderstandthebasicthingssothatwecanuseitinourfutureprojects.

Using“re”ModuleIfyouwanttouse“re”module,thefirststepisimportation.Weneedtoimportthemodulefirstandwriteitonthetopofthecode.Considerthiscodewherewehaveatextfilecalled“file.txt”anditisstoredinour“primary”folder.

<code>#!/usr/bin/python3importredefmain():ReplaceWord()DEmarcationLine()MatchAndReplaceWord()

defReplaceWord():try:files=open("../primary/file.txt")forlineinfiles:#youcansearchanywordprint(re.sub('lenor|more',"#####",

line),end='')exceptFileNotFoundErrorase:print("Filewasnotfound:",e)

defMatchAndReplaceWord():try:files=open("../primary/file.txt")forlineinfiles:#youcansearchanypatternthatcan

matchandthenreplacewiththiswordmatch=re.search('(len|neverm)ore',

line)ifmatch:print(line.replace(match.group(),

"#####"),end='')exceptFileNotFoundErrorase:print("Filewasnotfound:",e)

defDEmarcationLine():print("*************")


Beforewehavetheoutput,letusseewhatiswritteninsidethefile.The“file.txt”in“primary”folderhastheselines:

<blockquote>firstlinelenoreitisnine,secondlineanddinethirdlineandnevermoreoverandfourthfifthpinelinelenoreandthetremorhereismorelineandanewlineiloveyouwhereyouarestayingnow?

idon'tknow</blockquote>

Asyousee,thesearenotverymeaningfulsentences.Ourprimaryconcernisverysimple.Wewritedownsomenonsenselinesandlatertrytoworkuponitwiththeuseof“re”module.Nowwerunthecodeandhereistheoutput:

<blockquote>firstline#####eitisnine,secondlineanddinethirdlineandnever#####overandfourthfifthpineline#####eandthetremorhereis#####lineandanewlineiloveyouwhereyouarestayingnow?idon'tknow*************firstline#####thirdlineand#####overfifthpineline#####</blockquote>

Allthewords“lenore”and“nevermore”havebeenreplacedbyfivehashtags:“#####”.Weusetwomethodsof“re”modulethatweimportandwriteonthetopofthecode.Thesemethodsare“re.sub()”and“line.replace()”.Wehavesuppliedtheoldstringandthenewword.Wehavegivenfivehashtagsbutyoucouldhavegivenanyotherword,ofcourse.

ReusingWithRegularExpressionsYouhavealreadyseenhowwecansearchandreplacewordsinafilewiththehelpofregularexpression.Nowwewilltrytoreusethecodesothatwecanusethemagainandagain.Additionally,wewillalsotrytowritetheminamorereadableway.

Letusfirstwritethesteps.Whatwewanttoachieveisveryimportant.Letushaveaclearideafirstandthebestwayiswritingitdown.

1. Weneedtoopenafileandputitintothe“tryblock”toavoidgettinganynastyerrormessage.Beginnersmayfindthis“tryblock”quiteintimidating.Ihavenotexplaineditbeforeandsuddenlystartedusingit.Ihavedoneitintentionally.Itisexplainedinthenextchapter,“Exceptions,CatchingErrors.”Butbeforethat,Iwantyoutowritethemandgethabituatedtoaconceptthatlookscomplex.Onceyoulearnthis“tryblock,”pleaserevisitthiscodeagain.Youwillfinditextremelyeasy!Moreover,asyouprogress,youwillfindthatusing“tryblock”isalwaysagoodhabit.

2. Getthepatternofthewordsthatwewanttosearchand,usingflags,wecanignorecase.

3. Usethat“re”modulesearchmethodtoseeifthatpatternmatcheswithourline.

4. Nowifitmatches,thenreplaceitwithnewwords. Considerthiscodebelowandreadthecomments.IncommentsIbriefly

explainwhatIamgoingtodo.

<code>#!/usr/bin/python3importre

defmain():CompilerAndReplaceWord()

defCompilerAndReplaceWord():try:files=open("../primary/file.txt")#youcansearchanypatternthatcanmatch

ignoringtheupperorlowercasepattern=re.compile('(len|neverm)ore',

re.IGNORECASE)forlineinfiles:#remodulesearchthatpatternina

line

ifre.search(pattern,line):#wefoundthatpatetrnandnowit

istimetoreplacethemwithanewstringprint(pattern.sub("######",line),

end='')exceptFileNotFoundErrorase:print("Filewasnotfound:",e)


Andintheoutputitreplacesallthewords“lenore”and“nevermore”withsixhashtags.Todothat,italsocheckstheupperandlowercaseandfinallyreplacesthemall.

<blockquote>firstline######thirdlineand######overfifthpineline######idon'tknow######</blockquote>

SearchingwithRegularExpressionsRegularexpressionsareaverypowerfulmethodofmatchingpatterns.Regularexpressionisasmalllanguageinitselfanditcanbeverysimpleandverycomplex.

ItisimplementedinPythonwith“re”module.Considerthiscode:

<code>#!/usr/bin/python3importredefmain():FindWord()DEmarcationLine()MatchWord()defFindWord():

try:files=open("../primary/file.txt")forlineinfiles:#youcansearchanywordifre.search('lenor|more',line):print(line,end='')exceptFileNotFoundErrorase:print("Fielwasnotfound:",e)defMatchWord():try:files=open("../primary/file.txt")forlineinfiles:#youcansearchanypatternthatcan

matchthiswordmatch=re.search('(len|neverm)ore',

line)ifmatch:print(match.group())exceptFileNotFoundErrorase:print("Fielwasnotfound:",e)defDEmarcationLine():print("*************")if__name__=="__main__":main()</code>

Herewesearchafilecalled“file.txt”thathaswordslike“lenor”or“more”andthatalsomatchessomewordsthatendwith“ore”.Wehavedefinedtwofunctionstosearchthatandweused“re”module.

Letusfirstseewhatisthecontentinside“file.txt”.Therearesomemisleadingwordsandlinesjusttotestoursearch.

<blockquote>firstlinelenoreitisnine,secondlineanddinethirdlineandnevermoreoverandfourthfifthpinelinelenore

andthetremorhereismorelineandanewlineiloveyouwhereyouarestayingnow?idon'tknow</blockquote>

Afterrunningourcodewehavefoundthissearchresult.

<blockquote>firstlinelenorethirdlineandnevermoreoverfifthpinelinelenore*************lenorenevermorelenore</blockquote>

Itisaverysimpleregularexpressionexample.Itisbeyondourscopetoteachregularexpressionherebutwecanatleasthavesomeidea.Istronglyrecommendyoumovefurther.Searchfor“regularexpression”ontheInternet.Youwillfindalotoftutorials.Learningandunderstandingregularexpressionisveryimportant.Whetheryoubecomeawebdeveloper,ethicalhacker,oraPythonprogrammer;regularexpressionwillhelp.

(1)


13.Exceptions,CatchingErrors

SanjibSinha1


Ihopeyouhavealreadywrittenalotofcodes.Ifyouhadreallydonethat,youwouldhaveencounteredoneortwoerrors.Therearetwodistinguishablekindsoferrors.Thefirstis“SyntaxError”.Itmeans,youhaveerrorinyoursyntax.Considerthiscode:

<code>>>>foriinrange(10)print(i)SyntaxError:invalidsyntax</code>

Asyousee,Iforgottouse“:”inforloop.Itisasyntaxerror.Anothererroris“Exceptions”.Itmeansyouwriteacodeperfectly.There

arenosyntacticalerrors.Butyouforgettodefineavariable.Letusconsidertheselinesofcode:

<code>>>>10*xTraceback(mostrecentcalllast):File"<pyshell#1>",line1,in<module>10*xNameError:name'x'isnotdefined>>>10/0Traceback(mostrecentcalllast):File"<pyshell#2>",line1,in<module>10/0

ZeroDivisionError:divisionbyzero>>>'2'+2Traceback(mostrecentcalllast):File"<pyshell#3>",line1,in<module>'2'+2TypeError:Can'tconvert'int'objecttostr

implicitly>>>inputs=input("Pleaseenteranumber.")Pleaseenteranumber.>>>inputs+2Traceback(mostrecentcalllast):File"<pyshell#5>",line1,in<module>inputs+2TypeError:Can'tconvert'int'objecttostr

implicitly>>>inputs=input("Pleaseenteranumber.")Pleaseenteranumber.12>>>inputs-10Traceback(mostrecentcalllast):File"<pyshell#7>",line1,in<module>inputs-10TypeError:unsupportedoperandtype(s)for-:'str'

and'int'>>>int(inputs)-102>>></code>

Asyousee,therearelotofdifferentkindsoferrors.Andinthelastlinewehavecomeoutfromtheerrorandgottenaperfectoutput.Inthelasterrorwegeta“TypeError”.Wetriedtosubtractanintegerfromastringobject.Inthelaststepweconvertedthatstringinputintegerandthesubtractiontookplacesmoothly.

Itisalwaysgoodtocatchthoseerrorsandgetaniceoutput.The“tryblock”phrasehasbeenusedbefore.Nowcomesthetimewhenwelearnhowweusethoseblockstocatcherrors.Writedownthecodebelowinyourtexteditorandsaveitas“CatchError.py”.

<code>

#!/usr/bin/python3defmain():FileRead()DemarcationLine()LineStrip()DemarcationLine()CheckFileExtension()defReadFile(filename):files=open(filename)lines=files.readlines()forindex,lineinenumerate(lines):print(index,"=",line)defStripFile(filename):files=open(filename)forlinesinfiles:print(lines.strip())defRaisingError(filename):iffilename.endswith(".txt"):lines=open(filename)forlineinlines:print(line.strip())else:raiseValueError("Filemustendwith.txt")defFileRead():try:ReadFile("../primary/files.txt")#pathis

okay,itreadsfileexceptIOErrorase:print("Couldnotopenfile:",e)defLineStrip():try:StripFile("primary/files.txt")exceptIOErrorase:print("Couldnotopenfile:",e)#itwill

giveerrordefCheckFileExtension():try:RaisingError("../primary/file.rtf")exceptIOErrorase:

print("Couldnotopenfile:",e)exceptValueErrorase:print("BadFilename:",e)defDemarcationLine():print("******************")if__name__=="__main__":main()</code>

Runthisfileandyougetthisoutput:

<blockquote>Couldnotopenfile:[Errno2]Nosuchfileor

directory:'../primary/files.txt'******************Couldnotopenfile:[Errno2]Nosuchfileor

directory:'primary/files.txt'******************BadFilename:Filemustendwith.txt</blockquote>

Asanexercise,trytowritethiscodewith“Try”and“Except”andcatchifthereisanyerror.

<code>#!/usr/bin/python3defmain():GetARangeOfNumber()defGetARangeOfNumber():forindexinIteratingStepByStep(1,123,7):print(index,end='')defIteratingStepByStep(start,stop,step):number=startwhilenumber<=stop:yieldnumbernumber+=stepif__name__=="__main__":main()</code>

(1)


14.Functions

SanjibSinha1


LetusfirstdefinethefunctionandtrytoknowwhyfunctionisbeingusedinPython.Considerthiscode:

<code>#!/usr/bin/python3defmain():print("Thisismainfunction.")if__name__=="__main__":main()</code>

Andtheoutputis:

<blockquote>Thisismainfunction.</blockquote>

Whatdoesthatmean?Firstofall,letusunderstandwhatfunctiondoesmean.Afunctionisusedinanyprogramminglanguagetoreusecode.Programmersarelazyandsotheydon'twanttowriteagainandagain.Anditisnotagoodideatowritethesamethingagainandagain.Sotheconceptofreusabilitycomesinandweusefunctiontodothat.

Youmayconsideraverysimpleexample.Supposewewanttouseademarcationlineagainandagain.Willyouwritelikethisagainandagain?

<code>print("*************")</code>

Oryouwillwriteafunctionandcallitwhenitisnecessary?Likethis:

<code>defDemarcationLine():print("*********")DemarcationLine():DemarcationLine():DemarcationLine():</code>

Eachtimeyoucallthefunction“DemarcationLine()”itwillprintademarcationline.

Nowletuscometothefirstquestion.Itisalwaysagoodpracticetowritefunctionsinsidemain()functionandyoucancallthemanytime.Theflowcontroldoesn’tnecessarilyfollowdownward.Youcantestit:

<code>defAnotherFunction():print("Iamanotherfunction.")defTestFunction():print("Iamgoingtocallanotherfunction.")AnotherFunction()TestFunction()<code>

Itwillprintwithoutanyproblemandgiveyouthisoutput:

<blockquote>Iamgoingtocallanotherfunction.Iamanotheerfunction.</blockquote>

Nowwewillwritetheabovecodedifferently.

<code>

defTestFunction():print("Iamgoingtocallanotherfunction.")AnotherFunction()

TestFunction()

defAnotherFunction():print("Iamanotherfunction.")</code>

Alittlebitofchangeintheposition.WehavenotdefinedAnotherFunction()beforeTestFunction()andforthatreason,itwillgiveanerroroutput:

<blockquote>Iamgoingtocallanotherfunction.Traceback(mostrecentcalllast):File

"/home/hagudu/PycharmProjects/FirstPythonProject/functions/defining_functions.py",line17,in<module>

TestFunction()File

"/home/hagudu/PycharmProjects/FirstPythonProject/functions/defining_functions.py",line15,inTestFunction

AnotherFunction()NameError:name'AnotherFunction'isnotdefined</blockquote>

Soeachtimeyoucallafunctioninsideanotherfunction,youneedtodefineitfirst.Butthisproblemcanbesolvedifyoudefinemain()functionfirst.Nowconsiderthiscode:

<code>#!/usr/bin/python3defmain():TestFunction()defTestFunction():print("Iamgoingtocallanotherfunction.")AnotherFunction()

defAnotherFunction():print("Iamanotherfunction.")if__name__=="__main__":main()</code>

Andhereistheoutput:

<blockquote>Iamgoingtocallanotherfunction.Iamanotherfunction.</blockquote>

Nowsee,wedidnotbotheraboutthepositionbecauseallthefunctionsareundermain()function.Muchmoreflexibilityisnowbeingaddedwhenyouareusingmain()functionlikethis.Anothergreatadvantageofusingfunctionispassingparametersorargumentsthroughit.

<code>#!/usr/bin/python3defmain():PassingParameters(1,2,3)defPassingParameters(argument1,argument2,

argument3):print("Hereisourarguments:",argument1,

argument2,argument3)if__name__=="__main__":main()</code>

Andtheoutputis:

<blockquote>Hereisourarguments:123</blockquote>

Wehavepassedthreeparametersorargumentsandgettheoutputasexpected.Butwhathappensifweforgettopassanyargument?Wedon'twanttogetanynastyerrormessage.Wecanmanagethatbytwoways:

<code>#!/usr/bin/python3defmain():PassingParameters(1)defPassingParameters(argument1,argument2=4,

argument3=6):print("Hereisourarguments:",argument1,


Andtheoutput:


Itiscalledpassingdefaultvalues.Wehavepassedtwodefaultvaluesandwhenweactuallycallthefunction,ittakesthatdefaultvalue.Nowwecanoverridethesedefaultvaluesanytime.Considerthisone:

<code>#!/usr/bin/python3defmain():PassingParameters(1,10,14)defPassingParameters(argument1,argument2=4,

argument3=6):print("Hereisourarguments:",argument1,


Andtheoutput:


Wehaveoverwrittenthedefaultvaluesbypassingnewvaluesandtheoutputhaschangedaccordingly.Wecanwritethiscodethiswayalso:

<code>#!/usr/bin/python3defmain():PassingParameters(1)defPassingParameters(argument1,argument2=None,

argument3=6):ifargument2==None:print("Hereisourarguments:",argument1,

argument2,argument3)else:print("Hereisourarguments:",argument1,


Andtheoutput:

<blockquote>Hereisourarguments:1None6</blockquote>

Whathappensifwepassanewvalueforargument2?Considerthiscode:

<code>#!/usr/bin/python3defmain():PassingParameters(1,12)defPassingParameters(argument1,argument2=None,

argument3=6):ifargument2==None:print("Hereisourarguments:",argument1,

argument2,argument3)else:print("Hereisourarguments:",argument1,

argument2,argument3)


Andtheoutput:


Inthenextsectionwewillseehowlistsofargumentsworkinafunction.

ReturnValuesInPythonafunctioncanreturnanyvalue.Itcanreturnanytypeofdata:string,integer,object—anything.Letusreturnanobject.

Considerthiscode:

<code>#!/usr/bin/python3defmain():forindexinReturnValues():print(index,end="")defReturnValues():#return"Returningstring."#return56returnrange(10)if__name__=="__main__":main()</code>

Andtheoutput:


Wehavereturnedrange()objectandgotthevalueinourmain()function.

GenerateFunctionsInPythonwecangeneratefunctions.Letusexplainitbystep-by-step.

Considerthiscodefirst:

<code>#!/usr/bin/python3defmain():RangeFunctions()defRangeFunctions():foriinrange(10):print(i,end='')if__name__=="__main__":main()</code>

Andtheoutputisquiteobvious:


YouhaveprobablyfoundthatthefunctionRangeFunctions()hasalimitation.Itstopsat9,althoughtherangeismentionedas10.WhatcanIdotoincludethisnumber?

LetuswriteRangeFunctions()thisway:

<code>#!/usr/bin/python3defmain():forindexinRangeFunctions(0,10,1):print(index,end='')

defRangeFunctions(start,stop,step):i=startwhilei<=stop:yieldii+=stepif__name__=="__main__":

main()</code>

Andhereistheoutput:


Herewehaveusedthe“yield”keyword.Itisdonebecausewehaveimaginedthatthecodewillprogressstep-by-steplikeweplayatape.Afteryieldingonestepitwillstopandstartfromthereandagainstartandgoonestep.Youcanjuststartfromanypointorstopatanypointandprogressbyanystep.

Ifwewritelikethis:

forindexinRangeFunctions(15,1025,102):print(index,end='')

Theoutputwillbe:

15117219321423525627729831933.

Asyouhaveseen,wecansetthevalueofanyargumentasdefault.Sowecanwritethisfunctionlikethis:

<code>defAnotherRangeFunctions(start=0,stop,step=

1):i=startwhilei<=stop:yieldii+=step</code>

Andwemaytrytogettheoutputby:

<code>forindexinAnotherRangeFunctions(25):print(index,end='')

</code>

Butitgivesusanerrormessage:

File"/home/hagudu/PycharmProjects/FirstPythonProject/functions/generate-functions.py",line18

defAnotherRangeFunctions(start=0,stop,step=1):

SyntaxError:non-defaultargumentfollowsdefaultargument

Pythondoesnotsupportthis.Canwesolvethisproblemsothatwecanpassanynumberofargumentsandcontrolitwithouthavinganyerrormessage?

Considerthiscode:

<code>defAnotherRangeFunctions(*args):numberOfArguments=len(args)

ifnumberOfArguments<1:raiseTypeError('Atleastoneargumentisrequired.')

elifnumberOfArguments==1:stop=args[0]start=0step=1elifnumberOfArguments==2:#startandstopwillbetuple(start,stop)=argsstep=1elifnumberOfArguments==3:#allstartandstopandstepwillbetuple(start,stop,step)=args

i=startwhilei<=stop:yieldii+=step</code>

Writedowneverylineandtakenotesside-by-side.Addcommentswhereyoufeelthatanexplanationisnecessary.

ListsofArgumentsInPythonsometimesyouneedarbitrarynumberofargumentsandyouhavetonamethem.Letuswritethiscode:

<code>#!/usr/bin/python3defmain():PassingListsOfArguments(1,2,3,5,7,45,98,

56,4356,90876543)PassingAnotherListsOfArguments(1,2,3,5,7,

45,98,76,987654,3245,2345,98760)

defPassingListsOfArguments(arg1,arg2,arg3,arg4,*args):

print(arg1,arg2,arg3,arg4,args)

defPassingAnotherListsOfArguments(param1,param2,*params):

print(param1,param2)forindexinparams:ifindex==76:x=10y=index+xprint("Wearegoingtoadd10with",

index,"andthenewvalueis:",y)continueprint(index,end='')


Andtheoutputgoeslikethis:

<blockquote>

1235(7,45,98,56,4356,90876543)123574598Wearegoingtoadd10with76and

thenewvalueis:869876543245234598760</blockquote>

Inourcode,*argsor*paramsmeanlistsofarguments.Youcanpassanynumberofargumentsthroughthem.Incode

defPassingListsOfArguments(arg1,arg2,arg3,arg4,*args):

meansyouneedtopassfourargumentsfirst.Thatiscompulsory.Afterthat,thenumberofargumentsmayvary.Butthearbitrarynumberofargumentscomesoutas“tuple”.Seetheoutputofthisfunction:

1235(7,45,98,56,4356,90876543)

Thelatterpartisobviouslyatupleandyoucaniteratethroughit.

NamedArgumentsSometimesitisimportanttousenamedargumentsinPython.Andwegetthosenamedargumentsinadictionaryformat.

Considerthiscode:

<code>#!/usr/bin/python3defmain():NamedArguments(name='Sanjib',address=

'Pluto',hobby="Gardening")defNamedArguments(**kwargs):forkeyinkwargs:print(key,"=",kwargs[key])if__name__=="__main__":main()</code>

Andtheoutput:

<blockquote>hobby=Gardeningname=Sanjibaddress=Pluto</blockquote>

Asitisadictionaryoutput,itisnotordered.Youcansortitalphabetically.Letusconsiderafairlylongcodewherewecanuseeverykindofpassing

argument.

<code>#!/usr/bin/python3defmain():NamedArguments(name='Sanjib',address=

'Pluto',hobby="Gardening")DemarcationLine()AnotherNamedArguments('Hi',1235,1,2,3,one=

1,two=2,three=3)

defNamedArguments(**kwargs):forkeyinkwargs:print(key,"=",kwargs[key])

defAnotherNamedArguments(arg1,arg2,*args,**kwargs):

print(arg1,arg2)forindexinargs:print(index,end='')DemarcationLine()forkeysinkwargs:print(keys,"=",kwargs[keys])

defDemarcationLine():print("********")


Hereistheoutput:

<blockquote>hobby=Gardeningaddress=Plutoname=Sanjib********Hi1235123********three=3two=2one=1</blockquote>

(1)


15.Classes

SanjibSinha1


Ifyouareacompletebeginner,youareprobablyhearingforthefirsttimeabout“object-orientedprogrammingandclass.”Letusgiveabriefintroductiontoobject-orientedprogramming(OOP).

Object-OrientedMethodologyItisbasedonrealworldprogramming.Anobjectisarepresentationofarealworldentity.Ifthereisanobject,theremustbeaclassorblueprintbehindit.Inthatclass,thebehaviorofthatobjectisdesignedordescribedindetail.Thesedetailsconsistofallthepropertiesandactionsthattheobjectperforms.Therecouldbemanytypesofobjectscomingfromdifferentclassesandtheymighthaverelationships.Itcouldbeverycomplicated,butyoucanalwaysbreakthoseobjectsfromoneanotherandmakesomechanges.Theadvantageofobjectorientationisthatwhenyouworkonapartofabig,complicatedproject,theotherpartremainsunaffected.Ourgoalissimple.Wewanttojoindifferentobjectstocreatebig,complicatedsoftware.Atthesametime,wewanttomaketherelationsofthoseobjectsaslooseaspossible.

Acarobjectisbuiltofmanyotherobjectsliketire,wheel,engine,accelerator,etcetera.Ifyougetaflattiredoestheenginestop?Theyareinterrelatedanddependononeanother.Butfinallyyoucanworkonthemindividuallywithoutaffectingtheother.Thatisobjectorientation.

Consideranobject,“GoodHuman”.Thisobjectmustbedifferentfromanotherobject,“BadHuman”.Bothcomefromthe“Human”class.Nowthesetwoobjectsmighthaveinterrelationshipsanddatainteractions.Canyouimaginehowmanykindsofpropertiesandmethodsthereareinthe“Human”

class?Itcouldbeverycomplex.Imagineasituationwherea“BadHuman”doessomethingugly.Atthesametime,a“GoodHuman”doessomethinggood.Whoeverdoeswhateverthing,lifegoesonandthatisalsoobjectorientation.

TheFoundationofObjectOrientationObjectorientationisatypeofmethodologyusedforbuildingsoftwareapplications.Anobject-orientedprogramconsistsofclasses,objectsandmethods.Theobject-orientedmethodologyinsoftwaredevelopmentrevolvesaroundasingleconceptcalledtheobject.Youcandevelopsoftwarebybreakingtheapplicationintocomponentobjects.Theseobjectsinteractwitheachotherwhenthewholeapplicationisputtogether.Anobjectisacombinationofmessagesanddata.Theobjectreceivesandsendsmessagesandthosemessagescontaindataorinformation.

You(anobject)interactwithyourtelevision(anotherobject)viamessagessentthrougharemotecontroller(anotherobject).

Consideranotherrealworldexampleofafootball.Afootballhasaboundary.Ithasaspecificdefinedpropertylikebouncing.Youcandirectorapplyfewspecificactionsbykickingitorthrowingit.

Anobjecthasastate.Itmaydisplaybehavior.IthasauniqueID.Thedifferencebetweenanobjectandclassissubtlebutimportant.Whereas

aclassisanabstractconcept,anobjectisaconcreteentity.Fromaclass,objectswithspecificpropertiescanbecreatedorinstantiated.Thatiswhyanobjectisoftencalledaninstanceofaclass.

Oneofthemajorfeaturesofobject-orientedprogrammingis“polymorphism.”Polymorphismisthecapabilityofsomethingtoassumedifferentforms.Inobject-orientedprogramming,polymorphismisthepropertythatamessagecanmeandifferentthingsdependingontheobjectsreceivingit.Themessage“Accelerate”meansonethingifitsenttoanobject“OldCar”.Butitmeansadifferentthingifitissenttotheobject“NewCar”.Itisanaturalconceptthatcanbeappliedtoobjects.Italsomeansthatsimilarobjectsoftenacceptthesamemessagebutdodifferentthings.

Considerawebpage.Itisanobject.Therearebillionsofsuchobjectsaroundus.Whenyousendarequesttoanobjectlikeawebpage,youactuallyapplyaverb“GET”toanoun“WebPage”.Nowevery“WebPage”objectdoesnotbehavethesamewaywhenthe“GET”verbisapplied.SomeoneopensupaPDFfile,someonesimplyshowssometextsandpicturesandsomeonemayharmyourcomputer.Whenyoudouble-clickafile,itmayexecuteifitisanexecutablefile.Oritmayopenupinatexteditorifitisatextfile.Themessage

issame.Thatis“Double-Click”.Butthebehaviordisplayedbythefileobjectdependsontheobjectitself.

Thisispolymorphism.Youwilllearnitbyheartasyouprogressthroughthischapter.

TheadvantageofPythonclassesisthattheyprovideallthestandardfeaturesofobject-orientedprogramming.Ithastheclassinheritancemechanism.Thatallowsmultiplebaseclasses.Aderivedclasscanoverrideanymethodsofitsbaseclassorclasses,andamethodcancallthemethodofabaseclasswiththesamename.Objectscancontainarbitraryamountsandkindsofdata.

Finally,remember,inPythoneverythingisanobject.Itmeansthereisanabstractionorencapsulationbehindit.Youneedtounderstandtheabstractionfirstandthenyoucreateyourownabstraction.

UnderstandingClassesandObjectsYoucannotunderstandtheoryunlessyouimplementthatconceptintotherealworld.Letusseewhatwehavelearned.

1. Classesarewhenyoucreateyourownobject.2. Aclassisablueprintforanobject. 3. Anobjectisaninstanceofaclass.

Letusseehowwecanbuildaclassandlatercreateafewinstancesfromit.Considerthiscode:

<code>#!/usr/bin/python3classRobot:def__init__(self):passdefWalkLikeARobot(self):print("walkslikearobot.")defCareLikeARobot(self):print("takescarelikearobot.")robu1=Robot()

print(type(robu1))print(id(robu1))robu2=Robot()print(type(robu2))print(id(robu2))delrobu2defmain():robu=Robot()print(type(robu))print(id(robu))if__name__=="__main__":main()</code>

Inthiscode,wehaveclassdefinitionof“Robot”.Here“class”isthekeyword.Nexttoitisa“:”sign,whichmeansaclassdefinitionwillfollowasuiteorblockofcodes.Afterwehavedefinedtheclass“Robot”,wehavethreemethods.

Andtheyare:

def__init__(self):passdefWalkLikeARobot(self):print("walkslikearobot.")defCareLikeARobot(self):print("takescarelikearobot.")

Thefirstoneisthespecialmethod.Whenaclassisinstantiated,thismethodwillbecalledfirst.“__init__”meansinitialization.Theclassisinitialized.Twoothermethodsfollowit.Thosemethodsareself-explanatory.Methodsareactionverbs.Whenwecreatearobotobjectandwecallthosemethods,weactuallytellthemtodosomething.Inourclasswedefinedwhattheywilldo.

Inthiscodewecreatedthreerobotobjects.Andfinallywedidnottellthemtodoanything.Wehavejustseenhowtheyaredifferentfromoneanother.WehavetestedtheirtypeandID.Look,eachobjecthasadifferentID.Sothisisamajorpoint.Eachobjectorinstancecreatedfromaclass,hasitsownindividuality.

Nowseetheoutput:

<blockquote><class'__main__.Robot'>140445354614624<class'__main__.Robot'>140445354668160<class'__main__.Robot'>140445354668160</blockquote>

ThenextlinesofcodearealittlebitlongerbutIstronglysuggestthatyouwritethemonyourowntexteditorandruntheprogramtoseethatyougetthesameoutput.

<code>#!/usr/bin/python3classRobots:def__init__(self):passdefWalkLikeARobot(self,style):self.style=stylereturnself.styledefCareLikeARobot(self):print("takescarelikearobot.")classHumans:def__init__(self,nature="good"):self.nature=naturedefGoodHumanBeing(self):print("neednotrepeat,agoodhumanbeing

isalways",self.nature)defBadHUmanBeing(self):self.nature="neednotrepeat,badhuman

beingisalwaysbad."print(self.nature)defWalkLikeARobot(self,style):self.style=stylereturnself.styledefmain():robu=Robots()

robu.CareLikeARobot()print(robu.WalkLikeARobot("walkslikea

robot"))GoodMan=Humans()print(GoodMan.nature)GoodMan.GoodHumanBeing()BadMan=Humans()BadMan.nature="bad"print(BadMan.nature)BadMan.BadHUmanBeing()print(BadMan.WalkLikeARobot("heishumanbut

walkslikearobot"))if__name__=="__main__":main()</code>

Intheabovesnippetofcode,wehavetwoclasses.Oneis“Robot”,thatwewroteearlier.Theotherclassis“Human”.Inthe“Human”class,wehavedefinedthisspecialmethodlikethis:

def__init__(self,nature="good"):self.nature=nature

Whatdoesthismean?Itmeanswhenwecreateahumaninstanceofthisclass,weassumethatthenatureofhumanobjectwillbydefaultbegood.Unfortunately,itdoesnothappenintherealworld.Keepingthatinmind,wealsowritethisline:“self.nature=nature”.Itmeansselfnatureorthenatureoftheinstancewillbegoodifwedonotexplicitlymentionthatitis“Bad”orsomethingelse.

Inthefollowingsteps,whenwecreateabadhumaninstance,weexplicitlychangethenature.Remember,eachmethodistheactionpartofthatobject.Anobjectisanounanditdoessomething.Inanysoftwareapplicationitfollowsthesamerule.Anexampleofpolymorphismisalsothere.Inbothclasses,“Robot”and“Human”,wehavedefinedamethod:

defWalkLikeARobot(self,style):self.style=stylereturnself.style

WhenweapplythissameverbtothedifferentRobotandHumanobjects,itdisplaysdifferentbehavior.Ifyourunthiscode,itgivesusanoutputlikethis:

<blockquote>takescarelikearobot.walkslikearobotgoodneednotrepeat,agoodhumanbeingisalwaysgoodbadneednotrepeat,badhumanbeingisalwaysbad.heishumanbutwalkslikearobot</blockquote>

WhenaRobotinstancewalkslikearobot,itdisplays:walkslikearobot;butwhenaninstanceofHumanwalkslikearobot,itdisplays:heishumanbutwalkslikearobot.Thisisnothingbutasimpleexampleofpolymorphism.Whenthesameverbappliestotwodifferentobjects,dependingonthenatureoftheobjectitgivesadifferentoutput.

Actually,wechangethisbehaviorbypassingtwodifferentarguments.Suppose,insteadofasingleargument,wepassadictionaryofvalues.Seehowthepowerismagnified.Considerasimplecodebelow:

<code>print(type(BadMan.WalkLikeARobot(dict(one=1,

two=2))))st=BadMan.WalkLikeARobot(dict(one=1,two=2))forkeysinsorted(st):print(keys,st[keys])ws=BadMan.WalkLikeARobot({'one':56,'two':2})forkeysinsorted(ws):print(keys,ws[keys])</code>

Hereistheoutput:

<blockquote><class'dict'>one1two2

one56two2</blockquote>

Youcanaddmorekey,valuepairstothisdictionaryandrunthiscodetoseewhathappens.

WriteYourOwnGame,“GoodVsBad”Sofarwehavelearnedmanythings.Ihopeyouhavewrittenthecodesandtestedthemanditexecutedperfectly.NowthetimehascometowriteasimplegameinPython.Itisagamecalled“GoodVsBad.”Thegameissimple.Butasabeginneryoumayfindthiscodeabitlonger.Writeitdown.Trytoaddmorefeatures.

IfyouareinaLinuxenvironment,savethisfileas“good-vs-bad.py”andchangethefileexecutablebyrunningthiscommand:

Sudochmod+xgood-vs-bad.py

Andthenrunitonyourterminallikethis:

./good-vs-bad.py

IfyouareinWindows,runtheIDLEandsavethefileas“good-vs-bad.py”.PressF5andplaythegame.

Itlookslikethisonthecomputerscreen:

Figure15-1. PlayingPythongameonWindowsIDE

Inthebackground,thecodeshowsandyoumayplaythegameonPythonShell.

Thecodeislikethis:

<code>#!/usr/bin/python3classRobots:def__init__(self):passdefWalkLikeARobot(self,WalkingStyle):self.WalkingStyle=WalkingStylereturnself.WalkingStyledefCareLikeARobot(self):print("takescarelikearobot.")classHumans:def__init__(self,nature="good"):self.nature=naturedefGoodHumanBeing(self):print("neednotrepeat,agoodhumanbeing

isalways",self.nature)

defBadHUmanBeing(self):self.nature="neednotrepeat,badhuman

beingisalwaysbad."print(self.nature)defWalkLikeARobot(self,WalkingStyle):self.WalkingStyle=WalkingStylereturnself.WalkingStyledefmain():robu=Robots()#robu.CareLikeARobot()#print(robu.WalkLikeARobot("Arobotwalkslike

arobotandnothinghappens."))GoodMan=Humans()#print(GoodMan.nature)#GoodMan.GoodHumanBeing()BadMan=Humans()#BadMan.nature="bad"#print(BadMan.nature)#BadMan.BadHUmanBeing()#print(BadMan.WalkLikeARobot("heishumanbut

walkslikearobot"))#whenabadmanwlakslikearobotmanythings

happenWhenABadManWalksLikeARobot=

BadMan.WalkLikeARobot(dict(change='hebecomesamonsterinside',

act='hekillsfellowpeople',

feel='heenjoystorturinganimals',

care='hecaresfornone',

look='helooksanormalhumanbeing',

state='finallyhedestroyshimself'))

#therearelotofactionsthattakeplaceprint("WhathappenswhenaBadManwalkslikea

Robot?")change=input("Telluswhatkindofchangemay

takeplaceinsidehim?\nChoosebetween'monster'and'angel',"

"andtypehere...>>>>")WhenABadManWalksLikeARobot['change']=changereward=0ifchange=='monster':print("Youhavewonthefirstround:",

change)reward=1000print("Youhavewon",reward,"points.")print("Whatdoeshedo?:",

WhenABadManWalksLikeARobot['act'])change=input("Nowtelluswhatthe

monsterfeelsinsidewhilekillingpeople?\nChoosebetween'great'and'sad',"

"andtypehere...>>>>")WhenABadManWalksLikeARobot['change']=

changeifchange=='great':print("Youhavewonthesecondround:")reward=10000print("Youhavewon",reward,

"points.")print("Whathefeelsinside?:",

WhenABadManWalksLikeARobot['feel'])change=input("Tellusdoesthe

monstercareforanyone?\nChoosebetween'yes'and'no',"

"andtypehere...>>>>")WhenABadManWalksLikeARobot['change']=

changeifchange=='no':print("Youhavewonthethird

round:")reward=100000print("Youhavewon",reward,

"points.")print("Whathefeelsinside?:",

WhenABadManWalksLikeARobot['care'])change=input("Tellusdoesthe

monsterlooklikeanormalhumanbeing?\nChoosebetween'yes'and'no',"

"andtypehere...>>>>")WhenABadManWalksLikeARobot['change'

]=changeifchange=='yes':print("Youhavewonthefourth

round:")reward=1000000print("Youhavewon",reward,

"points.")print("Whatdoeshelooklike?

:",WhenABadManWalksLikeARobot['look'])change=input("Telluswhat

happenstothemonsterfinally?Doeshedestroyhimself\nChoosebetween'yes'and'no',"

"andtypehere...>>>>")

WhenABadManWalksLikeARobot['change']=change

ifchange=='yes':print("Youhavewonthe

fifthround:")reward=100000000print("Youhavewon

Jackpot.",reward,"points.")else:print("Youhavechangedthe

courseofgame.Itendshere.Youhavelost",reward-100000,"points.")

else:print("Youhavechangedthe

courseofgame.Itendshere.Youhavelost",reward-1000,"points.")

else:print("Youhavechangedthecourse

ofgame.Itendshere.Youhavelost",reward-100,"points.")

else:print("Youhavechangedthecourseof

game.Itendshere.Youhavelost",reward-10,"points.")

else:print("Youhavechangedthecourseofgame.

Itendshereandyouhavewonnopoint.")if__name__=="__main__":main()</code>

AndtheoutputonyourPythonShelllookslikethis:

<blockquote>WhathappenswhenaBadManwalkslikeaRobot?Telluswhatkindofchangemaytakeplaceinside

him?Choosebetween'monster'and'angel',andtype

here...>>>>monsterYouhavewonthefirstround:monsterYouhavewon1000points.Whatdoeshedo?:hekillsfellowpeopleNowtelluswhatthemonsterfeelsinsidewhile

killingpeople?Choosebetween'great'and'sad',andtype

here...>>>>greatYouhavewonthesecondround:Youhavewon10000points.Whathefeelsinside?:heenjoystorturinganimalsTellusdoesthemonstercareforanyone?Choosebetween'yes'and'no',andtype

here...>>>>noYouhavewonthethirdround:Youhavewon100000points.

Whathefeelsinside?:hecaresfornoneTellusdoesthemonsterlooklikeanormalhuman

being?Choosebetween'yes'and'no',andtype

here...>>>>yesYouhavewonthefourthround:Youhavewon1000000points.Whatdoeshelooklike?:helooksanormalhuman

beingTelluswhathappenstothemonsterfinally?Does

hedestroyhimselfChoosebetween'yes'and'no',andtype

here...>>>>yesYouhavewonthefifthround:YouhavewonJackpot.100000000points.</blockquote>

SinceIwrotethecode,Iwonthegame.Butthereareafewtricks.Inthosetrickyparts,ifyoufailedandsuppliedwronginputsyouwouldlose.

PrimaryClassandObjectNowprimaryclassandobjectshouldnolongerbedifficult.YoucanwriteaHumanclassandpassonedefaultargumentlike“kind”intheinitializationprocess.Youcansetitas“good”.Nowifyouwanttocreateagoodhumanbeingyouneednotpassanyextraargument.Inthenextstep,whenyouapplyaverblike“BeingHuman()”tothegoodhumanbeing,itisbydefaultgood.Ifyouwanttocreateabadhumanbeing,youcanchangethatdefaultargumentandmakeitbad.

<code>#!/usr/bin/python3classHuman:def__init__(self,kind="good"):self.kind=kinddefBeingHuman(self):returnself.kinddefmain():

good=Human()bad=Human("bad")print(good.BeingHuman())print(bad.BeingHuman())if__name__=="__main__":main()</code>

Theoutputisquiteobvious:

<blockquote>goodbad</blockquote>

Thereareafewthingsyouneedtounderstand.Whydoweuse“self”?Whatdoesthatmean?Considerthecodebelow.

<code>#!/usr/bin/python3classMySelf:def__init__(self,name,quantity):self.name=nameself.quantity=quantitydefEat(self):print(self.name,"eats",self.quantity,

"bananaseachday.")defmain():hagu=MySelf("Hagu",2)mutu=MySelf("Mutu",3)hagu.Eat()mutu.Eat()if__name__=="__main__":main()</code>

Inthiscodeofclass“MySelf”wehavetwomethods.Oneisthespecialconstructormethod“__init__”andtheotheris“Eat()”.Younoticethateachmethodhasaspecialargument:“self”.Actually,itreferencestheobjectthatis

goingtobecreated.Whenwewriteaclass,weassumethatinstanceswillbecreated.Inthiscase,wecreatedtwoobjects,“hagu”and“mutu”.Whenweapplytheverb“Eat()”orcallthemethodtotheobjects,itisasthoughtheypassthroughthemethod.Wesetthenamesandthenumbersofbananastheyeat.Andtheoutputofthiscodeislikethis:

<blockquote>Hagueats2bananaseachday.Mutueats3bananaseachday.</blockquote>

Butweneedmoreconcreteexamples.Wewanttoconnecttoourdatabasesfromourapplications.Todothatweneedaclasswherewewillhavemethodsandpropertiesthatwillconnecttodatabases.

Supposewehavetwodifferentset-ups.WehaveaMySQLdatabaseand,inaddition,wewanttocreateanSQLiteconnection.Todothatwecanwritetwoseparateclassesandsettheconnectionintheconstructorpartorinitializationmethod.Sothatwhenwecreateaninstance,theconnectiontothedatabaseissetupautomatically.

Considerthecode:

<code>#!/usr/bin/python3importsqlite3importmysql.connectorfrommysql.connectorimportErrorclassMySQLiteConnection:def__init__(self):db=sqlite3.connect('testdb.db')db.commit()print("ConnectedtoSqLite3")classMyMySQLConnection:def__init__(self):try:###youcaneitheruseadictionaryobject

oryoucanconnectdirectly######usingadictioanryobject###kwargs=dict(host='localhost',

database='python_mysql',user='root',password=

'pass')conn=

mysql.connector.connect(**kwargs)###connectingdirectly###connection=

mysql.connector.connect(host='localhost',databa

se='python_mysql',user=

'root',passwo

rd='pass')ifconnection.is_connected():print("ConnectedtoMySQLfrom

'conneection'object")#ifconn.is_connected():#print("Connectedfrom'conn'

object")exceptErrorase:print(e)finally:connection.close()defmain():ConnectToMySQL=MyMySQLConnection()ConenctToSqLite=MySQLiteConnection()if__name__=="__main__":main()</code>

WecreatetwoinstancesorobjectsofMyMySQLConnection()andMySQLiteConnection()classesandputthemintotwoseparatevariables.Connectionsarebeingsetupandintheoutputsectionweseethis:

<blockquote>ConnectedtoMySQLfrom'connection'objectConnectedtoSqLite3</blockquote>

Butthisisanextremelysimpleexampleandwrittenbadly.WeshoulddevelopthiscodesothateachinstanceofMySQLConnectionandSQLiteConnectionclassescannotonlyconnecttothedatabasebutalsoretrievedatafromatable.

Letusreplaceouroldcodewiththis:

<code>#!/usr/bin/python3

importsqlite3importmysql.connectorfrommysql.connectorimportMySQLConnection,Error

classMySQLiteConnection:def__init__(self,db=

sqlite3.connect('test.db')):self.db=dbdb.row_factory=sqlite3.Rowprint("ConnectedtoSqLite3")defRetrieve(self):print("Retreivingvaluesfromtabletest1

ofSqLitedatabasetest")read=self.db.execute('select*fromtest1

orderbyi1')forrowinread:print(row['t1'])classMyMySQLConnection:def__init__(self,kwargs=dict(host=

'localhost',database='testdb',user='root',password='pass')):

try:###youcaneitheruseadictionaryobject

oryoucanconnectdirectly######usingadictioanryobject###self.kwargs=kwargsconn=

mysql.connector.connect(**kwargs)

ifconn.is_connected():print("ConnectedtoMySqldatabase

testdbfrom'conn'object")exceptErrorase:print(e)finally:conn.close()defRetrieve(self):print("RetreivingrecordsfromMySql

databasetestdb.")try:conn=MySQLConnection(**self.kwargs)cursor=conn.cursor()cursor.execute("SELECT*FROM

EMPLOYEE")rows=cursor.fetchall()print('TotalRow(s):',cursor.rowcount)forrowinrows:print("FirstName=",row[0])print("SecondName=",row[1])print("Age=",row[2])print("Sex=",row[3])print("Salary=",row[4])exceptErrorase:print(e)finally:cursor.close()conn.close()defmain():ConnectToMySQL=MyMySQLConnection()ConnectToMySQL.Retrieve()ConenctToSqLite=MySQLiteConnection()ConenctToSqLite.Retrieve()if__name__=="__main__":main()</code>

Wehaveconnectedtoeachdatabasewiththeinitializationprocessandthenapplyoneverb,“Retrieve()”,toeachobject.Wehavealsoimportedmanydatabasemodulesthatyouhavenotlearnedyet.

Youwilllearnthemindueprocess.Butourpurposeisserved.Wecreatetwoseparatedatabaseobjects.OneisaMySQLconnectionobjectandanotherisanSQLiteconnectionobject.Afterthat,withthoseobjectsweareabletoretrieveseparatedatafromtwodifferenttables.

Firstlookattheoutput:

<blockquote>ConnectedtoMySqldatabasetestdbfrom'conn'

objectRetreivingrecordsfromMySqldatabasetestdb.TotalRow(s):3FirstName=MacSecondName=MohanAge=20Sex=MSalary=2000.0FirstName=MacSecondName=MohanAge=20Sex=MSalary=2000.0FirstName=MacSecondName=MohanAge=20Sex=MSalary=2000.0ConnectedtoSqLite3Retreivingvaluesfromtabletest1ofSqLite

databasetestBabuManaBappaBabuaAnjuPataiGasaBuddhu

Tapas</blockquote>

Theoutputsays,theMySQLdatabase“testdb”hasatablecalled“Employee”andthereareseveralrowslikename,sex,salary,etc.Second,wehaveanSQLite3database“test1”whichhasatablecalled“test1”whichhasmanyrowsthatcontainfewnames.

AccessingObjectDataWhenanobjectiscreatedfromaclassitisquiteobviousthatitwillhavesomekindofdata.Thequestionishowwecanaccessthatdata?Whatistheproperway?Wemustaccessthatdatainawaysothatwecankeepatrackofthat.Considerthiscodebelow:

<code>#!/usr/bin/python3classHuman:def__init__(self,height=5.08):self.height=heightdefmain():ramu=Human()print(ramu.height)ramu.height=5.11#itiscalledsideeffect

andhardtotrackprint(ramu.height)if__name__=="__main__":main()</code>

InthiscodeweseeHumanclasswithadefaultheight,whichis5.08.Whenwecreateanobject,thisheightissetautomaticallyunlesswechangeitormentionitexplicitly.Wecanalsosetanypropertyoutsidethatobject.Inthenextlinewehavewrittenramu.height=5.11.

Wecansetanyobjectpropertylikethis.Butthisiscalledsideeffectanditisveryhardtotrack.Soweneedtodothatinamorestructuredmanner.Howwecandothat?Letusseetheoutputofthiscodefirst.

<blockquote>

5.085.11</blockquote>

Youseetheheightchangesandwedon'tknowwhatistheproperheightofobject“ramu”.Tosolvethisproblem,theaccessormethodisimplemented.Theaccessormethodsaremethodsthatfirstsetthevalueandthenthroughthatmethodyoucangetthevalue.

<code>#!/usr/bin/python3classHuman:def__init__(self):pass#accessordefset_height(self,height):self.height=heightdefget_height(self):returnself.heightdefmain():ramu=Human()#ramu.height=5.11#itiscalledsideeffect

andhardtotrackramu.set_height(5.12)print(ramu.get_height())if__name__=="__main__":main()</code><blockquote>5.12</blockquote>

Butwe’restillmissingsomething.Wewanttoaddmoreflexibilitiessothatwithlesscodewecangetmorejobsdone.

<code>#!/usr/bin/python3classHuman:def__init__(self,**kwargs):

self.variables=kwargsdefset_manyVariables(self,**kwargs):self.variables=kwargsdefset_variables(self,key,value):self.variables[key]=valuedefget_variables(self,key):returnself.variables.get(key,None)defmain():mana=Human(name='Mana')print("ObjectMana'sname:",

mana.variables['name'])ManaName=mana.variables['name']mana.set_variables('class','two')print(ManaName,"readsatclass",

mana.get_variables('class'))mana.set_manyVariables(school='balika

school',height=4.54)print(ManaName,"hasheightof",

mana.variables['height'],"andherschool'snameis",mana.variables['school'])

babu=Human(name='Babu',student_of='ClassThree',reads_at='BalakSchool',height=5.21)

BabuName=babu.variables['name']print(BabuName,"heisastudentof",

babu.variables['student_of'],"andhereadsat",babu.variables['reads_at'],"andhis

heightis",babu.variables['height'])if__name__=="__main__":main()</code>

Inthiscodesnippetwehavemanyoptionsopentous.Wehavesetourvariablesinadictionaryformat.Afterthatwecangetthevaluethroughthekey.

<blockquote>ObjectMana'sname:ManaManareadsatclasstwo

Manahasheightof4.54andherschool'snameisbalikaschool

BabuheisastudentofClassThreeandhereadsatBalakSchoolandhisheightis5.21

</blockquote>

Thisisnottheonlymethodtotackleobjectdata.Asyouprogressyouwillseealotofdifferentexamplesofhandlingdata.

PolymorphismPolymorphismisaveryimportantconceptinobject-orientedprogramming.Thebasicthingiswhenweapplythesameverbontwodifferentobjects,dependingontheobjects,theyreactdifferently.Whenweputupanoldhouseforsaleitfetchesacertainvalue.Butwhenweputupanewhouseforsaleitfetchesahigherpriceandvalue.Sointhiscasewhenweapply“sale”methodor“sale”verbtodifferentobjects,theybehavedifferently.

<code>#!/usrbin/python3classTable:def__init__(self):passdefItHolds(self):print("Atableholdsbooks,writingpadson

it.")defYouCanWriteOnit(self):print("Youcanwriteonatable.")

classBook:def__init__(self):passdefItHelps(self):print("Abookhelpsustoknowsomething

new.")

defmain():MyTable=Table()MyBook=Book()

MyTable.ItHolds()MyTable.YouCanWriteOnit()MyBook.ItHelps()if__name__=="__main__":main()</code>

Thesearequitesimpleclassesandtheoutputisalsoverysimple.

<blockquote>Atableholdsthingsonit.Youcanwriteonatable.Abookhelpsustoknowsomethingnew.</blockquote>

Thisoutputmaychangedrasticallywhenyouapplythesameverbsormethodstotheobjectsof“Table”and“Book”classes.Considerthefollowingcodes.

<code>#!/usrbin/python3classTable:def__init__(self):pass

defGet(self):print("Pleasegetmethattable.")defPut(self):print("Pleaseputthetableonthecorner

oftheroom.")defDestroy(self):print("Somepeoplecameandtheydidnot

wantustoreadandwrite.Theydestrotedthetable.")classBook:def__init__(self):passdefGet(self):print("Pleasegetmethatbook.")defPut(self):

print("Weputsomenewbooksonthetable.")

defDestroy(self):print("Somepeoplecameandtheydidnot

wantustoreadandwrite.Theydestroyedthebook.")defmain():MyTable=Table()MyBook=Book()InMistake(MyBook)Intentionally(MyTable)defInMistake(Table):Table.Get()Table.Put()Table.Destroy()defIntentionally(Book):Book.Get()Book.Put()Book.Destroy()if__name__=="__main__":main()<code>

Therearethreemethods:Get,Put,andDestroy.Youseehowthetableandbookobjectsreactdifferentlytothosemethods.

<blockquote>Pleasegetmethatbook.Weputsomenewbooksonthetable.Somepeoplecameandtheydidnotwantustoread

andwrite.Theydestroyedthebook.Pleasegetmethattable.Pleaseputthetableonthecorneroftheroom.Somepeoplecameandtheydidnotwantustoread

andwrite.Theydestroyedthetable.</blockquote>

UsingGenerators

InPython,ageneratorobjectisusedinacontextwhereiterationisnecessary.Normally,inthiscase,werelyontwomethods:def__init__(self,*args)anddef__iter__(self).Wesetthelogicintheconstructormethodanditeratethroughitbythedef__iter__(self)function.

<code>#!/usr/bin/python3classInclusiveRange:def__init__(self,*args):numberOfArguments=len(args)ifnumberOfArguments<1:raise

TypeError('Atleastoneargumentisrequired.')elifnumberOfArguments==1:self.stop=args[0]self.start=0self.step=1elifnumberOfArguments==2:#startandstopwillbetuple(self.start,stop)=argsself.step=1elifnumberOfArguments==3:#allstartandstopandstepwillbe

tuple(self.start,self.stop,self.step)=

argselse:raiseTypeError("Maximumthree

arguments.Yougave{}".format(numberOfArguments))

def__iter__(self):i=self.startwhilei<=self.stop:yieldii+=self.step

defmain():ranges=InclusiveRange(5,210,10)forxinranges:print(x,end='')


Thiscodemeansyoucancontroltherangeofiteration.Westartfrom5andthenendat210.Ineachstepweprogressby10.

<blockquote>5152535455565758595105115125135145

155165175185195205</blockquote>

Wecangetthesameeffectwithoutusingthosemethods.Wecansimplywritethisway.

<code>

##thefunctionbelowisperfectlyworkingalsobutthatisnotagenerator##

defRangeFunctions(self,*args):numberOfArguments=len(args)ifnumberOfArguments<1:raise

TypeError('Atleastoneargumentisrequired.')elifnumberOfArguments==1:self.stop=args[0]self.start=0self.step=1elifnumberOfArguments==2:#startandstopwillbetuple(self.start,stop)=argsself.step=1elifnumberOfArguments==3:#allstartandstopandstepwillbe

tuple(self.start,self.stop,self.step)=

argselse:raiseTypeError("Maximumthree

arguments.Yougave{}".format(numberOfArguments))

i=self.startwhilei<=self.stop:yieldii+=self.step

</code>

InheritanceInheritanceisanequallyimportantconceptinobject-orientedprogramming.Thereisaparentclassandachildclass.Thechildclassusuallyinheritsallthepropertiesandmethodsfromtheparentclass.Atthesametime,itcanchangeallthepropertiesandmethodsaccordingtothesituation.

Thewayachildclassinheritsisverysimple.Whenwedeclareachildclasswewritethenameoftheparentclassinsidethechildclasslikethis:ChildClass(ParentClass).

<code>#!/usr/bin/python3classAllUsers:def__init__(self):passdefRegister(self):print("PleaseRegister")defLogin(self):print("WelcomeMember.")classAdmin(AllUsers):def__init__(self):passdefRegister(self):print("Adminsneednotregister")defLogin(self):print("WelcomeAdmin")classMembers(AllUsers):def__init__(self):passdefmain():admin=Admin()

admin.Register()admin.Login()member=Members()member.Register()member.Login()if__name__=="__main__":main()</code>

TheParentclassis“AllUsers()”.Therearetwochildclasses:“Admin”and“Members”.Throughthechildclassesweinheritallthepropertiesandmethodsfromtheparentclass.Intheparentclass,wementionedthatallusersshouldregisterandlogin.Nowinthechildclass“Admin”weoverridethemethods,butinthe“Members”classwedonotchangethem.Whenwecreateaninstanceof“Admin”class,ithasitsownpropertiesandmethods.Butin“Members”class,wedecidednottooverridetheparentclassmethods.Itisevidentinthefollowingoutput.

<blockquote>AdminsneednotregisterWelcomeAdminPleaseRegisterWelcomeMember.</blockquote>

DecoratorDecoratorsarespecialfunctionsthatreturnfunctions.Normally,tosetapropertyofobjectweusuallygetitthroughanotherfunction.

<code>#!/usr/bin/python3classDog:

def__init__(self,**kwargs):self.properties=kwargsdefget_properties(self):returnself.propertiesdefset_properties(self,key):

self.properties.get(key,None)

defmain():lucky=Dog(nature='obedient')print(lucky.properties.get('nature'))


Theoutputisquitesimple.

<blockquote>obedient</blockquote>

InPython,“Decorator”issimplyamethodbywhichwedecorateanaccessormethodforavariable,andthefunctionstartsbehavinglikeaproperty.Thebeautyofthisdecoratoris,youcanusethefunctionasapropertyandaftercreatingtheobjectyoucancontroltheproperty—settingandgettingit.Seethefollowingcode.

<code>#!/usr/bin/python3classDog:

def__init__(self,**kwargs):self.properties=kwargs@propertydefColor(self):returnself.properties.get('color',None)@Color.setterdefColor(self,color):self.properties['color'][email protected](self):delself.properties['color']defmain():lucky=Dog()

#nowwearegoingtousethedecoratorfunctionasanormalproperty

lucky.Color='blackandyellow'print(lucky.Color)


Theoutputisasexpected:

<blockquote>blackandyellow</blockquote>

Itisaverysimpleexamplewhereweseethatausualsyntaxoffunctioncanbewrittenasapropertysyntax.Itismoreconvenientwhenweusethisdecoratormethodinsavingfilesinsideadatabase.

Inthelastchapter,wewillseethewebapplication“Flask.”Wewillseehowwecanusethisdecoratortorouteourwebpages.

(1)


16.StringMethods

SanjibSinha1


InPythonastringisanobject.Asaninstanceof“classstring”itcancallanyfunctionorproperty.Wecanchangeastringintouppercasebysimplycallingafunctionupper().

Letusopenourterminalandtypethis:

<code>hagudu@hagudu-H81M-S1: $python3

Python3.4.0(default,Jun192015,14:20:21)

[GCC4.8.2]onlinux

Type"help","copyright","credits"or"license"formoreinformation.

>>>'thisisastring'

'thisisastring'

>>>s='thisisastring'

>>>s

'thisisastring'

>>>s.upper()

'THISISASTRING'

>>>s='thisisastringnowwearegoingtoaddanintegerintoitasstring{}'

>>>s.format(100)

'thisisastringnowwearegoingtoaddanintegerintoitasstring100'

>>>'inpython2itwaswrittenlike%d'%100

'inpython2itwaswrittenlike100'

>>>

</code>

Wehavejustchangedastringtouppercaseandalsoaddedanintegerintothatstring.

InPython2itwasdonelikethis:

'inpython2itwaswrittenlike%d'%100

ButinPython3.4andonwardswewillnotuseitanymore.Wewilluseformat()functionlikethis:

>>>s='thisisastringnowwearegoingtoaddanintegerintoitasstring{}'

>>>s.format(100)'thisisastringnowwearegoingtoaddanintegerintoitasstring100'

<code>>>>s='thisisastring'

>>>s

'thisisastring'

>>>s.upper()

'THISISASTRING'

>>>s.lower()

'thisisastring'

>>>s='ThisIsAString'

>>>s

'ThisIsAString'

>>>s.swapcase()

'tHISiSasTRING'

>>>s

'ThisIsAString'

>>>s='thisisastring'

>>>s.find('is')

2

>>></code>

Letuswritesomemorestringmethods.Youcandoalmosteverythingwiththesemethods.Youcanuseupper(),lower(),strip(),replace,find(),andmanymore.

<code>#!/usr/bin/python3s='thisisastring'print(s.find('is'))newstring=s.replace('this','that')print(newstring)UpperString=s.upper()print(UpperString)#stringismutable,soidhasbeenchangedforthe

samestringprint(id(s))print(id(UpperString))a='thisisstringwithlotofwhitespaceatthe

beginningandattheend'#bydefaultitremoveswhitespacefromstartand

endRemovingWhiteSpace=a.strip()print(RemovingWhiteSpace)print(RemovingWhiteSpace.strip('this'))</code>

Intheabovecode,wefirstfindoutthepositionof“is”anditcomesoutas2.Why?Becausethefirstwordis“this”andthesequenceofthecharacterstartsas0,1,2,andonwards.Soattheposition0thereis“t”,nextatposition1thereis“h”,andintheposition2thereis“i”,anditstartsreadingfromthere.

Remember,stringismutable.Soforthesamestringcontentthe“ID”changes.Wehaveseenthatinourcode.

Finally,inthiscodeblockweseeanimportantfunction:strip().Bydefaultitstripsoutwhitespacefromthebeginningandtheend.Otherwise,youneedtoprovidethecharacteryouwanttostripfromthesentence.

<blockquote>2thatisastringTHISISASTRING140141176379480140141176379768thisisstringwithlotofwhitespaceatthe

beginningandattheendisstringwithlotofwhitespaceatthebeginning

andattheend</blockquote>

Considerthiscode:

<code>x,y=10,11f="this{}isaddedandthereafterweadd{}"

FormattedString=f.format(x,y)print(FormattedString)#wecouldhavewrittenitinCstylem,n=10,11f="this%disaddedandthereafterweadd%d"FormattedString=f%(x,y)print(FormattedString)</code>

Theoutputisthesame.

</blockquote>this10isaddedandthereafterweadd11this10isaddedandthereafterweadd11</blockquote>

Butthedifferenceis,inthelatterpartwehaveusedPython2style.Inthatstyle,weformatin“C”styleandmentionwhatkindofvaluewewanttoformat.Herewewantedtoformat“decimal”,sowehavewritten“%d”.

FromPython3.1onwardsthisstylehasbeenchanged,becausethiswrapperoftwocurlybraces,“{}”,andtheformat()functiondothemagic.Nowyouneednotmentionthevalueanymore.Beforethat,youhadtomentionthevalueyouwantedtoformat.Somorefreedomandpowerarebeingadded.

Lookhowwecanformatadictionaryvalueinourstring:

<code>a,b=10,11s="Thisis{},andthatis{}"FormattedStirng=s.format(a,b)print(FormattedStirng)#wechangethepositionFormattedStirng=s.format(b,a)print(FormattedStirng)s="Thisis{0},andthatis{1}andthistoois

{0}andthattoois{1}"FormattedStirng=s.format(a,b)print(FormattedStirng)#wecanchangeitaccordingtoourwishwiththe

positionalargument

s="Thisis{1},andthatis{1}andthistoois{0}andthattoois{1}"

FormattedStirng=s.format(a,b)print(FormattedStirng)#wecanuseitasdictionarys="Thisis{mine},andthatis{your}andthis

toois{your}andthattoois{mine}"FormattedStirng=s.format(mine=a,your=b)print(FormattedStirng)#moredictionarystaffs="Thisismywish:{mine},andthatisyourwish

:{your}andthistooismine:{mine}andthattooismine:{mine}"

FormattedStirng=s.format(mine="Iwanttoremove'I'",your="Doyouwanttoremove'yourself'?")

print(FormattedStirng)</code>

Andhereistheoutput:

<blockquote>Thisis10,andthatis11Thisis11,andthatis10Thisis10,andthatis11andthistoois10and

thattoois11Thisis11,andthatis11andthistoois10and

thattoois11Thisis10,andthatis11andthistoois11and

thattoois10Thisismywish:Iwanttoremove'I',andthatis

yourwish:Doyouwanttoremove'yourself'?andthistooismine:Iwanttoremove'I'andthattooismine:Iwanttoremove'I'

</blockquote>

Howcanwetestthatthestringisimmutable?

<code>strings="Thisisastring"

print(type(strings))print(id(strings))AnotherStrings="Thisisastring"print(type(AnotherStrings))print(id(AnotherStrings))print(strings.split())words=strings.split()words.append("andthatiaalsoastring.")print(type(words))print(words[0])NewWords=":".join(words)print(NewWords)NewWords=",".join(words)print(NewWords)words[0]="That"print(words)</code><blockquote><class'str'>139956209543256<class'str'>139956209543256['This','is','a','string']<class'list'>ThisThis:is:a:string:andthatiaalsoastring.This,is,a,string,andthatiaalsoastring.['That','is','a','string','andthatiaalsoa

string.']</blockquote>

(1)


17.FileInputAndOutput

SanjibSinha1


Pythonhassomebuilt-infunctionsfordealingwithfiles.Youcanopenafileandreadwhatisinside.Youcanwriteafile.Thatfilecouldbeatextfileorapicture.

Eachtimeweusetheopen()methodandpassthemodeasanargument.Forreadingafilewewrite“r”andforwriteweuse“w”.Letusconsideracodewhereinanobjectwereadafileandwriteitonanotherfileusinganotherobjectinthenextstep.

<code>infile=open('files.txt','r')outfile=open('new.txt','w')forlineininfile:print(line,file=outfile)print("Done")</code>

Ifwecopythiswaythefilesizeisincreasedinthenewtextfile.Nowwehaveacomparativelylargefile.“Files.txt”isnow“5.4KB”andthe“new.txt”isonly134bytes.

Ifwecopybytheoldwaythenewfilebecomes“5.7KB”,alittlebitlargerthantheformerone.ButPythonhasthetechniquetocopybybuffersothatthebuffersizeremainsintact.

Nowwearegoingtowritethecontentsof“files.txt”into“new.txt”,butnotbytheoldway.Thenewcodeis:

<code>BufferSize=500000infile=open('files.txt','r')outfile=open('new.txt','w')buffer=infile.read(BufferSize)whilelen(buffer):outfile.write(buffer)print("Itiscopying,itmighttakesome

time...pleasewait....",end='')buffer=infile.read(BufferSize)print()print("CopyingDone.")</code>

Theoutputisasexpected.

<blockquote>Itiscopying,itmighttakesometime...please

wait....CopyingDone.</blockquote>

Readingandwritingbinaryfileisthesame.Allyouneedtodoischangethemodefrom“r”to“rb”andchangethemodefrom“w”to“wb”.That’sit.Yourcodelookslikethis:

BufferSize=5000000infile=open('home.jpg','rb')outfile=open('newimageofHome.jpg','wb')buffer=infile.read(BufferSize)whilelen(buffer):outfile.write(buffer)print("Itiscopyinganimage,itmighttake

sometime...pleasewait....",end='')buffer=infile.read(BufferSize)print()print("CopyingDone.")</code>

(1)


18.Containers

SanjibSinha1


InPythontuplesandlistsarearraytypes.Tuplesareimmutablebutlistsaremutable.Tuplesareusedwithcommaoperatorandyoucaniteratethroughthetuplequiteeasily.Astuplesareimmutable,youcannotaddorupdatethevalueofatuple.Inlists,youcanupdateoraddnewvaluesquiteeasily.OpenupyourterminalinLinuxandIDLEinWindows.Writedownthecodebelowandseetheoutputyourself.Pleasereadthecommentsthatareattachedwiththecode.

<code>#!/usr/bin/python3tuples1=1,2,3,4print(type(tuples1))print(id(tuples1))tuples2=(1,2,3,4)print(type(tuples2))print(id(tuples2))print(tuples1[0])print(tuples2[0])#itwillgivethelastitemprint(tuples2[-1])print(type(tuples1[0]))print(type(tuples2[0]))print(id(tuples1[0]))print(id(tuples2[0]))#tupleisimmutablewecannotchangeanyvalue#'tuple'objectdoesnotsupportitemassignment

#tuples2[0]=120#print(tuples2)#tomakeanintegertupleyouneedtoaddcomma

separatorIsItTuple=(1)print(type(IsItTuple))IsItTuple=(1,)print(type(IsItTuple))#letusseehowlistbehaveslist1=[1,2,3,4]print(type(list1))print(id(list1))#firstitemprint(list1[0])#lastitemprint(list1[-1])#wecanchangethevalueofalistitemlist1[0]=120print(list1)#output:[120,2,3,4]</code>


<blockquote><class'tuple'>139794725901080<class'tuple'>139794725900920114<class'int'><class'int'>1045504010455040<class'int'><class'tuple'><class'list'>139794725273480

14[120,2,3,4]</blockquote>

OperatingonTupleandListObjectLetusopenupourterminalandtesthowtuplesandlistsworktogether.

<code>root@kali: #python3Python3.4.4(default,Jan52016,15:35:18)[GCC5.3.120160101]onlinuxType"help","copyright","credits"or"license"

formoreinformation.>>>t=(1,2,3,4)>>>t(1,2,3,4)>>>t[0]1>>>t=tuple(range(25))>>>type(t)<class'tuple'>>>>50intFalse>>>10intTrue>>>foriint:print(i)...0123456789

101112131415161718192021222324>>>l=list(range(20))>>>type(l)<class'list'>>>>foriinl:...print(i)File"<stdin>",line2print(i)^IndentationError:expectedanindentedblock>>>foriinl:print(i)...0123456789101112

13141516171819>>>l[2]2>>>50inlFalse>>>12inlTrue>>>t[0]=25Traceback(mostrecentcalllast):File"<stdin>",line1,in<module>TypeError:'tuple'objectdoesnotsupportitem

assignment>>>l[0]=25>>>print(l)[25,1,2,3,4,5,6,7,8,9,10,11,12,13,14,

15,16,17,18,19]>>>t.append(50)Traceback(mostrecentcalllast):File"<stdin>",line1,in<module>AttributeError:'tuple'objecthasnoattribute

'append'>>>l.append(120)>>>print(lllambdalen(license(list(l

ocals(>>>print(l)[25,1,2,3,4,5,6,7,8,9,10,11,12,13,14,

15,16,17,18,19,120]>>>t.count()Traceback(mostrecentcalllast):File"<stdin>",line1,in<module>TypeError:count()takesexactlyoneargument(0

given)>>>t.count(5)1>>>l.append(25)>>>l.count(25)2>>>t.index(10)10>>>l.index(10)10>>>l.extend(range(25))>>>foriinl:print(i)...2512345678910111213141516171819120250123

456789101112131415161718192021222324>>>l.insert(0,4656)>>>l[0]4656>>>l.insert(12,147)>>>l.index(12)14>>>l[12]147>>>l.remove(12)>>>l[12]147>>>print(l)[4656,25,1,2,3,4,5,6,7,8,9,10,147,11,

13,14,15,16,17,18,19,120,25,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24]

>>>l.remove(12)>>>print(l)

[4656,25,1,2,3,4,5,6,7,8,9,10,147,11,13,14,15,16,17,18,19,120,25,0,1,2,3,4,5,6,7,8,9,10,11,13,14,15,16,17,18,19,20,21,22,23,24]

>>>l.pop(0)4656>>>print(l)[25,1,2,3,4,5,6,7,8,9,10,147,11,13,

14,15,16,17,18,19,120,25,0,1,2,3,4,5,6,7,8,9,10,11,13,14,15,16,17,18,19,20,21,22,23,24]

>>>l.pop()24>>>print(l)[25,1,2,3,4,5,6,7,8,9,10,147,11,13,

14,15,16,17,18,19,120,25,0,1,2,3,4,5,6,7,8,9,10,11,13,14,15,16,17,18,19,20,21,22,23]

>>></code>

Writedownthesamecodeandseehowitworksinyourmachine.Errorsmaycomeoutashappenedintheabovecode.Butremember,eacherrorwillhelpyoutolearnafewnewthings.

OperatingonDictionaryObjectAsyouhavetestedtuplesandlists,youcantestthedictionaryobjectandseehowitworks.

<code>root@kali: #python3Python3.4.4(default,Jan52016,15:35:18)[GCC5.3.120160101]onlinuxType"help","copyright","credits"or"license"

formoreinformation.>>>x={'one':1,'two':2,'three':3}>>>type(x)<class'dict'>

>>>y=dict(four=4,five=5,six=6)>>>type(y)<class'dict'>>>>z=dict(seven=7,eight=8,nine=9,**x,

**y)File"<stdin>",line1z=dict(seven=7,eight=8,nine=9,**x,

**y)^SyntaxError:invalidsyntax>>>z=dict(seven=7,eight=8,nine=9,**x)>>>type(z)<class'dict'>>>>print(z){'eight':8,'two':2,'nine':9,'one':1,

'seven':7,'three':3}>>>foriinz:print(i)...eighttwonineoneseventhree>>>forkey,valueinz.items():print(key,value)...eight8two2nine9one1seven7three3>>>forkey,valueinz.items():...ifkey==two:...print(value)...Traceback(mostrecentcalllast):File"<stdin>",line2,in<module>

NameError:name'two'isnotdefined>>>z.pop()Traceback(mostrecentcalllast):File"<stdin>",line1,in<module>TypeError:popexpectedatleast1arguments,got0>>>z.pop(three)Traceback(mostrecentcalllast):File"<stdin>",line1,in<module>NameError:name'three'isnotdefined>>>z.pop('three')3>>>foriinz:print(i)...eighttwonineoneseven>>>forkey,valueinz.items():...ifkey=='nine':...print(value)...9>>></code>

Themoreyouspendtimewithtuples,lists,anddictionaries,themoreyoulearnaboutPython.Therearealotofbuilt-infunctionsandyoucanusethosefunctionsquiteeasilytogetmoreoutofyourcode.Anotherkeyconceptofdictionaryis"key=>value"pair.AsyouprogressfurtherandlearnmorelanguagesalongwithPython,youwillfindthateachlanguageusesthisconcept,takingitfurthertosolvemajorproblems.Thewebframeworks,inparticular,usethisconceptveryheavily.

(1)


19.Database

SanjibSinha1


DatabaseoperationsinPythonarefairlysimple.Forthesmallamountofwork,thebuilt-inSQLite3isquitecompetitive.Youcaneasilymaintainitbycreating,retrievingandupdatinganddeletingit.

Thebasictermis“CRUD.”“C”standsforcreate,“R”standsforretrieve,“U”forupdate,and“D”fordelete.Withanydatabaseyougenerallyperformtheseactions.

LetusstartwithSQLite3.ThereisalargelibraryinsidethePythonhome.AllthefunctionsandpropertiesofSQLite3arestoredthere,soyoucaneasilyimportthemandusethemforyourproject.Considerthiscode:

<code>#!/usr/bin/python3importsqlite3defmain():db=sqlite3.connect('test.db')db.row_factory=sqlite3.Rowdb.execute('droptableifexiststest1')db.execute('createtabletest1(t1text,i1

int)')db.execute('insertintotest1(t1,i1)values

(?,?)',('Babu',1))db.execute('insertintotest1(t1,i1)values

(?,?)',('Mana',2))db.execute('insertintotest1(t1,i1)values

(?,?)',('Bappa',3))db.execute('insertintotest1(t1,i1)values

(?,?)',('Babua',4))db.execute('insertintotest1(t1,i1)values

(?,?)',('Anju',5))db.execute('insertintotest1(t1,i1)values

(?,?)',('Patai',6))db.execute('insertintotest1(t1,i1)values

(?,?)',('GasaBuddhu',7))db.execute('insertintotest1(t1,i1)values

(?,?)',('Tapas',8))db.commit()DatabaseRead=db.execute('select*fromtest

orderbyi1')forrowinDatabaseRead:#print(dict(row))print(row['t1'])#print(row['t1'],row['i1'])#print(type(row))if__name__=="__main__":main()</code>

Ifyourunthiscode,youwillseealistofnamesIjustadded.Asyousee,wehaveconnectedwithadatabase,“test”.Nextweaddedatablewithtwocolumns.ThefirstcolumnistheidintegerandwekeeptheIDofeachnameinsideit.Thesecondcolumnistheplaceholderoftext.Wekeepafewnamesthere.

Youcanwritethesamecodeandtestit.Itwillgiveyouthesameresult.Onceyourunthecode,youwillfindthatafile“test.db”hasbeencreatedinsideyourproject.

MySQLforBigProjectSQLite3isgoodforasmallamountofwork.Butforabigproject,itisbettertooptforadatabaselikeMySQL.ToworkwithMySQLinPython3youneedtodownloadandinstallMySQLconnector.Thedownloadandinstallationpart

isquiteeasy.InPython2*youcanbydefaultimportMySQLConnector.ButforPython3,

youneedtodownloadthefile.Openhttps://python.organdsearchforMySQLConnector.Downloadthefileandrun“setup.py”.

OnceyoudownloadandinstalltheMySQLConnectormoduleitisfairlysimpleandeasytoconnecttoanyMySQLdatabase.

ConsiderthiscodewherewesimplyconnecttoaMySQLdatabaseandhaveaprintout“connected.”

IfMySQLoranydatabaseoperationiscompletelynewtoyou,itisbettertolearnaboutthesimpledatabaseoperationsanddatabasequerylanguage.InWindowsorLinux,installingPHPMyAdminisveryeasy.JustinstallitandyouneednotwritealltheSQLcodetobuildadatabaseandallthetables.

Letusassumethatwehaveadatabasecalled“python-mysql”.Inthatdatabasewehavesometables.Nowwearegoingtoconnecttothatdatabasefirst.

<code>#!/usr/bin/python3importmysql.connectorfrommysql.connectorimportErrordefConnectionTest():###connectingtoMySQLDatabase###try:###youcaneitheruseadictionaryobject

oryoucanconnectdirectly######usingadictioanryconnectionobject

###kwargs=dict(host='localhost',database

='python_mysql',user='root',password='pass')conn=mysql.connector.connect(**kwargs)###connectingdirectly###connection=mysql.connector.connect(host=

'localhost',databa

se='python_mysql',user=

'root',passwo

https://python.org

rd='pass')ifconn.is_connected():print("Connectedfrom'conn'object")exceptErrorase:print(e)finally:connection.close()if__name__=="__main__":ConnectionTest()</code>

Itwillgiveusaprintout“Connectedfromaconnobject”.Itmeansthedatabseconnectionhasbeensetup.Nowitistimetoretrievethevaluefromthetable.

Inthisdatabasewehavetwotables.Oneisof“authors”andtheotheris“books”.MySQLConnectorclasshasallthefunctionsneededtoperformanytasktothosetables.Youcanfetchalltherecords.Youcandecidehowmanybooksorhowmanyauthorsyouwouldliketofetch.Thefollowingcodeshowsyouboth.Butafewpartshavebeencommentedout.

Totestthiscodeyouneedtohaveadatabasefirst.Nameit“python-mysql”.Nextyouneedtohavetwotablescalled“authors”and“books”.Youalsoneedtofillupthosetables.Itisalwaysbettertosearchonlineanddownloadaready-madeMySQLdatabaseandtables.Theyareavailable.ItishighlysuggestedthatyousearchforMySQLConnectorandseewhatyoufind.

Inthefollowingcode,pleasegothroughthecommentedsectionsalso.Thatsaysalotabouthowyoucanretrieveyourrecordsandshowthemtotheworld.

<code>#!/usr/bin/python3importmysql.connectorfrommysql.connectorimportErrordefRetrieveValues():try:kwargs=dict(host='localhost',database

='python_mysql',user='root',password='pass')conn=mysql.connector.connect(**kwargs)###showsyouhowtoquerydatafromaMySQL

databaseinPythonbyusingMySQLConnector/PythonAPI#suchasfetchone(),fetchmany(),and

fetchall()###ifconn.is_connected():cursors=conn.cursor()cursors.execute('SELECT*FROM

authors')#row=cursors.fetchone()#output(1,'BelandtheDragon',

'123828863494')#######nowwetrytogetallthebooks#row=cursors.fetchall()#print(type(row))#output<class'list'>,sowecanuse

forloop#forbooksinrow:#print(books)#itwillgiveuslistofallthebooks#########nowwegivethesizeofhowmany

bookswewanttoget####HowManyBooks=8#row=cursors.fetchmany(HowManyBooks)#forbooksinrow:#print(books)#wegettheoutputof8booksrow=cursors.fetchall()forbooksinrow:print(books)exceptErrorase:print(e)finally:conn.close()if__name__=="__main__":RetrieveValues()</code>

Wehaveusedthetryanderrormethodsothatifconnectionfails,itwould

notshowanugly“Error”messageonyourproject.Second,thismethodisquitedirect.Youcanalsouseaconfigurationfiletodothesamething.

Itisstronglyadvisabletouseaconfigurationfile(wesay“configfile”).Theconfigurationfilehasallthethingsnecessarytoconnecttothedatabase.

Wecanwriteintheconfigurationfilelikethisandsaveitas“mysql_config.ini”.

<code>[mysql]host=localhostdatabase=YourDatabaseNameuser=rootpassword=pass</code>

Letusseehowthis“.ini”filecanbeparsedthroughourPythoncode.Wesavethisfileas“MySQL_Connector.py”.

<code>#!/usr/bin/python3fromconfigparserimportConfigParserdefReadingMySQLConfig(filemame=

'mysql_config.ini',section='mysql'):parser=ConfigParser()parser.read(filemame)db=dict()ifparser.has_section(section):items=parser.items(section)foriteminitems:db[item[0]]=item[1]else:raiseException('{0}notfoundinthe

{1}file'.format(section,filemame))returndb</code>

Youseethatwehaveimportedthenecessarymodulesforparsingtheconfigurationfileandfinallywehaveusedthatconfigurationfiletoconnecttothedatabase.Andintheabovecodeof“MySQL_Connector.py”wehave

includedthat“mysql_config.ini”fileinthisline—defReadingMySQLConfig(filemame='mysql_config.ini',section='mysql'):—asanargument.

Howwecanusethisconfigurationfiletotestourconnectionisshownbelow.

<code>#!/usr/bin/python3frommysql.connectorimportMySQLConnection,ErrorfromMySQL_Connector.mysql_configimport

ReadingMySQLConfigdefConnect():kwargs=ReadingMySQLConfig()MyConnection=MySQLConnection(**kwargs)try:ifMyConnection.is_connected():print("Connected")exceptErrorase:print(e)finally:MyConnection.close()if__name__=="__main__":Connect()</code>

Nowwehavedecoupledourcodemore.Weareabletodivideitinsmallsegmentssothatourconnectioncodelooksextremelysmallandorganized.ButyoucanalwaysconnecttoyourMySQLdatabaselikebelow.

<code>#!/usr/bin/python3#-*-coding:utf-8-*-importmysql.connectorfrommysql.connectorimportErrordefconnect():"""ConnecttoMySQLdatabase"""try:conn=

mysql.connector.connect(host='localhost',database='Yo

urDatabase',user='root',password='Yo

urPassword')ifconn.is_connected():print('ConnectedtoMySQLdatabase')exceptErrorase:print(e)finally:conn.close()if__name__=='__main__':connect()</code>

Nowthetimehascometoretrieverecordsfromthedatabase.Weareabletoconnecttothedatabase.Now,thereshouldnotbeanytroublefetchingrecordsfromthetablesofthedatabase.Wehavetwobuilt-inmethodsinourPythonlibrary.Themethodsare“fetchmany()”and“fetchall()”.Thefirstmethod,“fetchmany()”,givesyouthelibertytodecidehowmanyrowsyouaregoingtofetch.Letusseethecode:

//querywithfetchmany()<code>#!/usr/bin/python3frommysql.connectorimportMySQLConnection,ErrorfromDatabases.python_mysql_dbconfigimport

read_db_configdefiter_row(cursor,size=10):whileTrue:rows=cursor.fetchmany(size)ifnotrows:breakforrowinrows:yieldrowdefquery_with_fetchmany():try:

dbconfig=read_db_config()conn=MySQLConnection(**dbconfig)cursor=conn.cursor()cursor.execute("SELECT*FROMEMPLOYEE")#EMPLOYEEisthetablenameforrowiniter_row(cursor,10):print(row)exceptErrorase:print(e)finally:cursor.close()conn.close()if__name__=='__main__':query_with_fetchmany()</code>

Themethod“fetchall()”bringsalltherecordsfromatable.

<code>#!/usr/bin/python3frommysql.connectorimportMySQLConnection,ErrorfromDatabases.python_mysql_dbconfigimport

read_db_configdefquery_with_fetchall():try:dbconfig=read_db_config()conn=MySQLConnection(**dbconfig)cursor=conn.cursor()cursor.execute("SELECT*FROMEMPLOYEE")rows=cursor.fetchall()print('TotalRow(s):',cursor.rowcount)forrowinrows:print("FirstName=",row[0])print("SecondName=",row[1])print("Age=",row[2])print("Sex=",row[3])print("Salary=",row[4])exceptErrorase:

print(e)finally:cursor.close()conn.close()if__name__=='__main__':query_with_fetchall()</code>

Youseehowwecanfetchtherecordsasourrequirements.Nowletustrytotesttheinsertionprocess.InourCRUDapplication,thefirst“C”standsfor“Create.”Heretheword“Create”meansnothingbutinsertionofnewrecords.ThroughMySQLConnectoritisquitesimple.Allyouneedisthattheconnectionmustbeon.Afterthatyouneedtoinsertyourrecords.

Hereisthecode.Wehavea“Book”tableinourdatabaseandwearegoingtoinserttworecordsintoit.OneisthetitleofthebookandtheotheristheISBNcodeofthebook.


ReadingMySQLConfigdefInsertBooks(books):query="INSERTINTObooks(title,isbn)

VALUES(%s,%s)"try:kwargs=ReadingMySQLConfig()MyConnection=MySQLConnection(**kwargs)ifMyConnection.is_connected():cursor=MyConnection.cursor()cursor.executemany(query,books)MyConnection.commit()exceptErrorase:print(e)finally:MyConnection.close()defmain():books=[("TestBook",1236547890)]

InsertBooks(books)print("Insertedonebook")if__name__=="__main__":main()</code>

WehavesuccessfullyinsertedonebooktitleandISBNcode.ThenextprocesswillbeupdatingthattitleandISBNcode.Thatisalsoveryeasy.AllyouneedistheuniqueIDofthebook.OnceyouhaveprovidedtheuniqueIDofthebook,youcanupdateiteasily.

<ocde>#!/usr/bin/python3frommysql.connectorimportMySQLConnection,ErrorfromMySQL_Connector.mysql_configimport

ReadingMySQLConfigdefUpdateBooks(book_id,title):kwargs=ReadingMySQLConfig()data=(title,book_id)query="UPDATEbooksSETtitle=%sWHEREid=

%s"try:MyConnection=MySQLConnection(**kwargs)cursor=MyConnection.cursor()cursor.execute(query,data)MyConnection.commit()exceptErrorase:print(e)finally:MyConnection.close()defmain():foridinrange(1,25):ifid==3:UpdateBooks(id,"IHaveADream")print("Onebookhasbeenupdated")elifid==4:UpdateBooks(id,"Laravel5Unfolded")print("Onebookhasbeenupdated")

elifid==5:UpdateBooks(id,"PlayWithPython")print("Onebookhasbeenupdated")if__name__=="__main__":main()</code>

WehavesuccessfullyupdatedthreebookswhichhaveuniqueIDsof3,4,and5,respectively.Finallywewillseehowwecandeletearecord.

Todeletearecord,onceagainyouneedtheuniqueID.


ReadingMySQLConfigdefDeleteBooks(book_id):kwargs=ReadingMySQLConfig()query="DELETEFROMbooksWHEREid=%s"try:MyConnection=MySQLConnection(**kwargs)cursor=MyConnection.cursor()cursor.execute(query,(book_id,))MyConnection.commit()exceptErrorase:print(e)finally:MyConnection.close()defmain():id=87DeleteBooks(id)print("Deleted",id,"numberofbookfrom

books")if__name__=="__main__":main()</code>

Inthiscode,thisline—“cursor.execute(query,(book_id,))”—isextremely

important.Youprobablynoticethatwehaveuseda“,”separatorafterthe“book_id”.Itisyourtasktofindoutwhythiscommaseparatorhasbeenused.Theonlyclueisitisrelatedtoeither“tuples”or“lists”.Itisyourtaskthatyoufindoutwhatistheactualreason.

Likeeverymodernversionofrelationaldatabases,MySQLalsoallowsyoutokeepabinarylargeobjectinsideit.Normallywhenyouwritenumbersorstringstheydonottakeupmuchspace.Butwhatabouttheimages?Letusassumethatwehaveanauthortablewhereweneedtokeepimagesfortheauthors.Wemayalsowanttokeepthecoverpicturesofthebooksinourbooktable.

Normallythisimageoranybinarylargeobjectiscalled,inshort,“BLOB”.Letusupdateourauthortablewithanimageandseehowitworks.


ReadingMySQLConfigdefReadFile(filename):withopen(filename,'rb')asf:images=f.read()returnimagesdefUpdateImage(author_id,filename):kwargs=ReadingMySQLConfig()data=ReadFile(filename)query="UPDATEauthorsSETphoto=%sWHEREid

=%s"args=(data,author_id)try:MyConnection=MySQLConnection(**kwargs)cursor=MyConnection.cursor()cursor.execute(query,args)MyConnection.commit()exceptErrorase:print(e)finally:MyConnection.close()defmain():

id=47UpdateImage(id,"/home/hagudu/Pictures/ss.jpg")print("ImageofauthorID",id,"hasbeen

updated.")if__name__=="__main__":main()</code>

Thecodeisfairlysimple.Atleastatthisstageyoushouldfinditsimple.Thestepsarelikethis:

1. Readthefilewiththehelpofthe“with”keywordandstoreitinavariableandreturnit.Wepasstheparameterthroughthefunction.Seethefirstfunction:“ReadFile(filename)”.

2. Thesecondfunctioniscrucialbecauseitpassesthesamefilenameasoneoftheparameters.Italsoconnectstothedatabaseandcommits.Seethesecondfunction:“UpdateImage(author_id,filename)”.

3. Finally,wecallthesecondfunctionandpassthepathoftheimagefileasanargumentsothatourPythoncodereachesthereandretrievestheimagebyopeningitandfinallycommittingtothedatabase.

Nowwearegoingtoretrieveoneimagefromthedatabaseandwriteitonourlocaldisk.Inthepreviouscodewehavereadthefile.Nowitistimetowritethefileonourdisk.Thecodeisalmostsimilarexceptforafewchanges.


ReadingMySQLConfigdefWriteFile(data,filename):withopen(filename,'wb')asfiles:files.write(data)defReadImage(author_id,filename):kwargs=ReadingMySQLConfig()query='SELECTphotoFROMauthorsWHEREid=

%s'try:MyConnection=MySQLConnection(**kwargs)cursor=MyConnection.cursor()cursor.execute(query,(author_id,))photo=cursor.fetchone()[0]WriteFile(photo,filename)exceptErrorase:print(e)finally:MyConnection.close()defmain():id=47ReadImage(id,"/home/hagudu/Pictures/ss1.jpg")if__name__=="__main__":main()</code>

(1)


20.Module

SanjibSinha1


InPythonwhenyouleavetheshellorterminalorPythoninterpreter,thescriptislost.Afterall,youdon’twriteprogramstoloseattheendoftheday.Itmaybeasimplecalculatorprogram.Butyouwanttouseitagain.Anotherimportantthingisyouneedtouseyouronecodeinyourothercode.Youmaywanttouseotherpeople’scodealso.

Tosolvethisdilemma,theconceptof“module”comesin.Youwriteasimplecalculatorprogramandsavethefileas“cal.py”.Ifyou

areintherootdirectoryofyourprojectyoucaneasilyuseyourcalculatorinyourotherprogram.OnceyouwriteaPythoncodeandsaveitwithaname,thatnamebecomesamodule.

Inthiscase,“cal”becomesamodule.Nowyoucan“import”that“cal”moduleintoanyothercodeormodule.InthelargePythonlibrarytherearetonsofmodules.Youcanalwaysimportthemandusethem.Considerthecodebelow.Inthiscodewehaveimportedthreemodules.Thefirstis“sys”orsystem-specificmodule.Thesecondoneis“os”oroperatingsystem–specificmoduleandthethirdoneis“urllib”whichmeansalibrarythatisURL-specific.Younoticethatwewrite"urllib.request".The“dot”notationmeansweactuallycallsomethingcalled“request”fromthePythonURLlibrary.Actually,thewebarchitectureprimarilydependsupontwothings:requestandrespond.HerewearegoingtorequestsomethingfromaURL.

<code>#!/usr/bin/python3importsys,os,urllib.requestdefmain():

print("ThisisPythonVersion:{}.{}.{}".format(*sys.version_info))

#osmoduleprint(os.name)print(os.getenv('PATH'))print(os.getcwd())

#urllibmodulepage=

urllib.request.urlopen('http://arshinagar.in/')forlineinpage:print(str(line,encoding='utf-8'),end='')if__name__=="__main__":main()</code>

Youseethatinthefirstpartofthecodewehaveusedthe“sys”moduleandwantedtoknowtheversionofPythonoursystemisusing.Thesecondpartisallabouttheoperatingsystem.Itgivesusthename,path,andmanyotherthings.Andinthelastpartwearerequestingawebpage.

LetusseetheoutputinaLinuxDebiandistributionlikeUbuntufirst.Thefirstlineistheversionandthesecondlineisabouttheoperatingsystem,whichis“posix”.Thethirdlineistheenvironmentpathandthefourthlineistheactualpathwherethisfileisstored.

Fromthefifthlineyouseethe“urllib.request”startsworkinginandfetchesthewholeindexpagefromawebsite.Ihaveusedmyfriend’swebsite.IdonotprintoutthewholeHTMLoutput,asitwouldtakelotsofspace.Gothrougheachlineandseehowdifferentmoduleswork.

<blockquote>ThisisPythonVersion:3.4.3posix/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/

sbin:/bin:/usr/games:/usr/local/games/home/hagudu/PycharmProjects/FirstPythonProject/mod

ules<!DOCTYPEhtml><htmllang="en"><head>

<metacharset="UTF-8"/><metaname="viewport"content="width=device-width"

/><metaname="viewport"content="initial-scale=1.0"

/><metaname="HandheldFriendly"content="true"/><linkrel="profile"href="http://gmpg.org/xfn/11"

/><linkrel="pingback"

href="http://www.arshinagar.in/xmlrpc.php"/><title>Arshinagar–JustanotherWordPress

site</title><linkrel="alternate"type="application/rss+xml"

title="Arshinagar»Feed"href="http://www.arshinagar.in/feed/"/>

<linkrel="alternate"type="application/rss+xml"title="Arshinagar»CommentsFeed"href="http://www.arshinagar.in/comments/feed/"/>

//thedetailsareremovedforbrevityProcessfinishedwithexitcode0</blockquote>

NowwecantrythissamecodeinWindowsandcomparetheoutput.

<blockquote>ThisisPythonVersion:3.4.4ntC:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\

Wbem;C:\ProgramFiles\MicrosoftSQLServer\90\Tools\binn\

D:\pthon-files-fromwindows</blockquote>

InthisoutputyouseethePythonversionhasbeenchanged.Theoperatingsystemisnot“posix”anymore.Itis“nt”now.Theenvironmentpathandthefilepatharealsopolesapart.Iremovedthe“urllib.request”moduleoutputforconcision.

Wecanseemoremoduleexampleshere.

<code>#!/usr/bin/python3importsys,os,urllib.request,random,datetimedefmain():print("ThisisPythonVersion:{}.{}.

{}".format(*sys.version_info))

#randommoduleprint(random.randint(1,1000))x=list(range(25))print(x)random.shuffle(x)print(x)random.shuffle(x)print(x)random.shuffle(x)print(x)PresentTime=datetime.datetime.now()print(PresentTime)print(PresentTime.year,PresentTime.month,

PresentTime.day,PresentTime.hour,PresentTime.minute,PresentTime.second,PresentTime.microsecond)


Inthiscodeweaddtwomoremodules.Theyare“random”and“datetime”.Wegettheoutputbelowtoseehowtheywork.

</blockquote>ThisisPythonVersion:3.4.3366[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,

15,16,17,18,19,20,21,22,23,24][23,6,22,3,7,19,10,16,8,12,15,21,11,

17,9,13,4,14,24,18,0,2,1,20,5][0,8,21,5,13,3,2,18,24,12,4,19,14,17,

20,10,11,22,15,9,6,23,1,7,16]

[11,6,23,14,9,7,3,5,15,2,19,0,16,24,21,12,4,13,22,20,10,8,1,17,18]

//hereistheoutputofdateandtimemodule2016-03-2308:34:37.253888201632383437253888</blockquote>

Eachtimeyourunthecode,yougetanewnumberasthe“random”modulealwaysproducesnewnumbers.Togetmoreideas,youneedtogothroughthePythonStandardLibraryintheofficialPythonwebsiteordownloadthePython3.4.4documentation.Itisavailableinmanyfiletypes,includingsimpletextfileorPDF.The“datetime”modulepageinPythonStandardLibraryinthedocumentationlookslikethis:

Figure20-1. PythonStandardLibrary

Nowyoucangobacktoyouroldcodesandseethemagaininanewlight.NowyouwilleasilyunderstandwhywehaveusedtheMySQLConnectormoduleorConfigurationParsermodule.

(1)


21.Debugging,UnittestModule

SanjibSinha1


Nowyouhaveprogressedalot.Intheprocessofcodingyoumusthavefoundorseenmanytypesoferrors.Itisquiteobvious.Theseasonedprogrammersalsomakemistakes.Youhavealsolearnedtocatchyourerrors.Butthesituationmaycomewhenyouneedtoupdateyourcode.Itmighthappen.Youneedtomodifyoraddafewlinesinyourcode.Itmayeitherworkoritmayfail.Inyournewlinesofcodetherecouldbe“syntactical”errors.Therecouldbe“runtime”errors.UsuallythePythoninterpretertriestoguideyouinsuchcases.Generallyitpointsoutwheretheerrorhasoccurred.Butnotalways.

Insuchcasesthe“unittest”modulecomestoyourhelp.InPythonstandardlibraryyougetalotofinformationaboutthismodule.

YoumayalsosearchtheInternetaboutthe“nose”tool,whichdoessomethingsimilar.Thebasicconceptis,youhaveacoderepositorysomewhereandyouhaveaseparateunittestingschedule.Itisanautomatedtest.

Supposewehaveafoldercalled“MyTest/BrainAndSoul”.InsidethisfolderwehaveaPythonfilecalled“saytimedate.py”.ItisaverysimplefilethatwilltellustheversionofPythonandthepresenttimeanddate.Togetthatoutput,weneedtwomodules:“sys”and“datetime”.Wehavetwomethodstogetthoseoutputs.Togettheoutput,allweneedtodoiscallthemunder“main()”function.Wedoexactlythat.

Atthesametimewehavetwoseparatemethodsthatbeginwiththeword“test”.Themethodsare“test_PyVar()”and“test_main()”.

<code>#!/usr/bin/python3#coding=utf-8

importsys,datetimedefPyVer():print("ThisisPythonVersion:{}.{}.

{}".format(*sys.version_info))defPyTime():PresentTime=datetime.datetime.now()print(PresentTime)print(PresentTime.year,PresentTime.month,

PresentTime.day,PresentTime.hour,PresentTime.minute,PresentTime.second,

PresentTime.microsecond)#print(obj)defmain():PyVer()PyTime()deftest_Pyvar():PyVer()deftest_Main():PyTime()if__name__=="__main__":main()<code>

Whenyourunthiscode,yourmain()functioncallsthetwomethodsdefinedinsideit.Andtheoutputbelowiswhatisexpected.

</blockquote>ThisisPythonVersion:3.4.22016-04-2223:30:30.4356912016422233030435691</blockquote>

Now,inacompletelyseparatefolder,wewouldliketorunthe“unittest”moduleandseewhetherthiscodepassesorfails.Sincewehavealreadyrunthecodeandgottenasuccessfuloutput,wecansafelysaythatthiscodewillpassthetest.

Thenameofourunittestingcodeis“TestUnitTest.py”andthecodelookslikethis:

<code>#!/usr/bin/python3#coding=utf-8importMyProject.BrainAndSoul.saytimedateimportunittestclassSayTiemDate(unittest.TestCase):defsetUP(self):passdeftest_Version(self):

self.assertEqual(MyProject.BrainAndSoul.saytimedate.PyVer(),MyProject.BrainAndSoul.saytimedate.test_Pyvar())

deftest_Time(self):self.assertEqual(MyProject.BrainAndSoul.saytimedate.main(),MyProject.BrainAndSoul.saytimedate.test_Main())

if__name__=="__main__":unittest.main()</code>

Whatdoesthiscodesay?Asyousee,therearetwomethods:“test_Time()”and“test_Version()”.Wehavenotpassedanyargument.Boththemethodscallonedefaultmethodfromthe“unittest”module.Andthatis“assertEqual()”.Throughthismethodwehavepassedtwomethodsthatwehavedefinedearlierinthe“MyTest/BrainAndSoul”folder.InsidethatfolderwehaveaPythonfilecalled“saytimedate.py”.Wearenowcomparingtwomethodsthroughour“unittest”module.

Finallyitgivesaniceoutputlikethisifeverythingrunsproperly.

<blockquote>Testingstartedat8:58PM...ThisisPythonVersion:3.4.2ThisisPythonVersion:3.4.2Processfinishedwithexitcode0</blockquote>

Whenyourunthecodeitlookslikethefollowingimageinyour“PyCharm”IDE.

Figure21-1. UnittestinPyCharmIDE

Ifwerunthatcodeagainwemaygetanoutputlikethis:

<blockquote>ThisisPythonVersion:3.4.22016-04-2305:47:23.6088532016423547236088532016-04-2305:47:23.608951201642354723608951ThisisPythonVersion:3.4.2ThisisPythonVersion:3.4.2..---------------------------------------------------

-------------------Ran2testsin0.001s

OK

Processfinishedwithexitcode0</blockquote>

Nowfortestingpurposeswechangeoursourcecodeandmakesome

mistakesintentionallytoseewhetherour“unittest”modulefailsornot.Ifthereisanyerror,theoutputwillchangeandgiveanerrormessage

somethinglikethis:

<blockquote>ThisisPythonVersion:3.4.22016-04-2305:51:45.994547201642355145994547ThisisPythonVersion:3.4.2ThisisPythonVersion:3.4.2E.===================================================

===================ERROR:test_Time(__main__.SayTiemDate)---------------------------------------------------

-------------------Traceback(mostrecentcalllast):File

"/home/ss/FirstPythonProjects/PlayWithPython-master/MyTest/TestUnitTest.py",line17,intest_Time

self.assertEqual(MyProject.BrainAndSoul.saytimedate.main(),MyProject.BrainAndSoul.saytimedate.test_Main())

File"/home/ss/FirstPythonProjects/MyProject/BrainAndSoul/saytimedate.py",line20,inmain

PyTime()File

"/home/ss/FirstPythonProjects/MyProject/BrainAndSoul/saytimedate.py",line15,inPyTime

print(obj)NameError:name'obj'isnotdefined

----------------------------------------------------------------------

Ran2testsin0.001s

FAILED(errors=1)


Nowyoucantrytorunmoreunittestingmodules.Hereisanotherexamplewherethetestissuccessful.

(1)


22.SocketandNetworking

SanjibSinha1


ThischapteriskindofanintroductiontotheadvancedconceptsofPython.Sincethisisthefinalchapter,Iwouldliketotellyouaboutwhereyoucangofromhere.

YoucaneitherbuildwebapplicationswiththehelpofPythonoryoucandosomesecuritynetworkingstuff.Finally,likeme,youcanchoosetheinterestingpathofethicalhacking.AllthesethingsandmoreyoucandothroughPython.

LetusseehowwecanapplyourbasicknowledgeofPythoninsocketandnetworking.WritedownthiscodeonyourIDEandseewhatoutputyouget.

<code>#coding=utf-8importsocketprint(socket.gethostbyname("www.mesanjib.wordpress.

com"))print(socket.gethostbyname("www.sanjib.pythonanywhe

re.com"))

</code>

Theoutputislikethisinmymachine.Youcantestanyotherwebsitetogetitsaddress.Thisisthetipoftheiceberg.Lotsofthingsareinside.Itisbetterforyoutoseeeverythingthatisinsidethanformetotellyou,asIfeelyoushouldconcentrateontryingtowritebasicconceptsofPythonmoreandmore.

<blockquote>192.0.78.12

50.19.109.98


InthefurtherstudyoftherelationshipbetweenethicalhackingandPython3,you’llfindthesesocketandnetworkingconceptsextremelyuseful.

LetusmovefurthertoPartThreeofthebook,wherewe’lllearnaboutanonymity.

Anethicalhackershouldalwaysremainanonymous.Why?Letussee.

(1)


23.ImportingNmapModule

SanjibSinha1


Nmap(NetworkMapper)isasecurityscanner.ItwasoriginallywrittenbyGordonLyon(alsoknownbyhispseudonymFyodorVaskovich).Thistoolisparticularlyusedtodiscoverhostsandservicesonacomputernetwork.Whilefindingthehostsandservicesitcreatesa“map”ofthenetwork.Forthisreasomithasbeenwidelycalled‘Nmap’oryoucanalsocallit‘NetworkMapper ’.Itisregardedasanessentialtoolinyourpursuittobeagoodandcompetentethicalhacker.

Togetthebestresults,Nmapusuallysendsspeciallycraftedpacketstothetargethostandthenanalyzestheresponsesandfindswhatportsareopen.Italsoassessesthevulnerabilityofacomputernetwork.

Thissoftwarewidelyusedbythehackershasnumberoffeatures.Itactuallyprobescomputernetworks,discoveringhostsandservices.Italsodetectsoperatingsystemanditdecidesthevulnerabilityofthesystemsbyfindingtheopenports.

Pythonactuallyextendsthesefeaturessothatyoucaneasilydomoreadvancedservicedetection,vulnerabilitydetectionandotherthings.

Letusfirstcheckwhether‘Nmap’moduleofpythonhasalreadybeeninstalledinoursystemornotbyissuingasimplecommandontheterminal.

nmap

Itgivesusalonglistingwhichisveryimportant.Manythingsyoucanlearnfromthislistingasitsaysabouttheversion,usagesandattheenditalsosayswhereyoucangetthemanualformorereading.

Nmap6.40(http://nmap.org)Usage:nmap[ScanType(s)][Options]{target

specification}TARGETSPECIFICATION:Canpasshostnames,IPaddresses,networks,etc.Ex:scanme.nmap.org,microsoft.com/24,

192.168.0.1;10.0.0-255.1-254-iL<inputfilename>:Inputfromlistof

hosts/networks-iR<numhosts>:Chooserandomtargets--exclude<host1[,host2][,host3],...>:Exclude

hosts/networks--excludefile<exclude_file>:Excludelistfrom

fileHOSTDISCOVERY:-sL:ListScan-simplylisttargetstoscan-sn:PingScan-disableportscan-Pn:Treatallhostsasonline--skiphost

discovery-PS/PA/PU/PY[portlist]:TCPSYN/ACK,UDPorSCTP

discoverytogivenports-PE/PP/PM:ICMPecho,timestamp,andnetmask

requestdiscoveryprobes-PO[protocollist]:IPProtocolPing-n/-R:NeverdoDNSresolution/Alwaysresolve

[default:sometimes]--dns-servers<serv1[,serv2],...>:Specifycustom

DNSservers--system-dns:UseOS'sDNSresolver--traceroute:TracehoppathtoeachhostSCANTECHNIQUES:-sS/sT/sA/sW/sM:TCP

SYN/Connect()/ACK/Window/Maimonscans-sU:UDPScan-sN/sF/sX:TCPNull,FIN,andXmasscans--scanflags<flags>:CustomizeTCPscanflags-sI<zombiehost[:probeport]>:Idlescan-sY/sZ:SCTPINIT/COOKIE-ECHOscans-sO:IPprotocolscan

-b<FTPrelayhost>:FTPbouncescanPORTSPECIFICATIONANDSCANORDER:-p<portranges>:OnlyscanspecifiedportsEx:-p22;-p1-65535;-pU:53,111,137,T:21-

25,80,139,8080,S:9-F:Fastmode-Scanfewerportsthanthedefault

scan-r:Scanportsconsecutively-don'trandomize--top-ports<number>:Scan<number>mostcommon

ports--port-ratio<ratio>:Scanportsmorecommonthan

<ratio>SERVICE/VERSIONDETECTION:-sV:Probeopenportstodetermine

service/versioninfo--version-intensity<level>:Setfrom0(light)

to9(tryallprobes)--version-light:Limittomostlikelyprobes

(intensity2)--version-all:Tryeverysingleprobe(intensity

9)--version-trace:Showdetailedversionscan

activity(fordebugging)SCRIPTSCAN:-sC:equivalentto--script=default--script=<Luascripts>:<Luascripts>isacomma

separatedlistofdirectories,script-filesorscript-

categories--script-args=<n1=v1,[n2=v2,...]>:provide

argumentstoscripts--script-args-file=filename:provideNSEscript

argsinafile--script-trace:Showalldatasentandreceived--script-updatedb:Updatethescriptdatabase.--script-help=<Luascripts>:Showhelpabout

scripts.<Luascripts>isacommasepartedlist

ofscript-filesor

script-categories.OSDETECTION:-O:EnableOSdetection--osscan-limit:LimitOSdetectiontopromising

targets--osscan-guess:GuessOSmoreaggressivelyTIMINGANDPERFORMANCE:Optionswhichtake<time>areinseconds,or

append'ms'(milliseconds),'s'(seconds),'m'(minutes),or'h'(hours)to

thevalue(e.g.30m).-T<0-5>:Settimingtemplate(higherisfaster)--min-hostgroup/max-hostgroup<size>:Parallel

hostscangroupsizes--min-parallelism/max-parallelism<numprobes>:

Probeparallelization--min-rtt-timeout/max-rtt-timeout/initial-rtt-

timeout<time>:Specifiesproberoundtriptime.--max-retries<tries>:Capsnumberofportscan

proberetransmissions.--host-timeout<time>:Giveupontargetafter

thislong--scan-delay/--max-scan-delay<time>:Adjust

delaybetweenprobes--min-rate<number>:Sendpacketsnoslowerthan

<number>persecond--max-rate<number>:Sendpacketsnofasterthan

<number>persecondFIREWALL/IDSEVASIONANDSPOOFING:-f;--mtu<val>:fragmentpackets(optionally

w/givenMTU)-D<decoy1,decoy2[,ME],...>:Cloakascanwith

decoys-S<IP_Address>:Spoofsourceaddress-e<iface>:Usespecifiedinterface-g/--source-port<portnum>:Usegivenportnumber--data-length<num>:Appendrandomdatatosent

packets

--ip-options<options>:Sendpacketswithspecifiedipoptions

--ttl<val>:SetIPtime-to-livefield--spoof-mac<macaddress/prefix/vendorname>:

SpoofyourMACaddress--badsum:SendpacketswithabogusTCP/UDP/SCTP

checksumOUTPUT:-oN/-oX/-oS/-oG<file>:Outputscaninnormal,

XML,s|<rIptkIddi3,andGrepableformat,respectively,tothe

givenfilename.-oA<basename>:Outputinthethreemajorformats

atonce-v:Increaseverbositylevel(use-vvormorefor

greatereffect)-d:Increasedebugginglevel(use-ddormorefor

greatereffect)--reason:Displaythereasonaportisina

particularstate--open:Onlyshowopen(orpossiblyopen)ports--packet-trace:Showallpacketssentand

received--iflist:Printhostinterfacesandroutes(for

debugging)--log-errors:Logerrors/warningstothenormal-

formatoutputfile--append-output:Appendtoratherthanclobber

specifiedoutputfiles--resume<filename>:Resumeanabortedscan--stylesheet<path/URL>:XSLstylesheetto

transformXMLoutputtoHTML--webxml:ReferencestylesheetfromNmap.Orgfor

moreportableXML--no-stylesheet:PreventassociatingofXSL

stylesheetw/XMLoutputMISC:-6:EnableIPv6scanning-A:EnableOSdetection,versiondetection,

scriptscanning,andtraceroute--datadir<dirname>:SpecifycustomNmapdata

filelocation--send-eth/--send-ip:Sendusingrawethernet

framesorIPpackets--privileged:Assumethattheuserisfully

privileged--unprivileged:Assumetheuserlacksrawsocket

privileges-V:Printversionnumber-h:Printthishelpsummarypage.EXAMPLES:nmap-v-Ascanme.nmap.orgnmap-v-sn192.168.0.0/1610.0.0.0/8nmap-v-iR10000-Pn-p80SEETHEMANPAGE(http://nmap.org/book/man.html)

FORMOREOPTIONSANDEXAMPLES

YoucangetmoreaboutNetworkMapperintheinternet.Pleasefollowtheselinks.

http://nmap.org/http://nmap.org/book/man.htmlhttps://nmap.org/book/inst-other-platforms.htmlhttps://nmap.org/book/inst-windows.htmlhttps://nmap.org/book/vscan.htmlIfinyour‘Linux’versionofdefaultoperatingsystemyoudon’tgetthis

listingyoucaninstall‘Nmap’byissuingasimplecommand.

sudoapt-getinstallnmap

InyourvirtualmachineifyourunkaliLinux,you’llfindthat‘Nmap’hasalreadybeeninstalled.

Nowafterthisinstalltionpartisoverwecanveryquicklyhaveashortpythonscripttoseehowour‘Nmap’moduleisworking.

You’vealreadylearnedhowtouse‘nano’texteditoronyourterminal.Soopenitupwiththiscommand:

sudonanotest.py

http://nmap.org/

http://nmap.org/book/man.html

https://nmap.org/book/inst-other-platforms.html

https://nmap.org/book/inst-windows.html

https://nmap.org/book/vscan.html

Itwillfirstaskforyourrootpasswordandthenopenupthenanotexteditoronyourterminal.Writeashortscriptlikethis:

#!/usr/bin/pythonimportnmapnm=nmap.PortScannerAsync()defcallback_result(host,scan_result):print('------------------')print(host,scan_result)nm.scan('127.0.0.1',arguments="-O-v",

callback=callback_result)whilenm.still_scanning():print("Waiting>>>")nm.wait(2)nm1=nmap.PortScanner()a=nm1.nmap_version()print(a)

Ifyourunyour‘test.py’script,you’dgetthisoutput:

Waiting>>>------------------('127.0.0.1',None)(6,40)

It’syourlocalhostaddress.Butweareinterestedabouttheremotetarget.RunupthekaliLinuxinyourVirualBoxandopenthe‘Tor ’browser.

Search‘whatismyipaddress’.ItwillgiveyouananonymousIPaddressallthetime.EachtimeyousearchthatIPaddresschanges.

Inyourcaseitmaycomeoutas:

x.x.xx.xxxISP:SomeInternetLTD

It’susuallytoofarfromyouroriginallocation!Anyway,youcantesttheIPandseetheresult.Butit’sagoodpracticetotesttheIPofhttp://nmap.org

http://nmap.org

(1)


24.BuildinganNmapNetworkScanner

SanjibSinha1


Nowwe’rereadytodomorenetworktestingusingpythonscripts.Andthistimewe’lltrytobuildupamorerobustscannerandwe’llalsotrytodetecttheopenportsandseeifthereareanyvulnerabilities.

Letuswritethepythonscriptfirst.Andafterthatwe’llseetheoutput.Letuschangethe‘test.py’scripttothis:

#!/usr/bin/pythonimportnmapnm=nmap.PortScanner()print(nm.nmap_version())nm.scan('x.x.xx.xxx','1-1024','-v')print(nm.scaninfo())print(nm.csv())

Here‘-v’standsforversionandthe‘1-1024’standsfortherangeoftheportnumbers.

It’saverysmallscriptbutseethepowerofitintheoutput.

hagudu@hagudu-H81M-S1: $./test.py(6,40){'tcp':{'services':'1-1024','method':

'connect'}}host;hostname;hostname_type;protocol;port;name;stat

e;product;extrainfo;reason;version;conf;cpex.x.xx.xxx;host3.x0x;PTR;tcp;22;ssh;open;;;syn-

ack;;3;x.x.xx.xxx;host3.x0x;PTR;tcp;25;smtp;open;;;syn-

ack;;3;x.x.xx.xxx;host3.x0x;PTR;tcp;53;domain;open;;;syn-

ack;;3;x.x.xx.xxx;host3.x0x;PTR;tcp;80;http;open;;;syn-

ack;;3;x.x.xx.xxx;host3.x0x;PTR;tcp;137;netbios-

ns;filtered;;;no-response;;3;x.x.xx.xxx;host3.x0x;PTR;tcp;138;netbios-

dgm;filtered;;;no-response;;3;x.x.xx.xxx;host3.x0x;PTR;tcp;139;netbios-

ssn;filtered;;;no-response;;3;x.x.xx.xxx;host3.x0x;PTR;tcp;445;microsoft-

ds;filtered;;;no-response;;3;

Itshowsthatalltogetherfourportsareopen.Theyare:22,25,53and80.Andtheothersarefiltered.

BeforegoingtotestanotherportandthistimewecanshowtheIPasit’sofhttp://nmap.org,letushaveaveryquickfactsabouttheportterminology.Youcanalsofindthelegalsideofscanningexplainedhere:https://nmap.org/book/legal-issues.html.

Portisanaddressablenetworklocation.It’sideallyimplementedinsidetheoperatingsystemandthisOShelpsustodiscriminatewebtraffic.Thistrafficisdestinedfordifferentapplicationsorservices,likesomefor‘mail’,somefor‘HTTP’andsoandso.

Nextwe’reinterestedaboutthePortscanning.Inoneword,it’satypeofprocessandthisprocessusuallytriestoconnecttoanumberofsequentialports,asyouhavejustseenintheaboveoutput.Wewanttoknowwhichportsareopenandwhatservicesandoperatingsystemarebehindthem.

LetusscananotherIPaddress(http://nmap.org)andindoingthatwehavechangedthepythonscriptalittlebit.

#!/usr/bin/pythonimportnmapnm=nmap.PortScanner()print(nm.nmap_version())nm.scan('192.168.146.1','1-1024','-v')print(nm.scaninfo())

http://nmap.org

https://nmap.org/book/legal-issues.html

http://nmap.org

print(nm.csv())


(6,40){'tcp':{'services':'1-1024','method':

'connect'}}host;hostname;hostname_type;protocol;port;name;stat

e;product;extrainfo;reason;version;conf;cpe192.168.146.1;;;tcp;25;smtp;open;;;syn-ack;;3;192.168.146.1;;;tcp;53;domain;open;;;syn-ack;;3;192.168.146.1;;;tcp;80;http;open;;;syn-ack;;3;

Theopenportsare25,53and80.Therearenofilteredportsshowingonthismachine.

LetusgetallhostsfromthatIPwithalittlechangeinourpreviousscript.Thistimewereducetherangesothatourprogramwon’trunforlong.

#!/usr/bin/pythonimportnmapnm=nmap.PortScanner()print(nm.nmap_version())nm.scan('192.168.146.1','22-455','-v--version-

all')print(nm.all_hosts())

Wehavechangedthenumberofportsinlinenumberfive.Wealsoremovedlasttwolinesandwanttoseeifwecangetmoredatafromthatmachine.

Theoutputshowsthatthereisonlyonehost.

(6,40){'tcp':{'services':'22-455','method':

'connect'}}['192.168.146.1']

LetuschangeandgobacktothepreviousIPandseetheoutput.

#!/usr/bin/pythonimportnmap

nm=nmap.PortScanner()print(nm.nmap_version())nm.scan('x.x.xx.xxx','22-455','-v--version-all')print(nm.all_hosts())

Nothingchanges.Theoutputtellsusabouttheonlyonehost.Therearemoretocome.Aswewantmoreinformationweshouldideallychangeour‘test.py’code.

#!/usr/bin/pythonimportnmapnm=nmap.PortScanner()print(nm.nmap_version())nm.scan('192.168.146.1','22-1024','-v--version-

all')print(nm.scanstats())print(nm['192.168.146.1'].state())print(nm['192.168.146.1'].all_protocols())print(nm['192.168.146.1']['tcp'].keys())

Thistimetheoutputismoreverbose.

(6,40){'uphosts':'1','timestr':'MonOct309:53:35

2016','downhosts':'0','totalhosts':'1','elapsed':'5.73'}

up['tcp'][80,25,53]

Youseethatonehostisup.Thereisnodownhostsandthenumberoftotalhostis1asexpected.We

alsoseetheexacttimewhenthescanisbeingexcutedandthetimeelapsed.Letusdigabitfurther.Wehaveusedtheportrange‘1-1024’.Normallyportsbelow1024are

associatedwithLinuxandUnixlikeservices.Thisoperatingsystemsareconsideredtobevitalforessentialnetworkfunctions.ForthatreasonyoumusthaverootprivilegestoassignservicestothesetypeofOS.

Ifyouwanttogobeyond1024,thereareeither‘registered’or‘private’

ports.Portsbetween49152and65535aresupposedtobeforprivateuse.Letusconsiderthefirstoutputandtrytounderstandwhatportisusedfor

whatpurposes.

x.x.xx.xxx;host3.x0x;PTR;tcp;22;ssh;open;;;syn-ack;;3;

x.x.xx.xxx;host3.x0x;PTR;tcp;25;smtp;open;;;syn-ack;;3;

x.x.xx.xxx;host3.x0x;PTR;tcp;53;domain;open;;;syn-ack;;3;

x.x.xx.xxx;host3.x0x;PTR;tcp;80;http;open;;;syn-ack;;3;

x.x.xx.xxx;host3.x0x;PTR;tcp;137;netbios-ns;filtered;;;no-response;;3;

x.x.xx.xxx;host3.x0x;PTR;tcp;138;netbios-dgm;filtered;;;no-response;;3;

x.x.xx.xxx;host3.x0x;PTR;tcp;139;netbios-ssn;filtered;;;no-response;;3;

x.x.xx.xxx;host3.x0x;PTR;tcp;445;microsoft-ds;filtered;;;no-response;;3;

Port22isusedfor‘SSH’.Itstandsfor‘SecureSocketShell’.It’sanetworkprotocolwithwhichadministratorsaccessaremotecomputerinasecureway.

Port25isforSMTPormail.Port53standsforDNSServices.Port80isforwebtraffic.Port137,138and139aregrabbedbyMicrosoftfortransportingtheir

NetBIOSprotocoloverIPbasedLANandWANnetworks.Lastlytheport445isusedforMicrosoftDirectoryServices.Forfurther

readingaboutthisportyoumayfindthislinkinteresting:https://www.grc.com/port_445.htm.

https://www.grc.com/port_445.htm

PartIII

(1)


25.ProtectAnonymityontheInternet

SanjibSinha1


Thisisveryimportantforethicalhackers.YouneedtostayanonymousandhideyourIPaddresswhileyouareintheworldofethicalhacking.Thereareseveralwaystodothat.Wewilldiscussinthischapterhowwecandothat.

Thereareproxies.Itmeansyouareroutingthroughdifferentroutersbutitcouldbeveryslowandnotatyourhand.Anotherdownsideofusingproxiesisyoudon’tknowanythingabouttheotherside.Youareinthedarkabouttheserversthroughwhichyourpacketsaremoving.Sothatcouldveryrisky.Youmayaskwhythatisdangerous.Iwoulddosomekindof“mappingthenetwork”sortofjob.Itisharmless.Maybeso.Butitisnotonlyrestrictedtothatpart.Usingproxy,youmaywanttologintosomeserver.Onceyouhavetypedinyourpassword,itcouldbehijacked.

Howcanyousolvethisproblem?Thereisaterm:“VPN.”You’veprobablyheardof“virtualprivatenetwork

.”Whatisthat?Itisbasicallyakindofservicethatyouareusingforencryptingyourtraffic.Anditisveryfast.Inthefuture,whenyouworkasaprofessional,youhavetohireaVPNservice.Itisnotverycostly.Forthetimebeingwecoulddoitforfree,justforeducationalpurposes.

ButonceyouencryptyourtrafficthroughVPN,itisrecognizable.Whathappensifanagencyaskstheserviceprovidersforyourdata?Normally,toavoidthatyouneedtobechoosy.Youneedtohireaservicefromacertainpartoftheworldwhereprivacyisstrictlymaintained.

Butaftersayingthatandhopingforthebest,I’ddefinitelynotrecommendyoutodoyourwhitehatethicalhackingusingproxiesorVPNs.Basically,youmaywanttodothatforbypassingthefirewallsettingorthatsortofthing.Besides,someVPNservicesdon’tallowIPaddressestousetheirservices

beyondarange.SupposeyourIPaddressbelongsoutsideofthatrange.ButpeopleoftenuseproxiesorVPNs—notalwaysfordoingsomethingmaliciousliketakingdownaserverorstealingdata.Peoplemightwanttohidetheirlocationjustwhentheyaretraveling,orthatkindofthing.Apparentlythistypeofactivitystayswithinthelaw.

ThereisanotherproblemthatmightcropupwhileyouaccessacertaintypeofserverthatusuallyallowsIPaddressesfromacertainregion.Inthatcase,ifyouuseanIPaddressfromChinaorRussia,thenetworkadministratorwouldcertainlygoafteryou.Soitisaconsistentproblemthatkeepscomingandtormentingyoufromtimetotimeandinthecomingchapterswewouldlikeaddressthoseproblems.

(1)


26.DarkWebandTor

SanjibSinha1


Inthemeantimewewillhaveaveryquicklookatthedarkweborhiddenweb.Idon’tknowwhetherornotyouhaveheardaboutitbefore.

Therumoristhe“darkweb”or“deepweb”consistsofamajorportionoftheInternet.Itissomethinglike“darkmatter”thatconsistsof97or98percentofthemassoftheuniverse.Itisstillunknownwhatitisactually,exceptforafewthings.

Peoplesaythedarkwebisfullofinformationthatweusuallydon’tgetnormally.Andyoucan’taccessthedarkwebthroughyournormalbrowser.Youneedaspecialkindofbrowsertoenterintothatmazeofmysteries.

IshouldwarnyoubeforeyoutryTorandenterthedarkweb.Therearelotsofillegalactivities,generallygoingonoutsideournormalperception.Itcouldbelikehumantrafficking.Itcouldbelikeillegalarmsdealing.Itcouldbelikehiringkillersandwhatnot.Butinthisbookwearenotinterestedinthem.Ourmainconcernisknowledge.Wereachtheresothatwecanhaveanideawhatisgoingactuallygoingoninthedarkweb.

Asanethicalhacker,youneedtoknoweverythingforoneandonlyonepurpose.Youneedtofightagainstamaliciousattack.Youarelearningtodefendyourself,notattackingsomebody.Buttodefendyourself,youneedtoknowallthetacticsthatyourenemyoftenuses.Maybepolicewillseekyourhelptotrackdownachildabuser.Withoutknowingthepropercharacterofthedarkweb,youcan’tdothat.Ifyoudon’tknowhowtohideyourIPaddresshowcouldyoulocateacriminalwhoishidinghisreallocation?

Besides,youneedtoknowanotherimportantthing.Thedarkwebisnotalwaysbadinthatsense.Youmayfindmanyreputedwhitehatorgrayhathackersincertainforumsthatarekeptcompletelyhiddenfromthewatchful

eyesofgovernmentagencies.Youmayfindrealhelpfulpeopleovertherewhomayhelpyousolveyourprobleminstantly.LikeWikipedia,therearehiddenwikithatwearesoongoingtosee,whereyoucanfindalotofinterestingthingstolearn.

HiddenWikipediaToreadthehiddenwikiweneedtoinstalltheTorbrowser.KaliLinuxdoesnotcomewithitbydefaultsoyouneedtoinstallit.

Figure26-1. Downloadsectionoftorproject.orgwebsite

Todothat,firstyouneedtologinasthenewuser:xman.ThenopenupthenormalbrowserandsearchfortheTorbrowser.JustgototheofficialsiteanddownloadthelatestversionforKaliLinux.Becarefulaboutcheckingthatitishttps://torproject.org,notanythingelse.Itmaycomewith“http://”withoutthe“s”.Simplyavoidthat.

Therearetwoversions:oneis32bitsandtheotheris64bits.Accordingtoyoursystemarchitecture,youneedtodownloadtheexactversion.Beforedownloading,itisgoodpracticetolearnaboutTorfromitsdocumentation.Therearetermsandconditionsthatyoumustfulfill.Andthemaintermisyoumuststaywithinthelaw.Youcan’tuseTorforanyillegalprocess.ToralsohidesyourIPaddress.Butthatisadifferentissue.

https://torproject.org

Oncedownloadiscomplete,youcanaccessthenecessaryfileinyour“Download”folder.Justrunit.

Figure26-2. Torbrowserisconnecting.

Onceitisconnected,itwillopenupitsdefaultfirstpage,whichyouwouldfindquitedifferentfromthenormalbrowser.Firstofall,youcantype“whatismyIP”andcheckwhatthatshows.

Itwilldefinitelybesomethingotherthantheregionwhereyouare.Butweneedoriginalhiddenwikiwebpagesthatwilltakeustothedarkweb.

Remember,thereareseveralwebsitesthatclaimtobeoriginalhiddenwiki.Soyouneedtobejudiciousaboutchoosing.Usuallytheycomewith“.onion”domainsandtheURLiscontinuallychanging.Soyoucantypeinsomethinglike“hiddenwikiurl”andseewhatyouget.

Figure26-3. TheoriginalhiddenWikipage

Themainproblemis:youcan’tdifferentiatetheoriginalhiddenwikifromtheotherfakeversions.Theaboveimageshowshowitmaylook.Theextensionisalways“.onion”.

Thehiddenwikimainlyconsistsoflargeamountofvariouslinks.Manyofthemaresimplyillegalandcheap.Itseemslikeabigmarketwherelotsofsmuggledgoodsaresold.Nevertrytobuyanythingfromhere.Thoughitistemptingtobuysomethingverycostlyatonethirdofitsoriginalprice,itisnotcertainthatitwillreachyou.Moreover,thereiseverypossibilitythatyourdebitorcreditnumberiscracked.

Butinthisso-calledinterestingmarket,therearelotsofreallyusefulthingsthatmaycometoyourhelp.Oneofthemistheforumorchatsectionwherereputedhackersoftendiscussmanyinterestingthingsthatyoudon’tseeusuallyinanyopenforum.

Atthesametime,youneedtobecarefulaboutusinganycodecomingfromtheseforumsorchatsjustbecauseoftheanonymity.Itisnotadvisabletousethatcodeinyouroriginalmachine.

Thatcouldbedangerous!Letusopenupaforumsiteandseejusthowitlooks.Theyusuallycomeup

withablackbackground,asiftheyrepresentthedarkwebproperly.

Figure26-4. OneofthehiddenWikipages—thatcouldbevague

Onethingyoubetterkeepinmind:Torbrowserisfineaslongasyouwanttolearnsomethingnew.Itisnotmeantfordoingsomedubiousthings.Therearelotsofcheapattractionsthatwoulddefinitelytrytograbyourattentionorevenforceyoutogotowardsthem.Becarefulaboutchoosingthesitesyouarevisiting.Aslongasitisahacker ’sforum,itisperfectlyokay.Butonceyougobeyondthelimitwithoutstayingwithinthelaw,itcouldbedangerous.

Nowwe’llmoveontothingsthataremoredirectlyconnectedtorealworldethicalhacking.Butbeforethat,weneedtoseehowproxychainsandVPNswork.

YourlittleknowledgeofLinuxcommandswillcomeinhandy.Fromnowon,everythingwedowillbeontheKaliLinuxterminal.SobootupyourKalivirtualmachineandopenupyourterminal.Firstwewilllearnaboutproxychainsand,withthehelpofthistool,howwecanhideourIPaddressandgainaccesstoaremoteserver.

(1)


27.ProxyChains

SanjibSinha1


Thenamesuggestsitstruemeaning.Tokeepanonymityweneedseveralproxies.Behindtheseproxieswecanhideourtrueidentity.Itisnotsuccessfulallthetime.ButKaliLinuxgivesyouaspecialopportunitytochangetheconfigurationattherootsothatyoucanhideyourtrueidentitywhilebrowsingthewebusingTor.Actually,inthiscaseyouneedtoconfigureyour“prxychain.conf”file.YouhavealreadyinstalledTor.

Weneedtoopenuptheconfigurationfileusing“nano”texteditor.OpenupyourKaliLinuxterminalasarootuserandwritedownthis

command.

root@kali: #nano/etc/proxychains.conf

Itwillopenupthe“proxychains.conf”file.Therearethreetypesofproxiesthatyoucanuse.Butyoucan’tusealltheproxiesatthesametime.Letusfirstseehowthisfilelooks.Itis68lineslong.Butitisnotverycomplicatedifyouunderstandthelines.Thedocumentationsareclearandtothepoint.Herearethefirstfewimportantlines.

#TheoptionbelowidentifieshowtheProxyLististreated.

#onlyoneoptionshouldbeuncommentedattime,#otherwisethelastappearingoptionwillbe

accepted#dynamic_chain

##Dynamic-Eachconnectionwillbedonevia

chainedproxies#allproxieschainedintheorderastheyappear

inthelist#atleastoneproxymustbeonlinetoplayin

chain#(deadproxiesareskipped)#otherwiseEINTRisreturnedtotheapp

Whatdoesthismean?Itsaystheproxylisthasseveraloptions.Youmustknowhowyoushouldtreattheseoptions.Ifyoureadeveryline,you’dgetanideahowitworks.Therearethreetypesofproxies.Youneedtouncommentanyoneofthem.

Thefirstproxyis“dynamic-chain”.YouseethelineaboveandtheredcolorshowsthatIhaveuncommentedit.Therearetwomoreproxies:“strict_chain”and“random_chain”.Theyarecommentedout.Theyhavetheirowndescriptions.Letusreadthemboth.

#strict_chain##Strict-Eachconnectionwillbedoneviachained

proxies#allproxieschainedintheorderastheyappear

inthelist#allproxiesmustbeonlinetoplayinchain#otherwiseEINTRisreturnedtotheapp##random_chain##Random-Eachconnectionwillbedoneviarandom

proxy#(orproxychain,seechain_len)fromthelist.#thisoptionisgoodtotestyourIDS:)

Itisdescribedclearlyinthedocumentationthatcomesupalongwithit.SoIdon’telaborateitagain.Theadvantageofchoosing“dynamic_chain”overothersisclearlystated.Ifyourconnectiondoesnotgetone“workingproxy”thenitautomaticallyjumpstotheother.Theothertwodon’tgiveyouthat

opportunitytorouteyourtraffic.Letmeexplainitmore.Supposeyouhavetwoproxiesinplace:AandB.

Whathappensinthecaseof“strict_chain”isthatwhenyoubrowsewebpages,yourconnectionisroutedthroughAandBstrictly.ItmeansAandBshouldbeinorderandlive.Otherwiseyourconnectionsimplyfails.Inthecaseof“dynamic_chain”thisdoesnothappen.IfAisdownthenitjumpstotakeB.Itworksthatway.

Ihopethefirststepisclear.Letusconsiderafewotherimportantsteps.Inbetweenyougetalinelikethis:

#ProxyDNSrequests-noleakforDNSdataproxy_dns

Itisaveryimportantlinetobeconsideredseriously.YouseeIhaveuncommentedthe“proxy_dns”.Youcan’tallowDNSdatatobeleaked.Inotherwords,yourrealIPaddressshouldnotbeleakedbyanychance.ThatiswhyIhaveuncommentedthisline,sothatyourproxiesareinproperplaceworkingwithoutanyhitch.

Attheendofthelistyou’dfindthisline:

[ProxyList]#addproxyhere...#meanwile#defaultssetto"tor"socks4127.0.0.19050socks5127.0.0.19050

socks5185.43.7.1461080socks575.98.148.18345021

Pleaseinspectthelasttwolinesinred.Ihaveaddedthem.LetmeexplainwhyIaddedthem.Butbeforedoingthat,I’dliketoexplaintheexamplelinesjustgivenbefore.Theyreadlikethis:

#ProxyListformat#typehostport[userpass]#(valuesseparatedby'tab'or'blank')##

#Examples:##socks5192.168.67.781080lam

ersecret#http192.168.89.38080jus

tuhidden#socks4192.168.1.491080#http192.168.39.938080

Itclearlystateshowyourproxylistshouldbeformatted.Considerthefirstline:

#socks5192.168.67.781080lamersecret

Itmeans:thefirstoneisthe“type”oftheproxy.Itshouldbe“socks5”.Thesecondoneis:“host”.Thethirdoneis“port”andthelasttwowordsstandfor“username”and“password”incaseyoupayforit.Anotherimportantthingis:youmustseparatethewordseitherbyusing“tab”orbypressing“blank”.

Thereareseveralfreeproxiesyou’dfindsodon’tbotheraboutthelasttworightnow.Nowwecanagaingobacktothelastlinesthatwehavebeendiscussing.Inthelastlinesithasbeenmentionedthat“defaultssettotor”.

Beforeaddingthelasttwolinesyouneedtoaddthisline:

socks5127.0.0.19050

Weshoulddothatbecauseusuallyyour“proxychains.conf”filecomesupwithonly“socks4”,soyouneedtoadd“socks5”,whichsupportspresentmoderntechnology.Nowyoucantestyour“Tor”status.

Openupyourterminalandtype:servicetorstatusItwillfailifyoudon’tstartit.Sotype:servicetorstartItwillstarttheservice.

Figure27-1. Torisrunningthroughtheterminal

Andyoucanopenupyourbrowserthroughtheterminal.Justtype:proxychainsfirefoxwww.duckduckgo.comhttp://www.duckduckgo.com/

ThissearchenginedoesnotusuallytrackIPaddresses.YourbrowserwillopenupandyoucancheckyourIPaddressIPaddress.WewouldalsoliketoseetheDNSleaktestresult.Letusdothatbytyping“dnsleaktest”inthesearchengine.Thereareseveralservices;youcanclickanyoneofthemtoseewhatitsays.

http://www.duckduckgo.com

http://www.duckduckgo.com/

Figure27-2. DNSleaktest

Ifoundthe“www.dnsleaktest.com”isworkingtofindoutmyoriginalIPaddressandfailstofindout.ItshowsanIPlike“8.0.116.0”anditisfromGermany.Thisiswrong,asIamwritingthisnearCalcutta.

Youcansimultaneouslytestthesameinyournormalbrowserandyou’llfindyouractualIPaddress.

(1)


28.VirtualPrivateNetworkorVPN

SanjibSinha1


FromtheverybeginningItrytoemphasizeonething.Ethicalhackingstartswithonesingleconcept:anonymity.

Youfirstmustensurethatyou’reanonymous.Youhaveleftnotracebehindyourback.Yourwholejourneyishiddenandnoonecantraceyourroutelater.

Wehavediscussed“Tor”browserand“proxychains”.Wehaveseenhowwecanusethem.AnotherveryimportantconceptinthisregardisvirtualprivatenetworkorVPN,forshort.

ItbasicallydealswiththeDNSserversettings.ADNSservernormallychecksthetrafficfiltering.SoifyoucanchangeyourDNSserversettinginyourroot,youcanmisguidethatreading.

Howcanwedothat?OpenyourKaliLinuxterminalandtype:

cat/etc/resolv.conf

Itwillshowsomethinglikethis:

#GeneratedbyNetworkManagernameserver192.168.1.1

Inyourterminalthereiseverypossibilitythatit’dshowsomethingelse.Thisisyourhomegateway,whatkindofrouteryou’reusing;itisjustshowingthatinformation.Basicallywe’regoingtochangethissothatwhenweagaintestourIPaddress,theDNSservercan’tfilterthetrafficproperly.

InmyterminalwhenItypethesamecommand,itreadslikethis:

nameserver208.67.222.222nameserver208.67.220.220

IfyouguessedthatIhadactuallychangedthis,youareright.Ihavechangedit.WhyIhavechangedthis?Letmeexplain.

Youneedtounderstandtheconceptof“nameserver”first.Whatdoesitdo?TheLANIPaddressactuallyforwardsthetraffictoDNSservers,whichinturnresolvethequeriesandsendthetrafficbackaccordingly.

Indoingthisitalsorecordstheamountoftrafficyouarehavingthroughyourhomegateway.Wedon’tneedthat.Whydon’tweneedthat?Weneedtobeanonymous.Sothatisthemainreasonbehindchangingthisnameserver.

WecandothatthroughvirtualprivatenetworkorVPN.Letusopentheterminalagainandtypeinthiscommand:

nano/etc/dhcp/dhclient.conf

Itwillopentheconfigurationfilewherewewillchangethenameserveraddress.

Letusseehowitlooks.

Figure28-1. dhclient.conffileinnanotexteditor

I’veopeneditonmyUbuntuterminal.Butyouneedtochangeitonyour

KaliLinuxvirtualmachine.Younoticethattherearelotsofthingswrittenoverthere.Butwe’reinterestedaboutthislineinbetween:

prependdomain-name-servers127.0.0.1;

We’lluncommentthislinefirstandthenchangeit.TherearelotsofOpenDNSIPaddressesavailableontheweb.Searchwiththeterm“opendns”anditwillopenupalotofoptionsfromwhereyoucancopytheOpenDNSaddresses.Oneofthemis“opendns.com”.Letuscopytwoaddressesfromitandjustpastetheminplaceof127.0.0.1likethis:

prependdomain-name-servers208.67.222.222208.67.220.220;

Nowallyouneedtodoisonething.You’vegottorestartthenetworkmanager.TypethiscommandonyourKaliLinuxterminal:

servicenetwork-managerrestartNowyoucancheckyournameserveragain.It’llshowtwonewaddresses.Anotherthingisimportanthere.Youneedtocheckwhetherthemedia

connectionisenabledornot.OpenyourMozillabrowser(inKaliLinuxitis“Iceweasel”).Youfinditontopleftpanel.

Openthebrowserandtypein“about:config”.Itlookslikethis:

Figure28-2. about:configimageonyourMozillabrowser

IfyouuseChromeorOpera,thiswillshowsomethingelse.Youneedtoclickandenterintoit.Enteringintoitwillassureyouasearchpanelonthetopwhereyouwillenterthesearchterm:“media.peerconnection.enabled”.

Letusseehowitlooks.

Figure28-3. Check“media.peerconnection.enabled”trueorfalse

Intheaboveimage,itisshown“true”.YouneedtodoubleclickitandmaketheBooleanvalue“false”.

Nowyoucansearchforthefreeopenvirtualprivatenetwork.Remember,peopleoftenbuythesamethingandpayaheftypriceforit.Buttheyarenotsecureallthetime.Whytheyarenotsecure?Itisbecause,sometimes,whenacountry’snationalsecurityisunderattackandtheywanttheinformation,servercompanieshavetogiveittothemunderpressure.SoallalongIhavetriedtoemphasizeonething:nevertrytogoabovethelaw.Ethicalhackingisallaboutsomethingthatstrictlymaintainsoneandonlyprinciple:stayingwithinlaw.

Youlearneverythingforyourself-defense,notforanykindofattackinadvance.Anyway,inthischapterourmaintargetishowwecanhidetheDNSserverfromourISPprovider.

WehavesearchedaboutopenVPNandfound“www.vpnbook.com”.Wearegoingtodownloadfromthissite.Ontheright-handpanel,you’llfindthenameoftheproviders.Itvariesfromtimetotime.Fromwhichcountryyou’lldownloadreallydoesn’tmatteraslongasitworks.

Whiledownloadingyou’llnoticethatacombinationofusernameandpasswordisgiven.Copythemandsavethemsomewhereasyou’llneedthemwhenyourunvirtualprivatenetworkinyourmachine.

InthedownloadsectionofyourKaliLinuxyouhaveazippedversionofVPN.Unzipitfirstandthenrunit.Howyoucandothat?LetmeopenmyKaliLinux“Download”sectionandseewhatIsee.

sanjib@kali: $cdDownloads/sanjib@kali: /Downloads$lsvpnbook-euro1-tcp443.ovpnvpnbook-euro1-tcp80.ovpnvpnbook-euro1-udp25000.ovpnvpnbook-euro1-udp53.ovpn

Togetthesameoutput,youhavetounzipyourVPNzippedversion.Nowissuethiscommand:

openvpnvpnbook-euro1-tcp443.ovpn

Ifthemachinesaid,“openvpncommandnotfound”,youwouldhavetoinstallit.InstallinganythingthroughtheterminalisquiteeasyinLinux.Searchovertheweb;therearetonsoftutorialsthatwillguideyouaboutthat.Usuallyitisdonebythe“apt-get”command.

Whenyoutrytorun“openvpn”itwillaskfortheusernamefirst.Thenit’llaskforthepassword.Oncethisprocessiscomplete,it’lltrytobuildtheconnection.Youneedtowaitforsometime.Unlessyougetamessage,“initializationcomplete”,youcan’topenyourbrowser.Itmaytakeseveralminutes.Usuallyittakestwominutesminimum.

Ifyou’renotlucky,itmaybesometime—notalways,ofcourse.Thismessagewon’tcropup.Inthatcase,itsays,“connectionfailed”.

Onceyougetthemessage,“initializationcomplete”,youcanopenthebrowserandsearchthrough“www.duckduckgo.com”.Thissearchengineusuallydoesn’ttracktheuser ’srecord.

YourfirstjobwillbecheckingtheDNSleak.Goforitandyou’lldefinitelyfindachangedIPaddress.

ItmeansyouhavesuccessfullyconnectedthroughthevirtualprivatenetworkandyouroriginalISPDNSserveriscompletelyhidden.

(1)


29.MACAddress

SanjibSinha1


Wehavelearnedmanytrickssofar—allaboutanonymity.Butwe’llalwaystrytogotoahigherlevel.ChangingtheMACaddressfallsintothatcategory.

Inasimpleway,itisyourhardwareaddress.Basically,it’snotthehardwareaddressofyourmachine,butit’sthehardwareaddressofyournetworkcardthroughwhichyou’reconnectedtotheouterworld.

LetusstartourKaliLinuxvirtualmachineandopenuptheterminal.Issuethecommand:ipconfig.

It’llproducesomethinglikethis:

root@kali: #ifconfigeth0:

flags=4163<UP,BROADCAST,RUNNING,MULTICAST>mtu1500inet10.0.2.15netmask255.255.255.0broadcast10.0.2.255inet6e80::a00:27ff:fef4:16ecprefixlen64scopeid0x20<link>

ether08:00:27:f4:16:ectxqueuelen1000(Ethernet)RXpackets19bytes1820(1.7KiB)RXerrors0dropped0overruns0frame0TXpackets31bytes2427(2.3KiB)TXerrors0dropped0overruns0carrier0collisions0

lo:flags=73<UP,LOOPBACK,RUNNING>mtu

65536inet127.0.0.1netmask255.0.0.0inet6::1prefixlen128scopeid0x10<host>looptxqueuelen0(LocalLoopback)RXpackets36bytes2160(2.1KiB)RXerrors0dropped0overruns0frame0TXpackets36bytes2160(2.1KiB)TXerrors0dropped0overruns0carrier0collisions0

Inyourcase,theoutputcouldbedifferent.We’reconcernedaboutthehardwareaddressofournetworkandwewanttochangeit.

Inbetween,you’veseentheredcoloredlinethatreads:ether08:00:27:f4:16:ec

ThisisKaliLinuxvirtualmachine’sMACaddressorlocalnetworkcardaddress.Nowinsomecasesitmightbelikethis:HWaddr08:00:27:f4:16:ec

Insomecasesitisdifferent.Theyarenetworkcards.TheycouldbeEthernetcards,wirelesscards,wirelessadapters,etcetera.

Butthisaddressisextremelyimportant,asitisusedtoidentifyyouinthevastwebworld.Thefirstthreedigitsarethesymbolsthatrepresentthemanufacturer.

Wecancheckitoutherealsobyissuingthiscommand:

root@kali: #macchanger-seth0CurrentMAC:08:00:27:f4:16:ec(CADMUSCOMPUTER

SYSTEMS)PermanentMAC:08:00:27:f4:16:ec(CADMUSCOMPUTER

SYSTEMS)

Asyousee,itshowstwoMACaddress—oneiscurrentandtheotherispermanent.YoumayaskwhyI’mcheckingthishere.Ihavecheckeditoncebyissuingcommand“ifconfig”.Isn’tthatenough?

It’sbecausethecommand“ifconfig”willonlyshowthecurrentMACaddress.Itwon’tshowthepermanentMACaddress.ItmeanswhenyouhavechangedtheMACaddressandissuedthe“ifconfig”command,itonlyshowthechangedone,notthepermanentone.

Nowwe’dliketochangeourMACaddress.Letusissuethiscommand:

root@kali: #macchanger–h

Anditwillproduceanoutputlikethis:

GNUMACChangerUsage:macchanger[options]device

-h,--helpPrintthishelp-V,--versionPrintversionand

exit-s,--showPrinttheMAC

addressandexit-e,--endingDon'tchangethe

vendorbytes-a,--anotherSetrandomvendorMACofthesame

kind-ASetrandomvendor

MACofanykind-p,--permanentResettooriginal,

permanenthardwareMAC-r,--randomSetfullyrandom

MAC-l,--list[=keyword]Printknownvendors-b,--biaPretendtobea

burned-in-address-m,--mac=XX:XX:XX:XX:XX:XX--macXX:XX:XX:XX:XX:XXSettheMAC

XX:XX:XX:XX:XX:XX

Reportbugstohttps://github.com/alobbs/macchanger/issues

Thethreered-coloredlinesareimportant.Itisexplicitlydefinedwhattheymean.Thegreencoloredlineisalsoimportant.

Thefirsttwolines—-a,--anotherSetrandomvendorMACofthesamekind

-ASetrandomvendorMACofanykind—meanyoucanchangetheMACaddressbutyoucan’tchangethevendor.

Inthiscase,thereiseverypossibilityoflosingyouranonymity.Thefirstthreesetsbelongtothenetcardmanufacturerand,sincethathasnotbeenchanged,youcanbeidentified.

Thethirdred-coloredlineisquiteobviousandself-explanatoryinitsmeaning.Itsays:youcanchangebacktotheoriginalMACaddress.

https://github.com/alobbs/macchanger/issues

Sofar,thebestoptionavailableforusisthegreencoloredline—-r,--randomSetfullyrandomMAC—whereitisclearlysaidthatyoucansetfullyrandomMAC.Thatis,thesixsetsarecompletelyrandom—whichweprefer.

Themostimportantofthemisthelastblue-coloredline.Whyisitimportant?ItisbecauseyoucanchangetheMACaddresscompletely.

Wecanhavealistofallvendorswithasimplecommand:l.Ifyouissuethatcommanditwillgiveaverylonglist.Letuspickupafewofthem.

root@kali: #macchanger-l

MiscMACs:

NumMACVendor

------------

0000-00:00:00-XEROXCORPORATION










0010-00:00:0a-OMRONTATEISIELECTRONICSCO.

0011-00:00:0b-MATRIXCORPORATION

0012-00:00:0c-CISCOSYSTEMS,INC.

0013-00:00:0d-FIBRONICSLTD.

0014-00:00:0e-FUJITSULIMITED

0015-00:00:0f-NEXT,INC.

0016-00:00:10-SYTEKINC.

0017-00:00:11-NORMERELSYSTEMES

0018-00:00:12-INFORMATIONTECHNOLOGYLIMITED

0019-00:00:13–CAMEX

Wehavetakenfirstfewlines—nineteenatpresent.Butthelastoneis19010-fc:fe:77-HitachiReftechno,Inc.Thered-colorednumbershowshowmanytherearealtogether.Thelistisnotcomplete.Afterthat,therearewirelessMACaddresses.Therearealtogetheraroundthirty-nine.

Youmayaskwhattheyareactually.TheyarenothingbutthebitsofthecompanyMACaddress.Letusconsiderthelastexample:0019-00:00:13–CAMEX.

Thefirstoneistheserialnumber.ThesecondoneistheMACaddress.Youcanchangeyourvendoraddressandusethisoneandpretendtobeusingthiscompany.Ethicalhackerssometimeusethattrick.

Keepingeverythinginmind,I’dliketosaythatthelastoption—theblue-coloredone—isthemostimportant.

Incolleges,studentssometimesusethattricktofooltheprofessor,alongwiththewholeclass.Someonetakestheprofessor ’sMACaddressand,pretendingtobetheprofessor ’sPC,hejamsthenetwork.Oncethenetworkhasbeenjammed,theteachercan’ttaketheclassanymore.

UsuallythereisanetworkfilteringsystemthatfindsouttherogueMACaddressandblocksthataddress.Butthatisalsofun.WhenthenetworkfilteringsystemhasblockedtheMACaddress,itcomesoutthattheprofessor ’sPChasbeenblockedinadvertently.

Asanethicalhackeryouneedtostudythispartparticularly,asthemalicioushackersoftenuseanother ’smachineMACaddressandpretendtobesomeonewhiletheydothewrongthings.

#Epilogue—WhatNext

ThanksforreadingthisvolumeofEthicalHackingwithPython3.Ihopethat,asabeginner,youhavelearnedthebasicsofethicalhacking.Thatincludestheterms,legalside,andpurpose;networking,theenvironment,andadetailedintroductiononanonymity.Additionally,IhopethatyouhaveaworkingknowledgeofPython3.

ThenextvolumesofbooksonEthicalHackingwilldealwithmoreadvancedconceptslike“Nmap,”“SQLInjection,”“DenialofServiceorDOS,”“BruteForceMethod,”“SignalJamming,”“PasswordCracking,”“FootprintingwithNmap,”“AttackingWirelessNetworks,”“WiFiHacking,BreakingEncryptions”,“SLlStrips”andmanymore.

Hopetomeetyouinthenextbook.Tillthen,bestofluck.

Epilogue—WhatNextThanksforreadingthisvolumeofEthicalHackingwithPython3.Ihopethat,asabeginner,youhavelearnedthebasicsofethicalhacking.Thatincludestheterms,legalside,andpurpose;networking,theenvironment,andadetailedintroductiononanonymity.Additionally,IhopethatyouhaveaworkingknowledgeofPython3.

ThenextvolumesofbooksonEthicalHackingwilldealwithmoreadvancedconceptslike“Nmap,”“SQLInjection,”“DenialofServiceorDOS,”“BruteForceMethod,”“SignalJamming,”“PasswordCracking,”“FootprintingwithNmap,”“AttackingWirelessNetworks,”“WiFiHacking,BreakingEncryptions”,“SLlStrips”andmanymore.

Hopetomeetyouinthenextbook.Tillthen,bestofluck.

Index

A,BAccessormethodsAMD64Anonymityprotection,Internet

CClassstringformat()functionimmutablelower()positionreplaceandfind()strip()upper()

CommunicationConditionalexecutionsConditionalvalues/expressionsConfigurationParsermoduleContainerscoding

dictionaryobjectlistobjectoutputtuples

Credit/debitcardCriminalsCreate,retrieve,updateanddelete(CRUD)Cyberlaw

DDarkweb/deepwebDatagramDebianDecorators

EEnd-to-endcommunicationenumerate()functionEthicalhackingExceptions

F,GFileinputandoutputFrameCheckSystem(FCS)FunctionAnotherFunction()codingDemarcationLine()generatefunctionslistsofargumentsnamedargumentspassingdefaultvaluespassingparameters/argumentsRangeFunctions()returnvaluesreusabilityTestFunction()

HHackingattack,exploit/penetrationmethodscomputerscredit/debitcardnumbercriminalsenvironmentanonymousoperatingsystemsprogramminglanguagevirtualmachine

virtualmachineHiddenwikipediahiddenWikipagesinterestingmarketKaliLinuxterminalsystemarchitectureTorbrowsertorproject.orgwebsite

Humantrafficking

I,JInheritanceInternetStandardsOrganization(ISO)Internetworking

KKaliLinux

LLinuxdistributionLinuxterminaladdusercommandanonymitycatcommandcatsources.list|grepsrc

cdcommandchmodcommandcommandlinetool/terminalcpcommandcp–helpdirectoriesandfoldersechocommandethicalhackingexecutablemodefilepermissiongrepcommandgroupcommandIceweaselKaliLinuxfullscreenviewlogoutlscommandls–lacommandmkdircommandmvcommandNanotexteditoroutputpwdcommandpyfile.pyPythonfilerfcommandrmcommandroot/superuserr-xcommandsanjibsources.listsudocommand

Localnetworkcardaddressloops()function

MMACaddresscommandethicalhackers

ifconfigipconfignetworkcardnetworkfilteringsystemoutput

MaliciousattackMediaAccessControl(MAC)ModulecalculatorprogramLinuxDebiandistributionos/operatingsystem–specificmoduleprogramrandomanddatetimerequestandrespondsys/system-specificmoduleurllib

MySQLcodingconfigurationfileconnectorCRUDapplicationdatabaseconnectiondeletearecordfetchall()fetchmany().inifilePHPMyAdminpython-mysqlrelationaldatabasesretrieverecordssetup.pyshortBLOBstepstryanderrormethodwritingfiles

MySQLConnectormodule

N

Networkcharacteristicscommunicationfunctionsinteroperabilitymodularengineeringsharingresourcessockettypes

Networkcards

OObjectObject-orientedprogramming(OOP)accessingobjectdataadvantageclassesandobjectsargumentscodingdefaultargumentdefinitioninitializationprocessinstancesmethodsMyMySQLConnection()andMySQLiteConnection()MySQLdatabaseoutput

classinheritancemechanismdecoratordescriptiongame,goodvs.badgeneratorsgoalinheritanceinterrelationshipsanddatainteractionsobjectobjectvs.classpolymorphismsoftwareapplications

webpageopen()methodOpenSystemsInterconnection(OSI)applicationlayerdatalinklayernetworklayerphysicallayerpresentationlayersessionlayertransportlayer

P,QPacketfilteringPacketswitchingPathselectingPolymorphismProxiesProxychainsconfigurationfileDNSleaktestDNSrequestsdocumentationsdynamic_chainIPaddresslistrandom_chainstrict_chaintortypes

Pythonassigningvaluescodingcommentingconditionalsdictionaryforloopsindentationandwhitespaceinstallers

logicalvaluesmain()functionnumbersobjectoutputOutsideMainFunction()outsideprint()functionprint()functionstringtuplesandliststypeandIDwhileloops

Python3codingcommanddocumentationpageIDEIDLEinstructionsinterpreterLinuxdistributionopensourceprogramminglanguageoutputPycharmcommunityeditionsystemconfigurationsystemmonitoringWindows/Macintoshplatform

PythonStandardLibrary

Rrange()functionRegularexpressionsremodulereusingsearching

Routers

S

SegmentSideeffectSocketSoftwareinstallationSQLite3SwitchesSyntaxError

TTransmissionControlProtocol/InternetProtocol(TCP/IP)TryblockTuplesTypeError

UUbuntuUbuntusoftwarecenteruname-aUnittestmoduleassertEqual()errormessageMyTest/BrainAndSoulPyCharmIDEsaytimedate.pysyntacticalerrorstest_PyVar()andtest_main()test_Time()andtest_Version()TestUnitTest.py

VVBoxLinuxAdditions.runVirtualBoxGuestAdditionsVirtualBox(VB)advantageapt-getupdateapt-getupgrade32-bit/64-bitarchitecture

downloadsection,Linuxhosts.exefilesfullscreensizefullscreenviewhackingtooltestinginstallationprocess,KaliLinuxinstallWindows7UltimateInternetconnectionISOimageKaliLinuxrunning,OracleVMmemorysizemethodsoperatingsystempackagepasswordattackstoolprocedureRedHat/Fedorarunningcodesself-explanatorystoragesectionsucommandterminalandtypeterminalimagex86_64

VirtualPrivateNetwork(VPN)about:configimage,Mozillabrowseranonymityapt-getcommandconnectiondhclient.conffileDNSserverISPprovidermedia.peerconnection.enablednameservernetworkmanageropendnsopenvpnprinciplezippedversion

W,X,Y,ZWindowsXP

Beginning Ethical Hacking with Python - prognoztech.com · hacking. Let us clear it first: Ethical...

Documents

Transcript of Beginning Ethical Hacking with Python - prognoztech.com · hacking. Let us clear it first: Ethical...