SSH Fingerprint and Hostkey with Paramiko in Python

Following on from SSH and SFTP with Paramiko & Python, I recently had the need to gain a remote SSH server’s fingerprint and hostkey for verification purposes. This is achievable through setting up a socket, and then applying paramiko.Transport over our established socket. First, we include the various bits and pieces we’ll need: import socket import paramiko import hashlib import base64 Next, we establish a socket connection ‘mySocket’ to “localhost” on port 22 – our dummy SSH server. We then use paramiko.Transport to gain access to paramiko’s core SSH protocol options on the socket. mySocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) mySocket.connect(("localhost", 22)) myTransport = paramiko.Transport(mySocket) myTransport.start_client() To get the remote hostkey, we call myTransport.get_remote_server_key(): […]

By | November 24th, 2014|Python|0 Comments

PHP Security

As a PHP programmer, there are a couple of things you can do quickly and easily to increase the security of your PHP code installation. Look into PHP’s “safe mode” feature, ESPECIALLY if you’re running a webserver that takes the general public can upload scripts to. Here you’ll find a list of the functions disabled or restricted by safe mode. It is not strictly PHP’s job to restrict these types of functions, however unless you really know what you’re doing, the list of functions restricted by safemode is a good starting point for building secure applications. These are generally functions that allow file and directory manipulation, and socket manipulation. If it’s not possible within your environment to disable them all, disable as many of these functions as possible. Although not that common, if I’m writing an application that heavily relies on functions that manipulate directories or sockets, I’ll prefer to create a C daemon or similar to handle this side of things and simply use PHP to communicate with it. […]

By | January 14th, 2010|Development, PHP, PHP, PHP Articles, Technology|0 Comments

Security Consultant – Basic NMAP Usage

nmap is one of the most useful tools for a security consultant in a penetration testing environment. It has a massive range of options, and only the most basic will be considered in this tutorial. It goes without saying, that nmap should only be run against IPs and ports that you yourself have gained authorization to test. Here goes: […]

By | September 2nd, 2009|Linux, Security Consultant|2 Comments

NetCat tutorial for Linux & Windows, HOWTO, nc

I wrote this article some time ago, but thought I’d publish it here for reference. This text is dual licenced under the GFDL and GPL There are two known versions of netcat. The version of netcat used here is the original Avian Research version. Not the newer GNU release Contents: – Netcat Basics – 1 – What is Netcat? – 1 – Netcat Syntax – 2 – Netcat Installation – 3 – What are the most basic uses? – 4 – Simple File Transfer – 4 – Tar – 5 – UDP – 6 […]

By | September 16th, 2008|Internetworking & Routing, Linux, Technology|11 Comments