1
00:00:00,390 --> 00:00:02,080
OK so let's run off script.

2
00:00:02,100 --> 00:00:07,040
Oh SPF dot P. why hopefully what we'll see.

3
00:00:07,170 --> 00:00:08,450
Oh SPF passwords.

4
00:00:08,460 --> 00:00:09,330
And there you go.

5
00:00:09,330 --> 00:00:11,460
Oh SPF password is Cisco.

6
00:00:11,670 --> 00:00:21,150
Now on the Cisco Rada once again I could change that password so interface gigabit 00 IP o SPF authentication

7
00:00:21,510 --> 00:00:22,430
key.

8
00:00:22,440 --> 00:00:24,630
Let's set it to 0 SPF POS.

9
00:00:24,660 --> 00:00:30,510
What should happen is our python script should show us the new SPF password.

10
00:00:30,510 --> 00:00:34,240
This has been captured off the wire in real time.

11
00:00:34,350 --> 00:00:35,070
And there you go.

12
00:00:35,220 --> 00:00:36,890
Oh SPF pass.

13
00:00:37,080 --> 00:00:49,710
So my simple python script and all catatonia or SPF dopey why this simple python script is capturing

14
00:00:50,280 --> 00:00:54,290
packets off the wire and then displaying the password.

15
00:00:54,300 --> 00:01:02,580
Now you may want to save that to a file rather than have it just print to the screen so as an example

16
00:01:02,820 --> 00:01:13,620
nano 0 SPF dot P. why let's rather than just printed to the screen save it to a file sole credit variable

17
00:01:13,620 --> 00:01:24,500
called my file I'll open up a file called and let's make this 0 SPF passwords dot text.

18
00:01:24,900 --> 00:01:26,820
This is gonna be a rectangle file.

19
00:01:26,850 --> 00:01:30,460
So basically I'm opening up a file with this name.

20
00:01:30,600 --> 00:01:31,550
I don't have to use text.

21
00:01:31,560 --> 00:01:34,830
I'll just use that to be consistent with say what Windows does.

22
00:01:34,830 --> 00:01:43,000
It's a read write file and then I'm gonna write the output to this file.

23
00:01:43,020 --> 00:01:45,880
Now that's actually writing the packet so let's not do that.

24
00:01:46,080 --> 00:01:52,400
Let's say write 0 SPF POS equals this

25
00:01:55,060 --> 00:02:04,070
so equals the 0 SPF password string plus the actual password and then I'm gonna write the 0 SPF pass

26
00:02:04,070 --> 00:02:04,630
here.

27
00:02:05,220 --> 00:02:08,980
And if you concerned that it's actually the same word I'll just change it.

28
00:02:08,980 --> 00:02:10,270
He had to something else.

29
00:02:10,270 --> 00:02:17,560
So this is just a variable called 0 SPF password that equals 0 SPF password plus the actual password

30
00:02:17,590 --> 00:02:18,670
that's captured.

31
00:02:18,760 --> 00:02:22,810
We're opening up a file and then we're going to save that to the file.

32
00:02:22,810 --> 00:02:27,720
And actually what I will do here is I don't want to open the file up every time because it'll overwrite

33
00:02:27,730 --> 00:02:28,210
it.

34
00:02:28,210 --> 00:02:31,800
I'll open up the file there and then write to the file.

35
00:02:32,110 --> 00:02:39,470
Per that output so it'll write the password consistently to the file name coding this on the fly so

36
00:02:39,800 --> 00:02:41,510
hopefully my code isn't that bad.

37
00:02:41,600 --> 00:02:43,050
So let's give it a go.

38
00:02:43,130 --> 00:02:44,210
I'll run the script.

39
00:02:44,300 --> 00:02:50,380
We won't see anything because we're not writing to the screen in this example.

40
00:02:50,480 --> 00:02:58,220
I'm just saving the information to a file but hopefully stop that script now.

41
00:02:58,600 --> 00:02:59,410
Hopefully

42
00:03:02,020 --> 00:03:06,470
we've got a file called SPF password which we do.

43
00:03:06,470 --> 00:03:14,830
And if I kept that which is basically reading it notice we can see SPF password is 0 SPF pass or SPF

44
00:03:14,830 --> 00:03:18,670
password and then we get a prompt.

45
00:03:18,670 --> 00:03:21,340
Now that's not such a great way to do it.

46
00:03:21,340 --> 00:03:30,190
So like all things when it comes to coding you iterate you iterate what you what you do.

47
00:03:30,210 --> 00:03:36,840
So what I'll do is write that but put a carriage return after it and let's see what that does

48
00:03:39,470 --> 00:03:40,450
so run it again.

49
00:03:40,460 --> 00:03:44,040
Python 3 0 SPF dot P Y.

50
00:03:44,210 --> 00:03:45,350
Very simple script.

51
00:03:45,380 --> 00:03:45,590
Okay.

52
00:03:45,590 --> 00:03:46,520
Didn't like that.

53
00:03:46,520 --> 00:03:48,800
Let's see what I did wrong here.

54
00:03:54,110 --> 00:03:59,880
Let's add that Mike bat.

55
00:04:00,130 --> 00:04:01,760
That looks better.

56
00:04:01,760 --> 00:04:05,240
This is the thing with coding you know start with a small script.

57
00:04:05,240 --> 00:04:06,140
Try something.

58
00:04:06,140 --> 00:04:07,610
See if it works.

59
00:04:07,850 --> 00:04:09,850
Then try something else.

60
00:04:10,130 --> 00:04:11,540
See if that works.

61
00:04:11,540 --> 00:04:14,220
Keep iterating and keep improving your scripts.

62
00:04:14,620 --> 00:04:19,130
Okay so that's should be long enough to clear the screen

63
00:04:22,210 --> 00:04:23,720
Alice shows us our files.

64
00:04:23,720 --> 00:04:26,710
Cat 0 SPF password or T X T.

65
00:04:26,710 --> 00:04:30,770
Notice there's a password with the carriage returns after it.

66
00:04:30,790 --> 00:04:33,910
Okay so just to make the point I'll run that again.

67
00:04:34,180 --> 00:04:43,460
And then what I'll do here is clear the process but then I'll go on to the interface and change the

68
00:04:43,460 --> 00:04:45,860
password to something else.

69
00:04:45,860 --> 00:04:49,320
So let's set it to Hello.

70
00:04:49,310 --> 00:04:55,980
1 2 3 so that should display in our text file.

71
00:04:55,980 --> 00:05:05,440
Now again you could use cron to schedule this or end that now rather than running it interactively just

72
00:05:05,440 --> 00:05:09,930
schedule this to run in the background and notice there is a password.

73
00:05:09,940 --> 00:05:10,240
Hello.

74
00:05:10,240 --> 00:05:12,520
One two three.

75
00:05:12,520 --> 00:05:15,040
So I could as an example do this.

76
00:05:17,990 --> 00:05:21,380
Notice I've started this script.

77
00:05:21,380 --> 00:05:25,400
It's running in the background and I've got my terminal prompt now.

78
00:05:25,610 --> 00:05:31,640
If I type top so notice top shows us that t shock is running in the background.

79
00:05:31,970 --> 00:05:33,460
So is Python 3.

80
00:05:33,470 --> 00:05:37,050
So that script is busy running in the background.

81
00:05:37,190 --> 00:05:45,140
What I could do is kill the process so let's kill t shock kill process 1 2 4 8 and notice we see some

82
00:05:45,140 --> 00:05:49,460
output that the script is done so clear the screen.

83
00:05:49,460 --> 00:05:51,670
Alice shows us our files.

84
00:05:51,710 --> 00:05:54,650
Let's read that 0 SPF password file.

85
00:05:54,650 --> 00:05:58,850
Notice there's the password written to the file.

86
00:05:58,880 --> 00:06:04,280
Now you could get fancy with your scripts you could get cron to kickstart that script and then run it

87
00:06:04,280 --> 00:06:05,760
for a period of time.

88
00:06:06,080 --> 00:06:12,260
So let's run it for half an hour or run it for a day or for a period of time you could get your script

89
00:06:12,260 --> 00:06:15,550
to email you the passwords do all kinds of things.

90
00:06:15,650 --> 00:06:24,320
The moral of the story here is you can leverage python and T shark to capture packets of the wire and

91
00:06:24,320 --> 00:06:25,710
then do things.

92
00:06:25,780 --> 00:06:27,230
So let me show you another example.

93
00:06:27,350 --> 00:06:32,990
In the next video I'll show you how to use this to capture for instance FCP passwords.