EvilZone
Programming and Scripting => Beginner's Corner => : 0pt1musPr1m3 January 29, 2015, 03:17:17 AM
-
.
-
I see why you put it here, pretty much just a menu wrapper around nmap :P
Two points:
No need to us os.system('mkdir blah') might as well just use os.mkdir('dir') makes it a bit portable
you have no input validation which means ya got some command injection vuln going on. Ya not a big deal at all for personal use, but lets say theoretically speaking you were using this as a sort of 'nmap as a service', youd get pwned with this. Since it's for practice anyways, might as well practice secure coding, right?
-
Well it is skidish, that's for sure[emoji14]
Just few things that i thought at first glance. If you put some intro text at beginning do multiline commenting like this:
"""
words here..
..and here
"""
Instead of multiple #, it's just clearer to read in my opinion. Maybe bit useless point, but just saying what i thought.
If you want to avoid using so much "os.system(command)" in this case, there is this nmap for python library. I have never use it but it seems something that might have been valid option for this program.
https://pypi.python.org/pypi/python-nmap
edit: Also if you wanted to make this bit less skidish(even if it's kind of point here) maybe try to use some argument parsing instead all raw_inputs. Though in this case there isn't much difference from just using nmap then. [emoji14]
-
Awesome, thanks guys.
Checking to make sure that the input doesn't contain upper or lowercase letters would be enough?
just convert it to an int first(and check for errors) bit safer that way.
Filtering the target might be a bit more complex, cause thats an avenue too.
-
Hey quick question do u really know how to hack
Sent from my iPad using Tapatalk