Python Hacking - Part 1

 Python is one of the best scripting tools for doing things off tandem which is why many hackers consider it the best hacking Swiss army knife. On the personal level I feel a bit agnostic to the programming language due to the fact that I've used many. For example, many don't like PHP but I feel that it's just another scripting language, same goes for Ruby, GoLang, Perl, C, C++, and Java.

So why so many hackers feel strong about Python being the Swiss army knife of hacking? I think because:

1. It's easy to install, configure and use.
2. It has so many libraries that work out of the box.
3. It just works!

I use Python on regular basis to automate things and do agree with many of the hackers out there that Python is powerful and awesome. Let's start this blog by showing users how to use python to make it part of their day to day use. For the sake of sanity we will be using python3 (python3.12).

Python PEP

Python has a defined PEP (Python Enhancement Proposals) which are the foundations of how to write Python code. One of the most important one is PEP8 which defines the style guide for Python coding. For example, Indentation is very important for Python, unlike C language. PEP8 states to use 4 spaces per indentation level to ensure the layout of the code looks good and for it to run.

# Correct:

# Aligned with opening delimiter.
foo = long_function_name(var_one, var_two,
                         var_three, var_four)

# Add 4 spaces (an extra level of indentation) to distinguish arguments from the rest.
def long_function_name(
        var_one, var_two, var_three,
        var_four):
    print(var_one)

# Hanging indents should add a level.
foo = long_function_name(
    var_one, var_two,
    var_three, var_four)

# Wrong:

# Arguments on first line forbidden when not using vertical alignment.
foo = long_function_name(var_one, var_two,
    var_three, var_four)

# Further indentation required as indentation is not distinguishable.
def long_function_name(
    var_one, var_two, var_three,
    var_four):
    print(var_one)

Another PEP8 big thing would be to limit the line to a maximum of 79 characters.

with open('/path/to/some/file/you/want/to/read') as file_1, \
     open('/path/to/some/file/being/written', 'w') as file_2:
    file_2.write(file_1.read())

There are a lot of things that needs to happen to ensure proper PEP8 format, for more details I recommend that you read it here.

Venv

Aside from following the PEP8 and PEP guidelines I like to leverage the use of virtual environment to contain specific software libraries and binaries needed (isolate) from getting installed on my base OS Python, this enables you to also have a contained directory which is usually named .venv in the project directory, the directory is considered as disposable because it can simply can get recreated whenever you need to run your code, which brings me to the next point of allowing you to import what's needed to source control systems (such as GitHub) excluding the disposable .venv folder.

To create a virtual environment simply run:

python -m venv /path/to/new/virtual/environment

To use the virtual environment run:

source /path/to/new/virtual/environment/bin/activate

To install libraries for python using PIP:

pip install package_name

Now that you have the initial basics it's time to get into using python which we will cover in part 2.