6

In the world of penetration testing with Python, it looks like one has to generally hook into an API that's OS specific. This makes sense to me because we're dealing with different architectures and kernels between OSX, Linux, Windows. But I'm wondering if this isn't the case?

Beyond some of the limited functionality you get out of the OS module, my assumption is that hooking into the OS's API is general going to be specific to *POSIX flavor (maybe they have more in common) than in Windows for example.

In particular I'm thinking of Deviare on Windows. It deals with .DLL files. That's pretty much Windows. The moment we hear DLL, the mind goes to windows land, .plist OS X and so on.

inbinder
  • 692
  • 4
  • 11
  • 28
  • 3
    There is no concept called "hooking" in Python. What text have you been reading, and what are the parts that confuse you? – Sven Marnach Jul 24 '12 at 16:42
  • I understand Hooking as more of a concept, not something that is python specific. Not using a particular text, have just been looking at some not so helpful explanations on the web. – inbinder Jul 24 '12 at 17:24
  • 2
    Hmm, I have some doubts that this approach to learning things is getting you anywhere. My recommendation is to first work through some programming tutorial or introductory book, and then pursue some project of your own. Trying to understand a random, not very precisely defined topic without a specific application does not seem very helpful. – Sven Marnach Jul 24 '12 at 17:38
  • If you are talking about hooking of native win32 functions I wrote [this](http://blog.nektra.com/main/2012/07/20/windows-api-hooking-in-python-with-deviare/) article as a simple example, but I think that your question needs more elaboration because the hooking concept appears in diverse areas (i.e: SVN hooking). – sw. Jul 26 '12 at 13:23
  • Maybe this helps you: http://stackoverflow.com/questions/774824/explain-python-entry-points#9615473 – guettli Oct 14 '13 at 08:27

3 Answers3

7

Hooking is a way to get your own code to execute when another system is running, whether that other system is an OS, a GUI, or whatever. A somewhat silly example in Python:

def Process(records, per_record_hook=None):
    "adds all records to XYZ system"
    XYZ = []
    for record in records:
        if per_record_hook:
            per_record_hook(record)
        XYZ.append(record)

def print_record(record):
    "print a '.' for each record (primitive counter)"
    print '.'

and then later:

Process(records_from_somewhere, per_record_hook=print_record)
Nishabu
  • 134
  • 1
  • 15
Ethan Furman
  • 63,992
  • 20
  • 159
  • 237
2

http://en.wikipedia.org/wiki/Hooking

I'm going to assume you're referring to this ^ kind of hooking? I'm completely unfamiliar with the term, but it seems like you're looking for a library that allows interactions with the operating system?

If so, try something like PyWin32 (google it) or follow some of the techniques found here: http://www.rohitab.com/discuss/topic/37018-api-hooking-in-python/

Again, it'd be more helpful if you could put it (the phrase hooking) into more...Python-esque terms, but I hope this helps?

Aaron Tp
  • 353
  • 1
  • 3
  • 12
2

In Python things like this is generally so trivial that it's hard to even provide examples. Hooks are generally callbacks, yes. Callbacks in python are simply done by passing functions around and calling them.

Lennart Regebro
  • 167,292
  • 41
  • 224
  • 251