Funny thing is, my old script was still working! Apparently the folks at Pastebin have left the legacy API still running. The old documentation is gone though, and now even to read the updated documentation you need to log in…

Now, this takes care of the API key problem, but there’s still the issue of Pastebin seeing your IP address. An HTTP proxy can fix that… provided you trust that proxy not to store your IP somewhere in the logs. The procedure is simple, just set the HTTP_PROXY environment variable to wherever your proxy is, and voilà! The standard Python module urllib will automatically connect through the proxy.

If you don’t have a trusty HTTP proxy, the best way to go is through the Tor network. You’ll need to install the Tor service itself and the Privoxy HTTP proxy in your machine, then set the HTTP_PROXY variable to 127.0.0.1:8123. This document from the Tor Project explains it in detail.

Once you’ve set up your proxy, download pastebin.py and send a file to Pastebin like this:

    $ python pastebin.py manifesto.txt
    manifesto.txt --> http://pastebin.com/ixSetT5f

The script accepts multiple filenames as well. You can also set the syntax highlighting format (useful for source code, config files or logs) as follows:

    python pastebin.py --format=apache /var/log/apache2/access.log /var/log/apache2/error.log

And set an expiration time, after which it gets automatically deleted. In the following example a SQL dump is uploaded and automatically deleted the next day:

    python pastebin.py dump.sql --format=sql --expire=1D

So, that’s pretty much it. There’s a limit of 512Kb per file uploaded, in order to bypass this you’ll have to split the file into multiple pieces (something similar to this but using pastes instead of URLs). I may do it another day, but for now it’s left as an exercise to the reader.

There’s one thing I don’t quite understand: why did the Pastebin folks think it was necessary to have a mandatory API key? Even if the legacy API had been shut down, it would still be possible to figure out how the web page was doing it and replicate it in Python. The API key being linked to the user account seems a bit strange too… Their intention might be to catch script kiddies uploading illegal stuff, but it may also be an attempt to do data mining on people’s posts. Who knows…

Download

pastebin.py

Java hash functions are implemented as a MessageDigest object, which you can’t instance directly but rather get an instance through the MessageDigest.getInstance() static method. It takes as it’s only argument a string with the name of the algorithm – but I couldn’t find an easy way to enumerate all available algorithms.

After a little googling I found this code example at Example Depot to do it programatically. Since results may vary from one installation of Java to the next, a command line tool would have been more useful to me, but I don’t know of any. (If you do, let me know!)

Anyway, I wrapped the code in a very simple Main function and compiled it using Eclipse. I called this little tool “ListServices” because I didn’t feel like thinking of a catchy name.

By default this tool lists all available cryptographic providers, but you can specify just the ones you need (in the example below, we type MessageDigest to get just the hashing algorithms):

        $ java -jar ListServices.jar
        KeyFactory:
                1.2.840.113549.1.3.1
                OID.1.2.840.113549.1.1
                1.2.840.113549.1.1
                OID.1.2.840.113549.1.3.1
                1.3.14.3.2.12
                DSA
                DiffieHellman
                RSA
                DH
                1.2.840.10040.4.1

        TransformService:
                INCLUSIVE_WITH_COMMENTS
                ENVELOPED
                (... output omitted for brevity ...)

        $ java -jar ListProviders.jar MessageDigest
        MessageDigest:
                SHA-256
                SHA-512
                SHA
                SHA-384
                SHA1
                MD5
                SHA-1
                MD2

        $

Enjoy!

Downloads

Executable JAR

Source code + Eclipse project

Most of you probably know it already, but just in case, here goes the explanation. You can connect two computers and simulate what would happen if you had two monitors instead: when the mouse leaves the screen in one computer, it “enters” the other computer on the opposite side of the screen. For example, if you have two laptops on your table and you move the mouse to the right, after reaching the border of the screen you see it coming out on the left side of the other computer.

The magic is done by using a remote desktop protocol like VNC, which lets you send keystrokes and mouse events, but discarding the framebuffer updates. That is, a program that connects to the remote desktop, but instead of showing you the remote screen, it monitors mouse movements locally and when the mouse reaches the screen limits, it captures the mouse and starts sending mouse events to the remote system. Similarly, when the mouse reaches the opposite limit on the remote system, it stops capturing the mouse so you can use it on the local system.

Since I use Linux my choice was x2vnc, the Linux cousin of the more famous Win2VNC, also by the same author. But unlike Win2VNC which is now actively maintained at SourceForge, x2vnc seems to have been abandoned.

x2vnc supports SSH tunneling, which is just perfect since VNC is a plaintext-only protocol and insecure by design. However there’s no easy way to tell x2vnc to which port to connect or which username to login as – it defaults always to the current local user and port 22.

I also had a problem with my other laptop, which had Windows 7. When the mouse cursor leaves the screen, it is “parked” to a corner of the screen so it doesn’t show (it’d be confusing to see two mouse cursors as you wouldn’t know which one is active). But the corner chosen by x2vnc is always the lower right corner, causing Windows 7 to hide all active windows… very annoying.

So I did what any other geek would do in my situation – branch it!

The patched code is now at Google Code. The new command line switches I added were:

-sshuser: Log in to the SSH tunnel using the given username.

-sshport: Connect to the given TCP port number instead of the SSH default (22).

-restingx and -restingy: Tell x2vnc where to park the mouse cursor. A value of 0 means left or top, a value of -1 means right or bottom. Then for example, -restingx 0 -restingy -1 means the top right corner of the screen.

Currently there’s only the source code but if I have the time I’ll upload a precompiled Debian package as well. Enjoy!

Download

Source code: http://code.google.com/p/x2vnc/source/checkout

The WinAppDbg python module allows developers to quickly code instrumentation scripts in Python under a Windows environment.

It uses ctypes to wrap many Win32 API calls related to debugging, and provides an object-oriented abstraction layer to manipulate threads, libraries and processes, attach your script as a debugger, trace execution, hook API calls, handle events in your debugee and set breakpoints of different kinds (code, hardware and memory). Additionally it has no native code at all, making it easier to maintain or modify than other debuggers on Windows.

The intended audience are QA engineers and software security auditors wishing to test / fuzz Windows applications with quickly coded Python scripts. Several ready to use utilities are shipped and can be used for this purposes.

Current features also include disassembling x86 native code (using the open source diStorm project, see http://ragestorm.net/distorm/), debugging multiple processes simultaneously and produce a detailed log of application crashes, useful for fuzzing and automated testing.

What’s new in this version?

In a nutshell…

• fully supports Python 2.4 through 2.7
• fully supports Windows XP through Windows 7, 32 and 64 bit editions
• crash report tool now supports MSSQL (requires pyodbc)
• now supports downloading debugging symbols from Microsoft (thanks Neitsa!)
• new tool: sehtest.py (Windows SEH buffer overflow jump address bruteforcer, inspired by the same tool by Nicolas Economou)
• the tutorial is now available in chm and pdf formats
• now with only one MSI installer for all supported Python versions
• added support for diStorm 3 (falls back to the old version if not found)
• now using cerealizer instead of pickle whenever possible
• added new command to the command line debugger to show the exception handlers
• a few more anti-anti-debug tricks were added, still more to go!
• several improvements to the Window instrumentation classes
• more code examples
• more Win32 API wrappers
• lots of miscellaneous improvements, more documentation and bugfixes as usual!

Entire changelog for all versions (slow!):

• http://p.sf.net/winappdbg/changelog

Where can I find WinAppDbg?

Project homepage

• http://tinyurl.com/winappdbg

Windows installer (32 bits)

• winappdbg-1.4.win32.msi
• winappdbg-1.4.win32.exe

Windows installer (64 bits)

• winappdbg-1.4.win-amd64.msi
• winappdbg-1.4.win-amd64.exe

Source code

• winappdbg-1.4.zip
• winappdbg-1.4.tar.bz2

Online documentation

• Programming Guide
• Reference documentation

Offline documentation

• winappdbg-tutorial-1.4.chm
• winappdbg-tutorial-1.4.pdf
• winappdbg-reference-1.4.chm
• winappdbg-reference-1.4.pdf

Anyway, it was fun and that’s my main motivation to write this blog in the first place, soooo… here it is! A Python source code obfuscator that uses ROT13.

How does it work? Simply put, by misusing the Python source encodings feature. I stumbled upon this idea while reading a thread in Stack Overflow. Python allows us to use any supported form of text encoding for our source code, by placing a magic comment in either the first or second line of the script:

    #!/usr/bin/env python
    # -*- coding: <codec-name-goes-here> -*-

This is useful for example to use UTF-8 and other encodings that allow non-english characters. But Python also has some other fun encodings, like ROT13 (the ancient Roman empire encryption system). The following snippet from Stack Overflow shows how to do it:

    #!/usr/bin/env python
    # -*- coding: rot13 -*-

    cevag "Uryyb fgnpxbiresybj!".rapbqr("rot13")

The only caveat is, ASCII strings are not decoded when you run the script, so you have to do it yourself. Unicode strings on the other hand are decoded automatically.

    #!/usr/bin/env python
    # -*- coding: rot13 -*-

    cevag h"Uryyb fgnpxbiresybj!"

There are some other fun encodings like “base64″, “uuencode”, “zlib” or “bz2″ that you can experiment with too. If you try them let me know how it went.

I wrote a quick script to use the ROT13 trick. Naturally the source code itself is also encoded in ROT13, decoding it is left as an exercise for the reader. Enjoy!

Download

Source code: rot13src.py

Hi everyone. Today I’ll be showing you a quick script I wrote to make Google searches from Python. There are previous projects doing the same thing -actually, doing it better-, namely Googolplex by Sebastian Wain and xgoogle by Peteris Krumins, but unfortunately they’re no longer working. Maybe the lack of complexity of this script will keep it working a little longer…

The interface is extremely simple, the module exports only one function called search().

        # Get the first 20 hits for: "Breaking Code" WordPress blog
        from google import search
        for url in search('"Breaking Code" WordPress blog', stop=20):
            print(url)

You can control which one of the Google Search pages to use, which language to search in, how many results per page, which page to start searching from and when to stop, and how long to wait between queries – however the only mandatory argument is the query string, everything else has a default value.

        # Get the first 20 hits for "Mariposa botnet" in Google Spain
        from google import search
        for url in search('Mariposa botnet', tld='es', lang='es', stop=20):
            print(url)

A word of caution, though: if you wait too little between requests or make too many of them, Google may block your IP for a while. This is especially annoying when you’re behind a corporate proxy – I won’t be made responsible when your coworkers suddenly develop an urge to kill you!

Below are the download links (source code and Windows installers) and the source code for you to read online. Enjoy!

Changelog

• Version 1.0 (initial release).

• Version 1.01 (fixed the IOError exception bug).

• Version 1.02 (fixed the missing href bug reported by Rahul Sasi and the duplicate results bug reported by Slawek).

Download

Source code: google-1.02.tar.bz2

Windows 32 bits installer: google-1.02.win32.exe

Windows 64 bits installer: google-1.02.win-amd64.exe

Documentation: google-1.02-doc.zip

Source code

#!/usr/bin/env python

# Python bindings to the Google search engine
# Copyright (c) 2009-2012, Mario Vilas
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#
#     * Redistributions of source code must retain the above copyright notice,
#       this list of conditions and the following disclaimer.
#     * Redistributions in binary form must reproduce the above copyright
#       notice,this list of conditions and the following disclaimer in the
#       documentation and/or other materials provided with the distribution.
#     * Neither the name of the copyright holder nor the names of its
#       contributors may be used to endorse or promote products derived from
#       this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

__version__ = "$Id: google.py 892 2012-01-02 16:42:08Z qvasimodo $"

__all__ = ['search']

import BeautifulSoup
import cookielib
import os
import time
import urllib
import urllib2
import urlparse

# URL templates to make Google searches.
url_home          = "http://www.google.%(tld)s/"
url_search        = "http://www.google.%(tld)s/search?hl=%(lang)s&q=%(query)s&btnG=Google+Search"
url_next_page     = "http://www.google.%(tld)s/search?hl=%(lang)s&q=%(query)s&start=%(start)d"
url_search_num    = "http://www.google.%(tld)s/search?hl=%(lang)s&q=%(query)s&num=%(num)d&btnG=Google+Search"
url_next_page_num = "http://www.google.%(tld)s/search?hl=%(lang)s&q=%(query)s&num=%(num)d&start=%(start)d"

# Cookie jar. Stored at the user's home folder.
home_folder = os.getenv('HOME')
if not home_folder:
    home_folder = os.getenv('USERHOME')
    if not home_folder:
        home_folder = '.'   # Use the current folder on error.
cookie_jar = cookielib.LWPCookieJar(os.path.join(home_folder, '.google-cookie'))
try:
    cookie_jar.load()
except Exception:
    pass

# Request the given URL and return the response page, using the cookie jar.
def get_page(url):
    """
    Request the given URL and return the response page, using the cookie jar.

    @type  url: str
    @param url: URL to retrieve.

    @rtype:  str
    @return: Web page retrieved for the given URL.

    @raise IOError: An exception is raised on error.
    @raise urllib2.URLError: An exception is raised on error.
    @raise urllib2.HTTPError: An exception is raised on error.
    """
    request = urllib2.Request(url)
    request.add_header('User-Agent', 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)')
    cookie_jar.add_cookie_header(request)
    response = urllib2.urlopen(request)
    cookie_jar.extract_cookies(response, request)
    html = response.read()
    response.close()
    cookie_jar.save()
    return html

# Returns a generator that yields URLs.
def search(query, tld='com', lang='en', num=10, start=0, stop=None, pause=2.0):
    """
    Search the given query string using Google.

    @type  query: str
    @param query: Query string. Must NOT be url-encoded.

    @type  tld: str
    @param tld: Top level domain.

    @type  lang: str
    @param lang: Languaje.

    @type  num: int
    @param num: Number of results per page.

    @type  start: int
    @param start: First result to retrieve.

    @type  stop: int
    @param stop: Last result to retrieve.
        Use C{None} to keep searching forever.

    @type  pause: float
    @param pause: Lapse to wait between HTTP requests.
        A lapse too long will make the search slow, but a lapse too short may
        cause Google to block your IP. Your mileage may vary!

    @rtype:  generator
    @return: Generator (iterator) that yields found URLs. If the C{stop}
        parameter is C{None} the iterator will loop forever.
    """

    # Set of hashes for the results found.
    # This is used to avoid repeated results.
    hashes = set()

    # Prepare the search string.
    query = urllib.quote_plus(query)

    # Grab the cookie from the home page.
    get_page(url_home % vars())

    # Prepare the URL of the first request.
    if num == 10:
        url = url_search % vars()
    else:
        url = url_search_num % vars()

    # Loop until we reach the maximum result, if any (otherwise, loop forever).
    while not stop or start < stop:

        # Sleep between requests.
        time.sleep(pause)

        # Request the Google Search results page.
        html = get_page(url)

        # Parse the response and yield every anchored URL.
        # Discard duplicate URLs.
        soup = BeautifulSoup.BeautifulSoup(html)
        anchors = soup.findAll('a')
        for a in anchors:
            try:
                link = a['href']
            except KeyError:
                continue
            h = hash(link)
            if h in hashes:
                continue
            hashes.add(h)
            try:
                o = urlparse.urlparse(link, 'http')
            except Exception:
                continue
            if o.netloc and 'google' not in o.netloc:
                yield link

        # Prepare the URL for the next request.
        start += num
        if num == 10:
            url = url_next_page % vars()
        else:
            url = url_next_page_num % vars()

# When run as a script, take all arguments as a search query and run it.
if __name__ == "__main__":
    import sys
    query = ' '.join(sys.argv[1:])
    if query:
        for url in search(query, stop=20):
            print(url)

“This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Exchange and Windows SMTP Service. The more severe of these vulnerabilities could allow denial of service if an attacker sent a specially crafted DNS response to a computer running the SMTP service.”

However, researcher Nicolás Economou found an interesting surprise in this patch: two additional, undisclosed vulnerabilities had also been patched… and they were far more severe than the ones reported! From the Core Security advisory:

“Nicolas found that the Windows SMTP Service does its own DNS resolution of MX records rather that use the DNS resolver from the operating system while investigating CVE-2010-0024.

Furthermore, he found that the patch referenced in MS10-024 fixed two severe bugs that were not disclosed as such in the bulletin and had no CVE identifiers assigned to them. Basic analysis of the vulnerabilities disclosed in this advisory indicates that the threat of DNS spoofing attacks against Windows SMTP service and Microsoft Exchange or of exploitation of CVE-2010-0024 was underestimated in MS10-024.

An attacker may leverage the two previously undisclosed vulnerabilities fixed by MS10-014 to spoof responses to any DNS query sent by the Windows SMTP service trivially. DNS response spoofing and cache poisoning attacks are well known to have a variety of security implications with impact beyond just Denial of Service and Information Disclosure as originally stated in MS10-024.”

In fact, the two “new” vulnerabilities were quite crass. Both Exchange and the SMTP service were doing their own manually crafted DNS queries using incremental transaction IDs, which is a big no-no when implementing DNS because it makes it real easy for attackers to guess the transaction ID and spoof replies, as is a well known fact for… say… the last 16 years or so? But as it turns out, attackers didn’t even need to guess the transaction IDs… because they weren’t even being used when parsing the DNS responses!

This omission may be easily attributed to the “embarrasment factor” but it’s still a terrible idea to patch vulnerabilities silently: IT administrators, unaware of the real danger of the problem, may give the patch a lower priority. A denial of service just means having the mail server down for a while until it restarts, so the patch can wait – it’d be worse if the server didn’t work at all because patching went wrong. On the other hand, a DNS poison vulnerability means having an attacker browse through everyone’s emails and taking over all other services you may have on the same machine – patching becomes much more worth the risk.

Of course, this isn’t the first time this happens. Practically every vendor did this at one time or another. A quick Google search for “silently patched vulnerability” shows some 1.400.000 hits at the time I’m writing this, showing this is neither new or uncommon – and that even small software vendors may easily get caught. Especially thanks to the rise of binary diffing tools that can pinpoint precisely where and how the code was patched.

Thanks Alfredo Ortega for pointing out this advisory and providing such a cool sounding title.

From the CORE Security webpage:

What is Impacket?

Impacket is a collection of Python classes focused on providing access to network packets. Impacket allows Python developers to craft and decode network packets in simple and consistent manner. It includes support for low-level protocols such as IP, UDP and TCP, as well as higher-level protocols such as NMB and SMB. Impacket is highly effective when used in conjunction with a packet capture utility or package such as Pcapy. Packets can be constructed from scratch, as well as parsed from raw data. Furthermore, the object oriented API makes it simple to work with deep protocol hierarchies.

What is Pcapy?

Pcapy is a Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets.

There is a problem though – Pcapy hasn’t been updated in quite a while, so there is no MSI installer for Python 2.6. I’ve built it myself and hosted in here in the blog, so you don’t have to. I’ve also built an EXE installer for Impacket, it’s not really needed since it’s a pure Python module, but why not?

So this is the list of files we’ll be needing:

WinPcap_4_1_1.exe

pcapy-0.10.5.win32-py2.6.msi

Impacket-0.9.8.0.win32.exe

Installation is now pretty much straight forward. After running all the installers, let’s try it out with this example script to dump all connection attempts by sniffing SYN packets:

    C:\Documents and Settings\Mario Vilas\Desktop>python connections.py
    Available network interfaces:
            1 - \Device\NPF_GenericDialupAdapter
            2 - \Device\NPF_{5BE055D9-461D-4F51-99DD-188224D1A6D0}
            3 - \Device\NPF_{9B7DC2FB-7660-4E68-B4EC-DB9682C76E40}
            4 - \Device\NPF_{166A618C-4230-42E7-93AD-298D1145F5BC}
            5 - \Device\NPF_{BE987C8D-D523-49B8-8B95-DDDBAA46EB3F}

    Choose an interface [0 to quit]: 2
    Listening on: \Device\NPF_{5BE055D9-461D-4F51-99DD-188224D1A6D0}
    Connection attempt 10.0.2.15 -> 192.168.254.254
    Connection attempt 10.0.2.15 -> 192.168.254.254
    Connection attempt 10.0.2.15 -> 192.168.254.254
    Connection attempt 10.0.2.15 -> 192.168.254.254
    Connection attempt 10.0.2.15 -> 192.168.254.254
    Connection attempt 10.0.2.15 -> 209.85.227.106
    Connection attempt 10.0.2.15 -> 209.85.227.104
    Connection attempt 10.0.2.15 -> 209.85.227.104
    Connection attempt 10.0.2.15 -> 209.85.227.104
    Connection attempt 10.0.2.15 -> 209.85.227.100
    ^C

Below is the source code to the script. Enjoy!

Updates

• A newer version of Impacket is hosted at Google Code, so I built a new installer. The previous version of the installer, based on the version of Impacket found in the Core Security webpage, is still available here: Impacket-0.9.6.0.win32.exe

Download

connections.py

Source code

#!/usr/bin/env python

# Copyright (c) 2009-2010, Mario Vilas
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#
#     * Redistributions of source code must retain the above copyright notice,
#       this list of conditions and the following disclaimer.
#     * Redistributions in binary form must reproduce the above copyright
#       notice,this list of conditions and the following disclaimer in the
#       documentation and/or other materials provided with the distribution.
#     * Neither the name of the copyright holder nor the names of its
#       contributors may be used to endorse or promote products derived from
#       this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

from pcapy import findalldevs, open_live
from impacket import ImpactDecoder, ImpactPacket

def get_interface():

    # Get the list of interfaces we can listen on
    ifs = findalldevs()

    # No interfaces found
    if len(ifs) == 0:
        raise RuntimeError, "Error: no available network interfaces, or you don't have enough permissions on this system."

    # A single interface was found
    if len(ifs) == 1:
        interface = ifs[0]

    # Multiple interfaces found
    else:
        print "Available network interfaces:"
        for i in xrange(len(ifs)):
            print '\t%i - %s' % (i + 1, ifs[i])
        print
        while 1:
            choice = raw_input("Choose an interface [0 to quit]: ")
            try:
                i = int(choice)
                if i == 0:
                    interface = None
                    break
                interface = ifs[i-1]
                break
            except Exception:
                pass

    # Return the selected interface
    return interface

def sniff(interface):
    print "Listening on: %s" % interface

    # Open a live capture
    reader = open_live(interface, 1500, 0, 100)

    # Set a filter to be notified only for TCP packets
    reader.setfilter('ip proto \\tcp')

    # Run the packet capture loop
    reader.loop(0, callback)

def callback(hdr, data):

    # Parse the Ethernet packet
    decoder = ImpactDecoder.EthDecoder()
    ether = decoder.decode(data)

    # Parse the IP packet inside the Ethernet packet
    iphdr = ether.child()

    # Parse the TCP packet inside the IP packet
    tcphdr = iphdr.child()

    # Only process SYN packets
    if tcphdr.get_SYN() and not tcphdr.get_ACK():

        # Get the source and destination IP addresses
        src_ip = iphdr.get_ip_src()
        dst_ip = iphdr.get_ip_dst()

        # Print the results
        print "Connection attempt %s -> %s" % (src_ip, dst_ip)

def main():
    interface = get_interface()
    if interface:
        sniff(interface)

if __name__ == "__main__":
    main()

Hello everyone. Today we have a quick script I just coded to access the Pastebin.com API from Python. It can be imported like a module or run as a command line script, and the interface is really simple (just one function!). The command line interface allows you to upload files. Enjoy!

Edit: Also see this post on how to use this script to send files anonymously to Pastebin.

Updated 28-Jun-2011: small changes made
Updated 27-Jan-2012: fixed bug in paste_expire_date, added Epydoc documentation
Updated 28-Jan-2012: removed paste_subdomain, feature seems to have been deprecated

Download

pastebin.py

Source code

#!/usr/bin/env python

# Copyright (c) 2009-2012, Mario Vilas
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#
#     * Redistributions of source code must retain the above copyright notice,
#       this list of conditions and the following disclaimer.
#     * Redistributions in binary form must reproduce the above copyright
#       notice,this list of conditions and the following disclaimer in the
#       documentation and/or other materials provided with the distribution.
#     * Neither the name of the copyright holder nor the names of its
#       contributors may be used to endorse or promote products derived from
#       this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

"""
Unofficial pastebin.com API for Python
by Mario Vilas (mvilas at gmail dot com)

Unlike the official API, this one doesn't require an API key.

U{http://breakingcode.wordpress.com/2012/01/27/pasting-anonymously-to-pastebin-com/}

U{http://breakingcode.wordpress.com/2010/03/06/using-the-pastebin-api-with-python/}

Usage examples::
    >>> from pastebin import submit
    >>>
    >>> # Submit a simple text message.
    ... url = submit("This is a test message.")
    >>> print url
    http://pastebin.com/G4YWsB1a
    >>>
    >>> # Submit a simple "hello world" code in Python.
    ... # Paste expires in 10 minutes.
    ... url = submit("print \"Hello world!\"",
    ...               paste_format="python",
    ...               paste_expire_date="10M")
    >>> print url
    http://pastebin.com/rKEVDWHP
    >>>
    >>> # Submit Apache's logs as a private paste.
    ... # Give the paste a title.
    ... url = submit(open('/var/log/apache/access.log', 'r').read(),
    ...              paste_format="apache",
    ...              paste_private=True,
    ...              paste_name="My Apache access logs")
    >>> print url
    http://pastebin.com/kfepMRLh
    >>>
"""

__all__ = ['submit', 'Pastebin', 'PastebinError']

import urllib

class PastebinError(RuntimeError):
    """
    Pastebin API error.

    The error message returned by the web application is stored as the Python
    exception message.
    """

class Pastebin(object):
    """
    Unofficial python interface to the Pastebin legacy API.

    Unlike the official API, this one doesn't require an API key, so it's
    virtually anonymous.

    @warn: To be B{completely} anonymous you'll have to hide your IP address as
        well, either by using an HTTP proxy or the Tor network.

        To use an HTTP proxy, set the HTTP_PROXY environment variable as per
        the documentation of the Python standard C{urllib} module:
        U{http://docs.python.org/library/urllib.html}

        To go through the Tor network, consult the following Wiki document:
        U{https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO}

    @type paste_expire_date: tuple(str)
    @cvar paste_expire_date: Valid C{paste_expire_date} values, see L{submit}.

    @type paste_format: tuple(str)
    @cvar paste_format: Valid C{parse_format} values, see L{submit}.
    """

    # Base domain name
    _base_domain = 'pastebin.com'

    # Valid Pastebin URLs begin with this string
    _prefix_url = 'http://%s/' % _base_domain

    # Valid Pastebin URLs with a custom subdomain begin with this string
    _subdomain_url = 'http://%%s.%s/' % _base_domain

    # URL to the POST API
    _api_url = 'http://%s/api_public.php' % _base_domain

    # Valid paste_expire_date values
    paste_expire_date = ('N', '10M', '1H', '1D', '1M')

    # Valid parse_format values
    paste_format = (
        '4cs',              # 4CS
        '6502acme',         # 6502 ACME Cross Assembler
        '6502kickass',      # 6502 Kick Assembler
        '6502tasm',         # 6502 TASM/64TASS
        'abap',             # ABAP
        'actionscript',     # ActionScript
        'actionscript3',    # ActionScript 3
        'ada',              # Ada
        'algol68',          # ALGOL 68
        'apache',           # Apache Log
        'applescript',      # AppleScript
        'apt_sources',      # APT Sources
        'asm',              # ASM (NASM)
        'asp',              # ASP
        'autoconf',         # autoconf
        'autohotkey',       # Autohotkey
        'autoit',           # AutoIt
        'avisynth',         # Avisynth
        'awk',              # Awk
        'bascomavr',        # BASCOM AVR
        'bash',             # Bash
        'basic4gl',         # Basic4GL
        'bibtex',           # BibTeX
        'blitzbasic',       # Blitz Basic
        'bnf',              # BNF
        'boo',              # BOO
        'bf',               # BrainFuck
        'c',                # C
        'c_mac',            # C for Macs
        'cil',              # C Intermediate Language
        'csharp',           # C#
        'cpp',              # C++
        'cpp-qt',           # C++ (with QT extensions)
        'c_loadrunner',     # C: Loadrunner
        'caddcl',           # CAD DCL
        'cadlisp',          # CAD Lisp
        'cfdg',             # CFDG
        'chaiscript',       # ChaiScript
        'clojure',          # Clojure
        'klonec',           # Clone C
        'klonecpp',         # Clone C++
        'cmake',            # CMake
        'cobol',            # COBOL
        'coffeescript',     # CoffeeScript
        'cfm',              # ColdFusion
        'css',              # CSS
        'cuesheet',         # Cuesheet
        'd',                # D
        'dcs',              # DCS
        'delphi',           # Delphi
        'oxygene',          # Delphi Prism (Oxygene)
        'diff',             # Diff
        'div',              # DIV
        'dos',              # DOS
        'dot',              # DOT
        'e',                # E
        'ecmascript',       # ECMAScript
        'eiffel',           # Eiffel
        'email',            # Email
        'epc',              # EPC
        'erlang',           # Erlang
        'fsharp',           # F#
        'falcon',           # Falcon
        'fo',               # FO Language
        'f1',               # Formula One
        'fortran',          # Fortran
        'freebasic',        # FreeBasic
        'freeswitch',       # FreeSWITCH
        'gambas',           # GAMBAS
        'gml',              # Game Maker
        'gdb',              # GDB
        'genero',           # Genero
        'genie',            # Genie
        'gettext',          # GetText
        'go',               # Go
        'groovy',           # Groovy
        'gwbasic',          # GwBasic
        'haskell',          # Haskell
        'hicest',           # HicEst
        'hq9plus',          # HQ9 Plus
        'html4strict',      # HTML
        'html5',            # HTML 5
        'icon',             # Icon
        'idl',              # IDL
        'ini',              # INI file
        'inno',             # Inno Script
        'intercal',         # INTERCAL
        'io',               # IO
        'j',                # J
        'java',             # Java
        'java5',            # Java 5
        'javascript',       # JavaScript
        'jquery',           # jQuery
        'kixtart',          # KiXtart
        'latex',            # Latex
        'lb',               # Liberty BASIC
        'lsl2',             # Linden Scripting
        'lisp',             # Lisp
        'llvm',             # LLVM
        'locobasic',        # Loco Basic
        'logtalk',          # Logtalk
        'lolcode',          # LOL Code
        'lotusformulas',    # Lotus Formulas
        'lotusscript',      # Lotus Script
        'lscript',          # LScript
        'lua',              # Lua
        'm68k',             # M68000 Assembler
        'magiksf',          # MagikSF
        'make',             # Make
        'mapbasic',         # MapBasic
        'matlab',           # MatLab
        'mirc',             # mIRC
        'mmix',             # MIX Assembler
        'modula2',          # Modula 2
        'modula3',          # Modula 3
        '68000devpac',      # Motorola 68000 HiSoft Dev
        'mpasm',            # MPASM
        'mxml',             # MXML
        'mysql',            # MySQL
        'newlisp',          # newLISP
        'text',             # None
        'nsis',             # NullSoft Installer
        'oberon2',          # Oberon 2
        'objeck',           # Objeck Programming Langua
        'objc',             # Objective C
        'ocaml-brief',      # OCalm Brief
        'ocaml',            # OCaml
        'pf',               # OpenBSD PACKET FILTER
        'glsl',             # OpenGL Shading
        'oobas',            # Openoffice BASIC
        'oracle11',         # Oracle 11
        'oracle8',          # Oracle 8
        'oz',               # Oz
        'pascal',           # Pascal
        'pawn',             # PAWN
        'pcre',             # PCRE
        'per',              # Per
        'perl',             # Perl
        'perl6',            # Perl 6
        'php',              # PHP
        'php-brief',        # PHP Brief
        'pic16',            # Pic 16
        'pike',             # Pike
        'pixelbender',      # Pixel Bender
        'plsql',            # PL/SQL
        'postgresql',       # PostgreSQL
        'povray',           # POV-Ray
        'powershell',       # Power Shell
        'powerbuilder',     # PowerBuilder
        'proftpd',          # ProFTPd
        'progress',         # Progress
        'prolog',           # Prolog
        'properties',       # Properties
        'providex',         # ProvideX
        'purebasic',        # PureBasic
        'pycon',            # PyCon
        'python',           # Python
        'q',                # q/kdb+
        'qbasic',           # QBasic
        'rsplus',           # R
        'rails',            # Rails
        'rebol',            # REBOL
        'reg',              # REG
        'robots',           # Robots
        'rpmspec',          # RPM Spec
        'ruby',             # Ruby
        'gnuplot',          # Ruby Gnuplot
        'sas',              # SAS
        'scala',            # Scala
        'scheme',           # Scheme
        'scilab',           # Scilab
        'sdlbasic',         # SdlBasic
        'smalltalk',        # Smalltalk
        'smarty',           # Smarty
        'sql',              # SQL
        'systemverilog',    # SystemVerilog
        'tsql',             # T-SQL
        'tcl',              # TCL
        'teraterm',         # Tera Term
        'thinbasic',        # thinBasic
        'typoscript',       # TypoScript
        'unicon',           # Unicon
        'uscript',          # UnrealScript
        'vala',             # Vala
        'vbnet',            # VB.NET
        'verilog',          # VeriLog
        'vhdl',             # VHDL
        'vim',              # VIM
        'visualprolog',     # Visual Pro Log
        'vb',               # VisualBasic
        'visualfoxpro',     # VisualFoxPro
        'whitespace',       # WhiteSpace
        'whois',            # WHOIS
        'winbatch',         # Winbatch
        'xbasic',           # XBasic
        'xml',              # XML
        'xorg_conf',        # Xorg Config
        'xpp',              # XPP
        'yaml',             # YAML
        'z80',              # Z80 Assembler
        'zxbasic',          # ZXBasic
    )

    @classmethod
    def submit(cls, paste_code,
                paste_name = None, paste_private = None,
                paste_expire_date = None, paste_format = None):
        """
        Submit a code snippet to Pastebin.

        @type  paste_code: str
        @param paste_code: Code or text to send to U{http://pastebin.com}.

        @type  paste_name: str
        @param paste_name: (Optional) Name of the author of the paste.
            Default is to paste anonymously.

        @type  paste_private: bool
        @param paste_private: (Optional) C{True} if the paste is private (only
            visible with the link), C{False} if it's public (indexed and
            searchable). The Pastebin FAQ (U{http://pastebin.com/faq}) claims
            private pastes are not indexed by search engines (aka Google).

        @type  paste_expire_date: str
        @param paste_expire_date: (Optional) Expiration date for the paste.
            Once past this date the paste is deleted automatically. Valid
            values are found in the L{Pastebin.paste_expire_date} class member.
            If not provided, the paste never expires.

        @type  paste_format: str
        @param paste_format: (Optional) Programming language of the code being
            pasted. This enables syntax highlighting when reading the code in
            U{http://pastebin.com}. Default is no syntax highlighting (text is
            just text and not source code).

        @rtype:  str
        @return: Returns the URL to the newly created paste.

        @raise PastebinError: The Pastebin API has returned an error message.

        @raise IOError: An error occurred when contacting the Pastebin web
            application. This is typically caused by network errors.
        """

        # Code snippet to submit
        argv = { 'paste_code' : str(paste_code) }

        # Name of the poster
        if paste_name is not None:
            argv['paste_name'] = str(paste_name)

        # Is the snippet private?
        if paste_private is not None:
            argv['paste_private'] = int(bool(int(paste_private)))

        # Expiration for the snippet
        if paste_expire_date is not None:
            paste_expire_date = str(paste_expire_date).strip().upper()
            argv['paste_expire_date'] = paste_expire_date

        # Syntax highlighting
        if paste_format is not None:
            paste_format = str(paste_format).strip().lower()
            argv['paste_format'] = paste_format

        # Make the request to the Pastebin API
        fd = urllib.urlopen(cls._api_url, urllib.urlencode(argv))
        try:
            response = fd.read()
        finally:
            fd.close()
        del fd

        # Return the new snippet URL on success, raise exception on error
        if not response.startswith(cls._prefix_url):
            raise PastebinError(response)
        return response

# Simple interface.
submit = Pastebin.submit

if __name__ == "__main__":
    import sys
    import optparse

    # Build the command line parser
    parser = optparse.OptionParser(usage = '%prog <file> [options]')
    parser.add_option("-n", "--name",
                      action="store", type="string", metavar="NAME",
                      help="author of the code to submit")
    parser.add_option("--private",
                      action="store_true",
                      help="the snippet is private")
    parser.add_option("--public",
                      action="store_false", dest="private",
                      help="the snippet is public")
    parser.add_option("-e", "--expire",
                      action="store", type="string", metavar="TIME",
                      help="expiration time: N (never), 10M (10 minutes), 1H (1 hour), 1D (1 day), 1M (1 month)")
    parser.add_option("-f", "--format", "--syntax", "--highlight",
                      action="store", type="string", metavar="FORMAT", dest="format",
                      help="syntax highlighting, use one of the following: " + \
                           ', '.join(Pastebin.paste_format))

    # Parse the command line and submit each snippet
    options, args = parser.parse_args(sys.argv)
    args = args[1:]
    if not args:
        parser.print_help()
    for filename in args:
        data = open(filename, 'rb').read()
        url = Pastebin.submit(paste_code = data,
                              paste_name = options.name,
                              paste_private = options.private,
                              paste_expire_date = options.expire,
                              paste_format = options.format)
        print "%s --> %s" % (filename, url)

What is one-time pad encryption?

Feel free to skip this section if you already know the answer. Especially so you don’t have to suffer my layman’s explanations of cryptography.

To put it simply, a one-time pad cipher is one in which the plaintext (i.e. the original message) is encoded using a completely new, random key each time it’s sent. When properly used (and I hope I have) this system is provably unbreakable. That means the ciphertext (that is, the encoded message) can never be decoded without the proper key – even if the encoding algorithm is very simple, like a bitwise XOR operation on each byte.

There are a few caveats: first of all, the key can never be reused. If you do, the system not only ceases to be unbreakable but it’s also as strong as the encoding algorithm you used. So if you chose XOR encoding and were tempted to use the key twice, you might as well have used a “magic ring” from a cereal box.

The second caveat: the key must be truly random. For this reason need a random generator that can guarantee a certain amount of entropy, for example /dev/random on many Unix systems, to get the one-time pads, instead of the random module, which is only a PRNG (pseudo-random generator). PRNGs can only produce a seemingly random stream of numbers, all derived from a single value (called the seed number) – so it’s “randomness” is just as good as the seed number from which all others are calculated. (This is a useful property in other contexts, like avoiding to have to store the contents of all malformed files produced by a fuzzer in order to reproduce the crashes, but I digress).

The third caveat: the key must never be transmitted over an insecure medium. Sounds pretty much like a no-brainer, I know, but it’s worth mentioning that public key crypto doesn’t suffer from this problem. (Now you know why GPG is so much better than this). Real-life uses of one-time pads include storing the keys in codebooks, which the recipient of the message would carry everywhere. Then the encrypted messages could be safely sent in the clear, say on some radio frequency by a numbers station, until the codebook was used up.

How does this code work?

If you weren’t among the lucky ones who skipped over my ramblings in the previous section you can easily guess by now: we’ll be using a bitwise XOR encoding of each byte of the plaintext against the corresponding byte of the one-time pad to produce the ciphertext. This is how we generate a one-time pad of any given size:

    $ ./otp.py generate test.key -s 1024
    $ ls -l test.key
    -rw-r--r-- 1 user group 1024 2010-02-17 01:23 test.key
    $

The alternative for the lazy is to pass the name of the file we want to encrypt. A one-time pad of the exact same size will be generated. We’ll use the -f flag this time to force overwriting the previous file.

    $ ./otp.py generate test.key conscience.txt -f
    $ ls -l test.key conscience.txt
    -rw-r--r-- 1 user group 3880 2010-02-17 01:22 conscience.txt
    -rw-r--r-- 1 user group 3880 2010-02-17 01:24 test.key
    $

And to satisfy all audiences, there’s also an option for the paranoid: the -p flag uses /dev/random for maximum security instead of the much faster /dev/urandom. It does take considerably longer to generate even small one-time pads, that’s why this option is disabled by default.

    $ ./otp.py generate test.key conscience.txt -f -p
    $ ls -l test.key conscience.txt
    -rw-r--r-- 1 user group 3880 2010-02-17 01:22 conscience.txt
    -rw-r--r-- 1 user group 3880 2010-02-17 01:38 test.key
    $

Now that we have our one-time pad we can encrypt the message:

    $ ./otp.py encrypt conscience.txt test.key conscience.crypto
    $ ls -l conscience.*
    -rw-r--r-- 1 user group 3880 2010-02-17 01:38 conscience.crypto
    -rw-r--r-- 1 user group 3880 2010-02-17 01:22 conscience.txt
    $

Both files are the same size but have different contents. Since it’s no longer ASCII trying to cat the file only renders a bunch of garbage in the terminal. Finally, this is how you decrypt it:

    $ ./otp.py decrypt conscience.crypto test.key conscience2.txt
    $ ls -l conscience*
    -rw-r--r-- 1 user group 3880 2010-02-17 01:38 conscience2.txt
    -rw-r--r-- 1 user group 3880 2010-02-17 01:38 conscience.crypto
    -rw-r--r-- 1 user group 3880 2010-02-17 01:22 conscience.txt
    $ cmp conscience.txt conscience2.txt
    $

After decryption, conscience2.txt is identical to the original file and contains the familiar text of The Conscience of a Hacker.

As always, the code is available for download below. Enjoy!

Updates

• 24-Jul-2011: Small update to the command like parsing and the documentation.

Download

otp.py

Source code

#!/usr/bin/env python

# One-time pad example in Python
# Copyright (c) 2009-2011, Mario Vilas
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#
#     * Redistributions of source code must retain the above copyright notice,
#       this list of conditions and the following disclaimer.
#     * Redistributions in binary form must reproduce the above copyright
#       notice,this list of conditions and the following disclaimer in the
#       documentation and/or other materials provided with the distribution.
#     * Neither the name of the copyright holder nor the names of its
#       contributors may be used to endorse or promote products derived from
#       this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

from __future__ import with_statement

import sys
import os.path
import optparse

try:
    import psyco
    from psyco.classes import *
except ImportError:
    pass

class OneTimePad(object):
    """
This is a simple one-time pad cipher implementation in Python.
For more information on one-time pads:

http://en.wikipedia.org/wiki/One-time_pad

A word of warning: while I made my best effort to avoid programming mistakes
and one time pads are not that hard to implement, I'm not a cryptographer. So
until a proper cryptographer can validate this code, use it at your own risk!

It's best to use /dev/random here, instead of the "random" module. The reason
for that is that the random module doesn't truly provide random numbers, but
pseudo-random numbers that are calculated from a seed number. So the entire
amount of information contained in a stream of pseudo-random numbers fits
into the seed number... using this would be no more secure than just picking
a single number, defeating the whole purpose of using a one-time pad.

It's also not a good idea to limit /dev/random to printable characters only,
so if the user wants printable files we'll have to proceed as usual and later
encode the results.

One-time pad generation only works on Unix systems, but it should be possible
to port it to Windows by deriving this class and reimplementing the check_dev()
and random() methods to use Win32 crypto API. Encryption and decryption should
work in all platforms.
    """

    # Buffer size for file access
    block_size = 65536

    # Paranoid mode (use /dev/random instead of the faster /dev/urandom)
    paranoid = False

    # Placeholder for random generator device (open file)
    dev = None

    # Check for the presence of the required random generator device
    def check_dev(self):
        if self.paranoid:
            return os.path.exists('/dev/random')
        return os.path.exists('/dev/urandom')

    # Generate a string of random bytes
    def random(self, size):
        if not self.dev:
            if self.paranoid:
                self.dev = open('/dev/random', 'r')
            else:
                self.dev = open('/dev/urandom', 'r')
        return self.dev.read(size)

    # Get the size of an open file
    def filesize(self, fd):
        fd.seek(0,2)
        n = fd.tell()
        fd.seek(0,0)
        return n

    # Generate a random one-time pad
    def generate(self, padfile, total_size):
        random = self.random
        block_size = self.block_size
        while total_size > 0:
            block = random( min(block_size, total_size) )
            padfile.write(block)
            total_size = total_size - len(block)

    # Encrypt or decrypt a file using a one-time pad
    def cipher(self, infile, outfile, padfile):
        block_size = self.block_size
        while 1:
            data = infile.read(block_size)
            if not data:
                break
            pad = padfile.read(len(data))
            encoded = ''.join([ chr(ord(a) ^ ord(b)) for a, b in zip(data, pad) ])
            outfile.write(encoded)

    # Main function (most of it is command line parsing stuff)
    def run(self):

        # Define a command line parser
        banner = (
            "One-time pad example in Python\n"
            "by Mario Vilas (mvilas at gmail dot com)\n"
            "http://breakingcode.wordpress.com/"
                        "2010/02/17/one-time-pad-encryption-in-python\n"
        )
        usage = (
            "\n\n"
            "Create a one-time pad:\n"
            "    ./%prog generate -k example.key -s size\n"
            "    ./%prog generate -k example.key -t example.txt\n"
            "Encrypt a file:\n"
            "    ./%prog encrypt -t example.txt -k example.key -c example.cipher\n"
            "Decrypt a file:\n"
            "    ./%prog decrypt -c example.cipher -k example.key -t example.txt"
        )
        formatter = MyHelpFormatter(banner, max_help_position=26)
        parser = optparse.OptionParser(usage=usage, formatter=formatter)
        parser.add_option("-t", "--text", action="store", type="string",
                          metavar="FILE", help="plaintext filename")
        parser.add_option("-c", "--cipher", action="store", type="string",
                          metavar="FILE", help="ciphertext filename")
        parser.add_option("-k", "--key", action="store", type="string",
                          metavar="FILE", help="one-time pad filename")
        parser.add_option("-s", "--size", action="store", type="int",
                          metavar="NUM", help="one-time pad size in bytes")
        parser.add_option("-f", "--force", action="store_true", default=False,
                          help="force overwriting of any output files")
        parser.add_option("-p", "--paranoid", action="store_true", default=False,
                          help="use /dev/random instead of /dev/urandom (slower!)")

        # Parse the command line
        args = list(sys.argv)
        if len(args) == 1:
            args = args + [ '--help' ]
        options, args = parser.parse_args(args)

        # Set paranoid mode if requested
        self.paranoid = options.paranoid

        # Check command is present
        if len(args) < 2:
            parser.error("missing command")
        command = args[1].strip().lower()[0:1]
        if not command:
            parser.error("missing command")

        # If more parameters are present, try to guess what they are
        if len(args) > 2:
            p = 2
            try:
                if command == 'g':
                    # g key size
                    # g key text
                    if not options.key:
                        options.key = args[p]
                        p = p + 1
                    try:
                        options.size = int(args[p])
                        p = p + 1
                    except ValueError:
                        options.text = args[p]
                        p = p + 1
                elif command == 'e':
                    # e text key cipher
                    if not options.text:
                        options.text = args[p]
                        p = p + 1
                    if not options.key:
                        options.key = args[p]
                        p = p + 1
                    if not options.cipher:
                        options.cipher = args[p]
                        p = p + 1
                elif command == 'd':
                    # d cipher key text
                    if not options.cipher:
                        options.cipher = args[p]
                        p = p + 1
                    if not options.key:
                        options.key = args[p]
                        p = p + 1
                    if not options.text:
                        options.text = args[p]
                        p = p + 1
                else:
                    parser.error("too many arguments")
            except IndexError:
                pass
            if p < len(args):
                parser.error("too many arguments")

        # The one-time pad filename is always required
        if not options.key:
            parser.error("missing one-time pad filename")

        # Plaintext and ciphertext files are required for "decrypt" and "encrypt"
        if command in ('d', 'e'):
            if not options.text:
                parser.error("missing plaintext filename")
            if not options.cipher:
                parser.error("missing ciphertext filename")

        # Generate a one-time pad file
        if command == 'g':
            if options.cipher:
                parser.error("unused argument: ciphertext filename")
            if not self.check_dev():
                parser.error("random generator not available")
            if not options.force and os.path.exists(options.key):
                parser.error("file already exists: %s" % options.key)
            if options.text:
                if not os.path.exists(options.text):
                    parser.error("can't find file: %s" % options.text)
                with open(options.text, 'r') as textfile:
                    size = self.filesize(textfile)
            elif options.size:
                size = options.size
            else:
                parser.error("either plaintext file or one-time pad size is required")
            with open(options.key, 'w') as padfile:
                self.generate(padfile, size)

        # Encrypt a file using a one-time pad
        elif command == 'e':
            if not os.path.exists(options.key):
                parser.error("can't find file: %s" % options.key)
            if not os.path.exists(options.text):
                parser.error("can't find file: %s" % options.text)
            if not options.force and os.path.exists(options.cipher):
                parser.error("file already exists: %s" % options.cipher)
            with open(options.key, 'r') as padfile:
                with open(options.text, 'r') as textfile:
                    if self.filesize(textfile) > self.filesize(padfile):
                        raise RuntimeError("Not enough bytes in the one-time pad for this file!")
                    with open(options.cipher, 'w') as cipherfile:
                        self.cipher(textfile, cipherfile, padfile)

        # Decrypt a file using a one-time pad
        elif command == 'd':
            if not os.path.exists(options.key):
                parser.error("can't find file: %s" % options.key)
            if not os.path.exists(options.cipher):
                parser.error("can't find file: %s" % options.cipher)
            if not options.force and os.path.exists(options.text):
                parser.error("file already exists: %s" % options.text)
            with open(options.key, 'r') as padfile:
                with open(options.cipher, 'r') as cipherfile:
                    if self.filesize(cipherfile) > self.filesize(padfile):
                        raise RuntimeError("Not enough bytes in the one-time pad for this file!")
                    with open(options.text, 'w') as textfile:
                        self.cipher(cipherfile, textfile, padfile)

        # Unknown command
        else:
            parser.error("unknown command: %s" % args[1])

# Just a small tweak to optparse to be able to print a banner.
# (Why is there an epilog but no prolog in optparse?)
class MyHelpFormatter(optparse.IndentedHelpFormatter):
    def __init__(self, banner, *argv, **argd):
        self.banner = banner
        optparse.IndentedHelpFormatter.__init__(self, *argv, **argd)
    def format_usage(self, usage):
        msg = optparse.IndentedHelpFormatter.format_usage(self, usage)
        return '%s\n%s' % (self.banner, msg)

# Run from the command line, try to use Psyco for acceleration
if __name__ == "__main__":
    try:
        psyco.full()
    except NameError:
        pass
    OneTimePad().run()