By now, you should be familiar with the way basic classes work in Python. If classes were just what you've seen, they'd be fairly rigid and not all that useful.
Thankfully, classes are much more than just that. They are designed to be much more adaptable and can take in information to shape the way they look initially. Not every car starts off exactly the same, and neither should classes. After all, how awful would it be if every car was an orange 71' Ford Pinto? That's not a good situation.
Writing A Class
Start off by setting up a class like the one in the last guide. This class will evolve over the course of this guide. It will move from being a rigid, photocopy-like, situation to a template that can generate multiple unique objects within the outline of the class.
Write the first line of the class, defining it as a class and naming it. This guide is going to stick with the car analogy from before. Don't forget to pass your class object so that it extends the base object class.
Classes are the cornerstone of Object Oriented Programming. They are the blueprints used to create objects. And, as the name suggests, all of Object Oriented Programming centers around the use of objects to build programs.
You don't write objects, not really. They are created, or instantiated, in a program using a class as their basis. So, you design objects by writing classes. That means that the most important part of understanding Object Oriented Programming is understanding what classes are and how they work.
There are web forms all over the Internet. Even sites that don't usually allow regular users to log in probably have an admin area. It's important when running and deploying a site to make sure that the passwords gating access to sensitive controls and admin panels are as secure as possible.
There are different ways to attack a web application, but this guide is going to cover using Hydra to perform a brute force attack on a log in form. The target platform of choice is WordPress. It is easily the most popular CMS platform in the world, and it is also notorious for being managed poorly.
Remember, this guide is intended to help you protect your WordPress or other website. Use on a site that you don't own or have written permission to test is illegal.
Hail Hydra! Okay, so we're not talking about the Marvel villains here, but we are talking about a tool that can definitely do some damage. Hydra is a popular tool for launching brute force attacks on login credentials.
Hydra has options for attacking logins on a variety of different protocols, but in this instance, you will learn about testing the strength of your SSH passwords. SSH is present on any Linux or Unix server and is usually the primary way admins use to access and manage their systems. Sure, cPanel is a thing, but SSH is still there even when cPanel is being used.
This guide makes use of wordlists to provide Hydra with passwords to test. If you aren't familiar with wordlists yet, go check out our Crunch guide.
Warning: Hydra is a tool for attacking. Only use it on your own systems and networks unless you have the written permission of the owner. Otherwise, it is illegal.
Wordlists are a key part of brute force password attacks. For those readers that aren't familiar, a brute force password attack is an attack in which an attacker uses a script to repeatedly attempt to log into an account until they receive a positive result. Brute force attacks are fairly overt and can cause a properly configured server to lock out an attacker or their IP.
This is the point of testing the security of log in systems this way. Your server should ban attackers that attempt these attacks, and should report the increased traffic. On the user end, passwords should be more secure. It's important to understand how the attack is carried out to create and enforce a strong password policy.
Kali Linux comes with a powerful tool for creating wordlists of any length. It's a simple command line utility called Crunch. It has simple syntax and can easily be adjusted to suit your needs. Beware, though, these lists can be very large and can easily fill an entire hard drive.