+- nixers (https://nixers.net)
+-- Forum: Development & Graphics (https://nixers.net/Forum-Development-Graphics)
+--- Forum: Programming On Unix (https://nixers.net/Forum-Programming-On-Unix)
+--- Thread: [python] xmpppy (/Thread-python-xmpppy)
[python] xmpppy - sodaphish - 30-06-2014
Anyone familiar with the xmpppy python lib? Looking to be able to pull server-side info from a server using a custom-written xmpppy client lib. Was wondering if anyone was aware of such a beast already in existence or if anyone would be interested in collaborating on such a thing.
RE: [python] xmpppy - venam - 01-07-2014
Why use xmpp to just "pull" server-side info? Aren't there better solutions for your problem?
RE: [python] xmpppy - sodaphish - 01-07-2014
because the server in question is an xmpp server AND I don't know what domain it serves, or anything else relevant about it. Think of it a means to reverse-engineer an xmpp server with a virtually zero-knowledge starting point.
i.e. I'm doing a pentest for a client and they run an xmpp/jabber server but its a "double-blind" pentest so I was given a list of IP addresses and a redacted "get-out-of-jail-free" card. I trust my upstream contractor, but my guess is that the xmpp server is going to be my most likely point of entry as the other IP's expose very small foot-prints (mostly HTTP and HTTPS.)
Soda
oh, but more to the point, this would be a tool of utility in general, not just in my specific use-case. I make all my testing tools open because I'm trying to improve the craft.
Soda