Professional Documents
Culture Documents
"Praktikum Lab Scanning" (Scanning Modul CEH V9)
"Praktikum Lab Scanning" (Scanning Modul CEH V9)
"Praktikum Lab Scanning" (Scanning Modul CEH V9)
Disusun untuk memenuhi tugas Mata Kuliah Ethical Hacking and Penetration Testing
Dosen Pengampu: Dr. Johannes Harungguan Sianipar, S.T., M.T.
Instruktur: Albert Kelvin Hutapea, S.Kom.
Disusun Oleh:
Kelompok 7 (Ganjil)
1|Page
Bab 1 Scanning the Network using the Colasoft Packet Builder
2|Page
3. On completing the installation, launch the Colasoft Packet Builder 2.0 application. The
Colasoft Packet Builder GUI appears as shown in the screenshot:
5. When the Select Adapter window appears, check the Adapter settings, and click OK.
3|Page
7. In the Add Packet dialog box, select ARP Packet template, set Delta time the packet listing
to activate as 0.1 second, and click OK.
8. You can view the added packets list on the right-hand side of the window, under Packet List.
9. Colasoft Packet Builder allows you to edit the decoding information in the two editors:
Decode Editor and Hex Editor, located in the left pane of the window
10. The Decode Editor section allows you to edit the packet decoding information by double-
clicking the item you want to decode
11. The Hex Editor displays the actual packet contents in raw hexadecimal value on the left and
its ASCII eguivalent on the right.
4|Page
12. To send all packets at once, click Send All from the menu bar.
13. In the Send All Packets window, check the Burst Mode option and then click Start.
5|Page
14. Close the window
15. Now, when this ARP packet is broadcasted in the network, the active machines receive the
packet and a few among them start responding with an ARP reply. To observe which
6|Page
machine is responding to the ARP packet, you also need to run a packet-monitoring
application such as Wireshark or Colasoft Packet Capture simultancously. These
applications log all the packets being transmitted on the network.
16. To export the packets sent from the file menu, click Export → All Packets....
17. In thc Save As window, select a destination folder in the Save in ficld, specify the File
name and Save as type, and dick Save.
7|Page
18. This saved file can be used for future reference.
19. The file will be saved in our storage directory
8|Page
Bab 3 Basic Network Troublesshooting using MegaPing
1. Follow the wizard-driven installation steps to install Mega Ping
9|Page
3. The about MegaPing pop-up appears.Wait until I Agree button appears,and then click the
button.
4. MegaPing(Unregistered) GUI appears displaying the System Info as shown in the following
screenshoot:
10 | P a g e
5. Select any of the options from the left pane of the window.
6. For instance, select IP scanner,specify the IP range in from and to fiels.In this lab the IP
range is 10.10.10.1 to 10.10.10.50 .Click Start.
7. MegaPing list down all the IP addreses under the specified target range with their
TTL,Status(dead or alive) and statistics of the dead and alive hosts.
11 | P a g e
9. In this lab,the IP address of Windows server 10.10.10.12 is selected.This IP address may
vary in your lab environment.
10. MegaPing redirects you to Treceroute section,displaying the number of hops taken by the
host machine to reach the Windows Server virtual machine
12 | P a g e
12. Enter the IP address of Windows Server 10.10.10.12 machine under Destination Address List
section and click Add.The IP address litened below might very in your lab environment.
13. Check the IP address and click the start button to start listening to the traffic on 10.10.10.12
14. Megaping lists the ports associated with Windows Server 2012, along with the port
Type,Keyword,Risk,and Description as shown in the following screenshoot:
13 | P a g e
((((Dilanjutkan ke halaman selanjutnya))))
14 | P a g e
Bab 5 Scanning a Network using NetScanTools Pro
NetScanTools Pro is an integrated collection of internet information gathering and network
troubleshooting utilities for Network Professionals.
1. Download NetScanTools Pro at www.netscantools.com
2. Perform the installation as usual, by clicking the "Next" button
15 | P a g e
4. Next on the "Reminder" page click the "Start the Demo" button.
16 | P a g e
6. The main page of NetScanTools Pro will be displayed.
17 | P a g e
9. When the OK button is clicked, it will be redirected to the following page. Do as shown in
the following image, which can be seen the results obtained from the ARP Ping against the
target 192.168.100.1.
18 | P a g e
10. For other manual tools, do the same as when the ARP Ping tool.
11. The results obtained from each manual tool:
a. ARP Scan (MAC Scan)
19 | P a g e
c. Ping Scanner
It will automatically open the browser and display the following page:
Note: The result might vary in your lab environment
20 | P a g e
d. Port Scanner
21 | P a g e
Bab 7 Checking for Live System using Angry IP Scanner
1. Install the Angry IP Scanner 3.5.2 setup appears as shown in the screeshoot. Clik Next to
proceed with the installation.
2. Choose Install Location window appears, check the install path and click Install as shown
in the screenshot.
22 | P a g e
3. After the installation, Completing the Angry IP Scanner 3.5.2 Setup window appears. Tick
the Run Angry IP Scanner 3.5.2 checkbox and click Finish as shown in the screenshot.
4. Angry IP Scanner starts and a Getting Started window pops up as shown in the screenhot.
Clik Close.
23 | P a g e
5. In the IP Range ficlds, input the IP range as 10.10.10.0 to 10.10.10.255 as shown in the
screenshot.
6. Click the Preferences icon beside the IP Range menu as shown in the screenshot. Note: IP
Addresses may differ in your lab environment.
7. Preferences window pops up. In the Scanning tab, under Pinging section, select the pinging
method as Combined UDP+TCP as shown in the screenshot.
8. Now, switch to the Ports tab and under the Port selection section, enter the range as 1-1000.
24 | P a g e
9. Now, switch to the Display tab and under Display in the results list section select the Alive
hosts (responding to ping) only radio button as shown in the screenshot. Click OK.
25 | P a g e
10. Click the Start button to start scanning the IP range you entered.
11. Angry IP Scanner starts scanning the IP range and starts to list out the alive hosts found.
Check the progress bar on the bottom-right corner to see the progress of the scanning.
Note: IP Addresses may differ in your lab environment. It can take the
application up to 20 minutes approximately.
26 | P a g e
12. Upon finishing, a Scan Statistics window pops up. Note the total number of hosts alive and
click Close.
13. You can see all the IPs with their hostnames and open ports listed in the main window.
27 | P a g e
14. Double-click any IP. IP address details window pops up showing all the relevant details of
the system as shown in the screenshot.
28 | P a g e
Bab 9 Perform ICMP Probing using Ping/Traceroute for Network Troubleshooting
1. Right-click the Start button in the taskbar and select Command Prompt (Admin) option.
2. A Command Prompt terminal appears, type tracert www.certifiedhacker.com and press
Enter.
3. The system resolves the URL into its IP address and starts to trace the path to the
destination.Here it takes 23 hops for the packet to reach the specified destination as shown in
the screenshot.
4. Type tracert /? And press Enter to show the different options for the command as shown in
the screenshoot.
29 | P a g e
5. Type tracert –h 5 www.certifiedhacker.com and press Enter to perform the trace with only 5
maximum hops allowed.
30 | P a g e
Bab 11 Daisy Chaining using Proxy Workbench
1. Before running this lan,turn off Smart Screen .To do this , Setting → Windows Security →
App & Browser Control → Reputation based protection → Click Off.
3. Follow the installation steps to install Proxy Workbench on all Windows platforms.
31 | P a g e
4. After all installation complete, switch back to the attacker machine and launch the chrome
web browser.
5. Click the Open Menu button at the top-right corner of the browser window, and click
Options.
6. The Options window opens. Scroll down and click Settings.Under the Network Proxy
heading.
32 | P a g e
7. Select the Manual proxy configuration radio button in the Connection Setting Wizard.
8. Type 127.0.0.1 as the HTTP Proxy, enter the port value 8080, and check Use this proxy
server for all protocols.Then click OK.
33 | P a g e
11. The Proxy Workbench welcome pop-up opens.Click OK
12. The Configure Proxy Workbench window opens. Select HTTP Proxy –Web in the left pane
and check HTTP protocol in the right pane.
13. Click Configure HTTP for port 8080
34 | P a g e
14. The HTTP Properties window opens. Click Connect via another proxy.
15. Enter the IP address of the Windows 10 virtual machine in the Proxy server is “10.10.10.10”
field and port number 8080 in the Port field
16. Click Ok
35 | P a g e
22. In Windows Server 2012, type the IP address of the Windows 8 virtual machine (10.10.10.8)
36 | P a g e
30. Swich back to the host machine,launch the Firefox web browser and browse websites such as
https://id.linkedin.com/.
31. Open the Proxy Workbench GUI for more detailed information.Observe that the request is
coming from 192.168.0.17:57830 and going to 192.168.0.17:8080
37 | P a g e
Bab 13 Anonymous Browsing using CyberGhost
1. Install the CyberGhost GUI. Once the installation is complete, the CyberGhost GUI displays
the real location of your server, along with its IP address.
Note: An Upgrade Now window opens with the GUI. Close this window.
The real location traced by CyberGhost may differ in your lab environment.
38 | P a g e
2. Here's what CyberGhost looks like when it's first opened
4. Select a country from the list. In this lab, Germany has been selected. The Choose
country changes to Germany, as shown in the following screenshot:
39 | P a g e
5. Click the Start Anonymous Surfing power button to start CyberGhost.
40 | P a g e
6. CyberGhost attempts to establish a connection to the proxy server located in Germany. On
successfully establishing a connection, the simulated location changes to Germany, and the
IP address changes to that of the server in Frankfurt, as shown in the following screenshot:
41 | P a g e
9. Open a new tab in a web browser, and surf anonymously using this proxy.
42 | P a g e
10. Once you are done browsing, click the Stop Anonymous Surfing button again to disconnect
the proxy. CyberGhost now displays your real location, as shown in the following
screenshot:
43 | P a g e
Bab 15 Drawing Network Diagrams using Network Topology Mapper
Network Topology Mapper discover a network and produces a comprehensive network diagram
that integrates OSI Layer 2 and Layer 3 topology data.
1. 1. Register by registering an email. The hope for the book is to download the “Network
Topology Mapper” application.
2. Launch and log in using the registered email.
3. You will be directed to the following page, then click the checkbox and select “Install”.
44 | P a g e
The installation process is in progress:
Select the radio button No, I would not like to participate, and click OK.
45 | P a g e
Installation is complete. Click Close.
46 | P a g e
The start page of the Network Topology Mapper is displayed. Click New Scan.
5. Next enter New Password and Confirm Password. And click Save.
47 | P a g e
6. In SNMP Credentials, click the private and public checkboxes as shown below, then click
Next.
48 | P a g e
8. In VMWare Credentials, click Next.
49 | P a g e
10. In Discovery Settings, give the scan name Network Topology.
50 | P a g e
12. Will be redirected to Summary page, and click Discover.
51 | P a g e
52 | P a g e
Then click the IP address in the Node Display Options section.
To see detailed Node Properties, right click on a node and select Node Properties, and it
will show:
53 | P a g e
Then, right-click again on the node and select Integration with Windows Tools > Remote
Desktop.
Then, it will be redirected to a page asking for a password, and will open the targeted
machine.
54 | P a g e