Professional Documents
Culture Documents
Cyber-Security-Lab-file - 19CS102 (Vishesh)
Cyber-Security-Lab-file - 19CS102 (Vishesh)
Of the degree of
Bachelor of Technology
In
SESSION (2022-2023)
VII Semester
19EEACS101
2
3
EXPERIMENT-1
Objective:
● Caesar Cipher
Description:
To encrypt a message with a Caesar cipher, each letter in the message is changed
using a simple rule: shift by three. Each letter is replaced by the letter three letters
ahead in the alphabet. A becomes D, B becomes E, and so on. For the last letters,
we can think of the alphabet as a circle and "wrap around". W becomes Z, X
becomes A, Y becomes B, and Z becomes C. To change a message, each letter is
replaced by the one three before it.
Algorithm:
Code:
#include <iostream>
#include <bits/stdc++.h>
using namespace std;
int main()
{
char plain[10], cipher[10];
int key, length;
4
for(int i=0,length=strlen(plain);i<length;i++)
{
cipher[i]= plain[i]+key;
if(isupper(plain[i]) && (cipher[i]>'Z'))
{
cipher[i]=cipher[i]-26;
}
if(islower(plain[i]) && (cipher[i]>'z'))
{
cipher[i]=cipher[i]-26;
}
}
cout<<cipher;
return 0;
}
Output:
5
b) Rail fence row & Column Transformation
Description
In the rail fence cipher, the plain text is written downwards and diagonally on
successive "rails" of an imaginary fence, then moving up when we reach the
bottom rail. When we get the top rail, the message is written downwards again
until the whole plaintext is written out. The message is then read off in rows.
Algorithm
- Read the Plain text.
- Arrange the plain text in row columnar matrix format.
- Now read the keyword depending on the number of plain text columns.
- Arrange the characters of the keyword in sorted order and the
corresponding columns of the plain text.
- Read the characters row or column-wise in the former order to get the
cipher text.
Program:
#include<bits/stdc++.h>
using namespace std;
int main()
{
int t,n,m,i,j,k,sum=0;
string s;
cout<<"Enter Plain Text :";
cin>>s;
cout<<"Enter key :";
cin>>n;
vector<vector<char>> a(n,vector<char>(s.size(),' '));
j=0;
int flag=0;
for(i=0;i<s.size();i++){
a[j][i] = s[i];
if(j==n-1){
flag=1;
}
else if(j==0)
flag=0;
if(flag==0){
j++;
}
6
else j--;
}
cout<<"Cipher text is :";
for(i=0;i<n;i++){
for(j=0;j<s.size();j++){
if(a[i][j]!=' ')
cout<<a[i][j];
}
}
cout<<'\n';
return 0;
}
Output:
7
EXPERIMENT-2
Objective:
Implement the Diffie-Hellman Key Exchange mechanism using HTML and
JavaScript. Consider the end user as one of the parties (Alice) and the JavaScript
application as another party (bob).
Description:
Diffie–Hellman Key Exchange establishes a shared secret between two parties
that can be used for secret communication for exchanging data over a public
network. It is primarily used as a method of exchanging cryptography keys for use
in symmetric encryption algorithms like AES. The algorithm in itself is very simple.
The process begins by having the two parties, Alice and Bob. Let's assume that
Alice wants to establish a shared secret with Bob.
Algorithm:
STEP-1: Both Alice and Bob share the same public keys g and p.
Code:
#include<bits/stdc++.h>
#include <bits/stdc++.h>
using namespace std;
long long int power(int a, int b, int mod)
{
long long int t;
if(b==1)
{
return a;
}
t = power(a, b/2, mod);
if(b%2==0)
{
return (t*t)%mod;
8
}
return (((t*t)%mod)*a)%mod;
}
a = power(g,x,n);
cout<<"Enter the value of y for Bob: ";
cin>>y;
b= power(g,y,n);
cout<<"Key for Alice is :"<<power(b,x,n)<<'\n';
cout<<"Key for Bob is :"<<power(a,y,n);
return 0;
}
Output:
9
EXPERIMENT-3
Objective: - Implement the following Attack:
a) Dictionary Attack,
Description
The success of a dictionary attack depends on several factors, including the size of
the dictionary, the complexity of the password, and the security measures in place to
protect the system or account. To reduce the risk of a dictionary attack, it's important
to use strong and unique passwords that are not easily guessable, and to implement
security measures such as multi-factor authentication and password expiration
policies.
Brute Force Attack: A brute force attack is a type of password cracking method that
involves trying every possible combination of characters until the correct password is
found. This type of attack is typically used when a attacker has no prior knowledge of
the password and wants to gain unauthorized access to a system or account.
In a brute force attack, the attacker uses automated software to generate and try
every possible combination of characters, including letters, numbers, and symbols,
until the correct password is found. This can be a time-consuming and
resource-intensive process, but the attacker can still potentially gain access if the
password is not strong enough or if the system has no security measures in place to
prevent this type of attack.
To reduce the risk of a brute force attack, it's important to use strong and unique
passwords, to implement security measures such as multi-factor authentication, and
to limit the number of login attempts allowed before locking an account. This makes
it more difficult for an attacker to gain access through a brute force attack, and helps
to protect sensitive information from being compromised.
Code:
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <math.h>
#include<conio.h>
10
typedef union uwb
{
unsigned w;
unsigned char b[4];
} MD5union;
typedef unsigned DigestArray[4];
unsigned func0( unsigned abcd[] ){
return ( abcd[1] & abcd[2]) | (~abcd[1] & abcd[3]);}
unsigned func1( unsigned abcd[] ){
return ( abcd[3] & abcd[1]) | (~abcd[3] & abcd[2]);}
unsigned func2( unsigned abcd[] ){
return abcd[1] ^ abcd[2] ^ abcd[3];}
unsigned func3( unsigned abcd[] ){
return abcd[2] ^ (abcd[1] |~ abcd[3]);}
typedef unsigned (*DgstFctn)(unsigned a[]);
unsigned *calctable( unsigned *k)
{
double s, pwr;
int i;
pwr = pow( 2, 32);
for (i=0; i<64; i++)
{
s = fabs(sin(1+i));
k[i] = (unsigned)( s * pwr );
}
return k;
}
unsigned rol( unsigned r, short N )
{
unsigned mask1 = (1<<N) -1;
return ((r>>(32-N)) & mask1) | ((r<<N) & ~mask1);
}
unsigned *md5( const char *msg, int mlen)
{
static DigestArray h0 = { 0x67452301, 0xEFCDAB89,
0x98BADCFE, 0x10325476 };
static DgstFctn ff[] = { &func0, &func1, &func2, &func3};
static short M[] = { 1, 5, 3, 7 };
static short O[] = { 0, 1, 5, 0 };
static short rot0[] = { 7,12,17,22};
static short rot1[] = { 5, 9,14,20};
static short rot2[] = { 4,11,16,23};
static short rot3[] = { 6,10,15,21};
static short *rots[] = {rot0, rot1, rot2, rot3 };
static unsigned kspace[64];
static unsigned *k;
static DigestArray h;
11
DigestArray abcd;
DgstFctn fctn;
short m, o, g;
unsigned f;
short *rotn;
union
{
unsigned w[16];
char b[64];
}mm;
int os = 0;
int grp, grps, q, p;
unsigned char *msg2;
if (k==NULL) k= calctable(kspace);
for (q=0; q<4; q++) h[q] = h0[q]; // initialize
{
grps = 1 + (mlen+8)/64;
msg2 = malloc( 64*grps);
memcpy( msg2, msg, mlen);
msg2[mlen] = (unsigned char)0x80;
q = mlen + 1;
while (q < 64*grps){ msg2[q] = 0; q++ ; }
{
MD5union u;
u.w = 8*mlen;
q -= 8;
memcpy(msg2+q, &u.w, 4 );
}
}
for (grp=0; grp<grps; grp++)
{
memcpy( mm.b, msg2+os, 64);
for(q=0;q<4;q++) abcd[q] = h[q];
for (p = 0; p<4; p++)
{
fctn = ff[p];
rotn = rots[p];
m = M[p]; o= O[p];
for (q=0; q<16; q++)
{
g = (m*q + o) % 16;
f = abcd[1] + rol( abcd[0]+ fctn(abcd)+k[q+16*p]
+ mm.w[g], rotn[q%4]);
abcd[0] = abcd[3];
abcd[3] = abcd[2];
abcd[2] = abcd[1];
abcd[1] = f;
12
}}
for (p=0; p<4; p++)
h[p] += abcd[p];
os += 64;
}
return h;}
void main() {
int j,k;
const char *msg = "The quick brown fox jumps over the lazy dog";
unsigned *d = md5(msg, strlen(msg));
MD5union u;
printf("\t MD5 ENCRYPTION ALGORITHM IN C \n\n");
printf("Input String to be Encrypted using MD5 :\n\t%s",msg);
printf("\n\nThe MD5 code for input string is: \n");
printf("\t= 0x");
for (j=0;j<4; j++){
u.w = d[j];
for (k=0;k<4;k++) printf("%02x",u.b[k]); }
printf("\n");
printf("\n\t MD5 Encyption Successfully Completed!!!\n\n");
getch();
system("pause");
getch();
}
Output:
13
EXPERIMENT-4
Objective:
Installation of WireShark, tcpdump, etc and observe data transferred in client server
communication using UDP/TCP and identify the UDP/TCP datagram.
Description:
Wireshark is an open-source packet analyser, which is used for education, analysis,
software development, communication protocol development, and network
troubleshooting.
It is used to track the packets so that each one is filtered to meet our specific needs.
It is commonly called as a sniffer, network protocol analyser, and network analyser. It
is also used by network security engineers to examine security problems.
On the network and Internet settings option, we can check the interface connected to
our computer.
If you are Linux users, then you will find Wireshark in its package repositories.
By selecting the current interface, we can get the traffic traversing through that
interface. The version used here is 3.0.3. This version will open as:
14
SCREENSHOTS
There will be detailed information on HTTP packets, TCP packets, etc. The red
button is shown below:
You can also select the connection to which your computer is connected. For
example, in this PC, we have chosen the current network, i.e., the ETHERNET.
15
After connecting, you can watch the traffic below:
There is a filter block below the menu bar, from where a large amount of data can be
filtered. For example, if we apply a filter for HTTP, only the interfaces with the HTTP
will be listed.
16
Steps for the permanent colorization are: click on the 'View' option on the
menu bar and select 'Coloring Rules.' The table will appear like the image
shown below:
17
● Click on the Decryption Keys button on the toolbar:
RESULT:
Thus, Installation of Wire shark, tcpdump, etc and observe data transferred in
client server communication using UDP/TCP and identify the UDP/TCP
datagram was done successfully.
18
EXPERIMENT-5
Description:
Breaking the term rootkit into the two component words, root and kit, is a useful way
to define it. Root is a UNIX/Linux term that's the equivalent of Administrator in
Windows. The word kit denotes programs that allow someone to obtain
root/admin-level access to the computer by executing the programs in the kit — all of
which is done without end-user consent or knowledge.
A rootkit is a type of malicious software that is activated each time your system boots
up. Rootkits are difficult to detect because they are activated before your system's
Operating System has completely booted up. A rootkit often allows the installation of
hidden files, processes, hidden user accounts, and more in the systems OS. Rootkits
are able to intercept data from terminals, network connections, and the keyboard.
Rootkits have two primary functions: remote command/control (back door) and
software eavesdropping. Rootkits allow someone, legitimate or otherwise, to
administratively control a computer. This means executing files, accessing logs,
monitoring user activity, and even changing the computer's configuration. Therefore,
in the strictest sense, even versions of VNC are rootkits. This surprises most people,
as they consider rootkits to be solely malware, but in of themselves they aren't
malicious at all.
The presence of a rootkit on a network was first documented in the early 1990s. At
that time, Sun and Linux operating systems were the primary targets for a hacker
looking to install a rootkit.
Today, rootkits are available for a number of operating systems, including Windows,
and are increasingly difficult to detect on any network.
Steps:
19
STEP-8: Rootkits / Malwares scans the local drives selected.
STEP-9: Autostart displays the registry base Autostart applications.
STEP-10: CMD allows the user to interact with command line utilities or Registry
Screenshots:
20
RESULT:
Thus, the study of installation of Rootkit software and its variety of options were
developed successfully
21
EXPERIMENT-6
Description:
Sniffing traffic using ARP poisoning is a type of network attack that allows an
attacker to intercept and read all the network traffic intended for a target on the
same network. ARP (Address Resolution Protocol) poisoning is a process in which
the attacker sends false ARP messages to map their own MAC address to the IP
address of the target. This makes the attacker's device appear as the target to other
devices on the network, allowing the attacker to intercept and read all the network
traffic intended for the target.
It is important to note that ARP poisoning is illegal in many countries and can result
in criminal charges and severe consequences. Additionally, it can cause harm to
innocent parties by compromising their privacy and security. Instead of performing
this type of attack, it is recommended to focus on learning about network security
and the ethical considerations involved in protecting and respecting the privacy of
others.
Step 1 − Install the VMware workstation and install the Kali Linux operating system.
Step 2 − Login into the Kali Linux using username pass “root, toor”.
Step 3 − Make sure you are connected to local LAN and check the IP address by
typing the command ifconfig in the terminal.
22
Step 4 − Open up the terminal and type “Ettercap –G” to start the graphical version
of Ettercap.
Step 5 − Now click the tab “sniff” in the menu bar and select “unified sniffing” and
click OK to select the interface. We are going to use “eth0” which means Ethernet
connection.
23
Step 6 − Now click the “hosts” tab in the menu bar and click “scan for hosts”. It will
start scanning the whole network for the alive hosts.
Step 7 − Next, click the “hosts” tab and select “hosts list” to see the number of hosts
available in the network. This list also includes the default gateway address. We
have to be careful when we select the targets.
Step 8 − Now we have to choose the targets. In MITM, our target is the host
machine, and the route will be the router address to forward the traffic. In an MITM
attack, the attacker intercepts the network and sniffs the packets. So, we will add
the victim as “target 1” and the router address as “target 2.”
In VMware environment, the default gateway will always end with “2” because “1” is
assigned to the physical machine.
Step 10 − Now click on “MITM” and click “ARP poisoning”. Thereafter, check the
option “Sniff remote connections” and click OK.
24
Step 11 − Click “start” and select “start sniffing”. This will start ARP poisoning in the
network which means we have enabled our network card in “promiscuous mode”
and now the local traffic can be sniffed.
Note − We have allowed only HTTP sniffing with Ettercap, so don’t expect HTTPS
packets to be sniffed with this process.
Step 12 − Now it’s time to see the results; if our victim logged into some websites.
You can see the results in the toolbar of Ettercap.
This is how sniffing works. You must have understood how easy it is to get the
HTTP credentials just by enabling ARP poisoning.
ARP Poisoning has the potential to cause huge losses in company environments.
This is the place where ethical hackers are appointed to secure the networks.
Like ARP poisoning, there are other attacks such as MAC flooding, MAC spoofing,
DNS poisoning, ICMP poisoning, etc. that can cause significant loss to a network.
25
EXPERIMENT-7
Objective: Demonstrate intrusion detection system using any tool (snort or any other
s/w).
Description:
SNORT
Snort is a light-weight intrusion detection tool which logs the packets coming through
the network and analyzes the packets. Snort checks the packets coming against the
rules written by the user and generate alerts if there are any matches found
First up make a temporary download folder to your home directory and then move
into it with the these commands
26
Snort using snort.conf file
Snort uses a configuration file at start up time. A sample configuration file snort.conf
is included in the Snort distribution. You can use any name for the configuration file,
however snort.conf is the conventional name. You use the - c command line switch
to specify the name of the configuration file.
This command should be run in our terminal to run snort using our snort
configuration file. It can be modified according to the user suitability.
Snort has various modes, few of them are listed here description of the command:
Once we run this command, then type $ ping 127.0.0.1 We should see that the snort
logs this packet and displays it on the terminal.
Results
The result of our project will be the display of all packets which matches the snort
defined by the administrator. The information will get stored in a mysql database
27
EXPERIMENT-8
Description:
Here’s the final guide in my PGP basics series, this time focusing on Windows The
OS in question will be Windows 7, but it should work for Win8 and Win8.1 as well
Obviously it’s not recommended to be using Windows to access the DNM, but I won’t
go into the reasons here. The tool we”ll be using is GPG4Win
● Visit www.gpg4win.org.
● Click on the “Gpg4win 2.3.0” button
● On the following screen, click the “Download Gpg4win” button.
● When the “Welcome” screen is displayed, click the “Next” button
● When the “License Agreement” page is displayed, click the “Next” button
28
● Then set the checkbox values as specified below, then click the “Next” button
● Set the location where you want the software to be installed. The default
location is fine. Then,
● Click the “Next” button
● Specify where you want shortcuts to the software placed, then click the “Next”
button.
● If you selected to have a GPG shortcut in your Start Menu, specify the folder
in which it will be placed. The default “Gpg4win” is OK. Click the “Install”
button to continue
29
● The installation process will tell you when it is complete. Click the “Next”
button
● Once the Gpg4win setup wizard is complete, the following screen will be
displayed. Click the “Finish” button
30
CREATING YOUR PUBLIC AND PRIVATE KEYS
GPG encryption and decryption is based upon the keys of the person who will be
receiving the encrypted file or message. Any individual who wants to send the
person an encrypted file or message must possess the recipient’s public key
certificate to encrypt the message. The recipient must have the associated private
key, which is different from the public key, to be able to decrypt the file. The public
and private key pair for an individual is usually generated by the individual on his or
her computer using the installed GPG program, called “Kleopatra” and the following
procedure:
● From your start bar, select the “Kleopatra” icon to start the Kleopatra
certificate management Software
● The following screen will be displayed From the “File” dropdown, click on the
“New Certificate” Option
31
● The following screen will be displayed. Click on “Create a personal OpenGPG
key pair” and the “Next” button
● The Certificate Creation Wizard will start and display the following:
32
● Enter your name and email address. You may also enter an optional
comment. Then, click the “Next” button
● You will be asked to re-enter the passphrase Re-enter the passphrase value.
Then click the “OK” button. If the passphrases match, the certificate will be
created.
33
● Once the certificate is created, the following screen will be displayed. You can
save a backup of your public and private keys by clicking the “Make a backup
Of Your Key Pair” button. This backup can be used to copy certificates onto
other authorized computers.
● If you choose to backup your key pair, you will be presented with the following
screen:
● Specify the folder and name the file. Then click the “OK” button.
34
● After the key is exported, the following will be displayed. Click the “OK” button.
● You will be returned to the “Key Pair Successfully Created” screen. Click the
“Finish” button.
● Before the program closes, you will need to confirm that you want to close the
program by clicking on the “Quit Kleopatra” button
35
DECRYPTING AN ENCRYPTED EMAIL THAT HAS BEEN SENT TO YOU:
36
● A command window will open along with a window that asks for the
Passphrase to your private key that will be used to decrypt the incoming
message.
37