STUDY AND IMPLEMENTATION OF ETHICAL HACKING

A PROJECT REPORT
Submitted by

JAFREED MONDAL

Supervised by
Prof. Dr. Nabarun Bhattacharyya

in partial fulfillment for the award of the degree

of

MASTER OF COMPUTER APPLICATION (MCA)

2022-2024

MAULANA ABUL KALAM AZAD UNIVERSITY OF TECHNOLOGY, WB

NH-12 (Old NH-34) Simhat Haringhata, Nadia 741249, West Bengal

1
 BONAFIDE CERTIFICATE

Certified that this project report “STUDY AND IMPLEMENTATION OF

ETHICAL HACKING” is the Bonafide work of “JAFREED MONDAL” who
carried out the project work under my supervision.

SIGNATURE

SIGNATURE

External Examiner:

2
 ACKNOWLEDGEMENT

I would like to express my sincere regards to Sayani Mondal, Head of Department

(HOD) of Master of Computer Application (MCA) for his contribution in the
completion of my project titles as “STUDY AND IMPLEMENTATION OF
ETHICAL HACKING”. I would like to specially thank my mentor Prof. Dr.
Nabarun Bhattacharyya for his precious time and efforts that he provided
throughout my journey. Your useful advice and suggestions were helpful to me during
the project’s completion. For this act of kindness, I shall be highly obliged to you. I
would like to acknowledge that this project was completed entirely by me

JAFREED MONDAL
Master of Computer Application (MCA)

3
 TABLE OF CONTENTS

Content Page No

TITLE PAGE 1

BONAFIDE CERTIFICATE 2

ACKNOWLEDGEMENT 3

TABLE OF CONTENTS 4

ABSTRACT 5

Chapter 1- INTRODUCTION 6-10

1.1 Overview of Ethical Hacking 6
1.2 Importance of Ethical Hacking in Cybersecurity 6
1.3 Objectives of the Study 7
1.4 Scope and Limitations 8
1.5 Structure of the Thesis 9

Chapter 2- SETTING UP THE ENVIRONMENT 11-15

2.1 Installation of VirtualBox on Windows 11
2.2 Configuration of Kali Linux & Metasploitable VMs 12
2.3 Networking setup between Host & Guest VMs 14

Chapter 3- BASIC INFORMATION GATHERING 16-21

3.1 Techniques for Reconnaissance and Footprinting 16
3.2 Tools Used: Nmap, Netdiscover 18
3.3 Analysis & Interpretation of Gathered Information 20

Chapter 4- BUILDING AN ATTACK STRATEGY, EXPLOITATION & BACKDOOR 22-27

4.1 Building an Attack Strategy 22
4.2 Compiling and Modifying Trojans 24
4.3 Modifying Trojans Attributes 25
4.4 Email Spoofing 25

Chapter 5- EMAIL SPOOFING: SENDING SPOOFED EMAILS USING DIFFERENT EMAIL

ACCOUNTS THROUGH WEB HOSTING 28-33
5.1 Understanding Email Spoofing 28
5.2 Prerequisites for Email Spoofing 28
5.3 Setting up the Environment 30
5.4 Crafting & Sending Spoofed Emails 31

Chapter 6- FINAL RESULTS 35

APPENDICES 36-37
REFERENCES 38

4
 Abstract

This work explores ethical hacking methodologies to assess an organization's vulnerability to

email spoofing attacks. Email spoofing deceives recipients by disguising email addresses,
making them appear from trusted sources. Malicious actors exploit this to steal credentials or
spread malware.

Ethical hacking utilizes controlled simulations to expose security weaknesses. In this context,
email spoofing simulations would involve sending emails with spoofed sender addresses to
targeted users within the organization. These emails, however, would be clearly marked as part
of a security test and would not contain malicious content.

The recipient response to these simulated spoofing attempts is then analyzed. Factors like email
open rates, clicks on embedded links, and downloads of attachments would be evaluated. This
helps gauge employee awareness and susceptibility to social engineering tactics often employed
in spoofing scams.

By identifying weaknesses in user awareness and potential security loopholes, organizations can
implement targeted security training programs and technical measures to mitigate the risks
associated with email spoofing attacks. This ethical hacking approach empowers organizations to
proactively strengthen their email security posture.

5
 Chapter- 1
INTRODUCTION

1. Overview of Ethical Hacking

In order to evaluate an organization's defenses, ethical hacking—also referred to as penetration

testing or white-hat hacking—involves breaking into computers and other devices lawfully. In
contrast to malevolent cybercriminals, ethical hackers try to identify weaknesses in networks and
systems in order to patch them and stop actual attacks. These experts employ the same
techniques as their malevolent counterparts, but instead of trying to compromise security, they
want to strengthen it.

Vulnerability assessments, social engineering, and network scanning are some of the methods
used in ethical hacking. When it comes to obtaining sensitive information, social engineering
takes use of human psychology, whereas network scanning looks for any architectural flaws in
systems. Vulnerability evaluations look for known weaknesses in systems that could be used by
bad actors.

Organization's security posture is maintained in large part by ethical hackers. They do this by
spotting vulnerabilities early on and taking steps to mitigate them so that firms may remain
ahead of future threats. Given the sophistication and frequency of assaults in today's digital
environment, it is imperative that security measures be proactive.

2. Importance of Ethical Hacking in Cybersecurity

A fundamental component of contemporary cybersecurity tactics is ethical hacking.

Organization's must constantly modify their defences to remain safe as cyber threats change. By
offering priceless insights into possible security flaws, ethical hackers help businesses
proactively resolve these problems.

Finding vulnerabilities before malevolent hackers can exploit them is one of the main advantages
of ethical hacking. Through the simulation of actual attacks, ethical hackers are able to find
vulnerabilities that could otherwise remain hidden. By taking a proactive stance, companies can
fortify their defences and lower their risk of financial loss, reputational harm, and data breaches.

6
Moreover, ethical hacking encourages an awareness of security throughout the organisation.
Frequent vulnerability assessments and penetration tests inform staff members about possible

risks and stress the value of following security procedures. This increased knowledge can greatly
lower the possibility that human error-related cyberattacks would be effective.

Ethical hacking benefits individual organisations as well as the larger cybersecurity ecosystem.
Through exchanging knowledge about identified weaknesses and methods of attack, ethical
hackers contribute to the advancement of security protocols and standards throughout several
sectors. To address the ever-growing menace of cybercrime, collaboration is needed.

3. Objectives of the Study

This study's main goal is to investigate how ethical hacking can improve cybersecurity
precautions. The goal of the study is to present a thorough grasp of ethical hacking techniques,
their significance in contemporary cybersecurity tactics, and the advantages they provide to
businesses.

7
Specific objectives include:

Comprehending Ethical Hacking Methods: This course will explore a range of ethical hacking
methods, such as vulnerability assessments, social engineering, and network scanning. This will
give a thorough rundown of the techniques employed by ethical hackers to recognise and
eliminate security risks.

Analysing the Impact of Ethical Hacking: This study aims to determine how well ethical
hacking works to improve security posture and thwart cyberattacks. Analysing case studies and
actual instances of businesses that have profited from ethical hacking techniques would be
necessary for this.

Limitations and obstacles: The study will also list the restrictions and obstacles that come with
ethical hacking. This entails being aware of the possible dangers as well as the moral issues
surrounding vulnerability assessments and penetration testing.

Encouraging Best Practices: Considering the research's conclusions, best practices will be
suggested for businesses wishing to include ethical hacking in their cybersecurity plan. This will
cover suggestions for keeping up to date with the most recent threat intelligence, encouraging a
security-aware culture, and carrying out routine assessments.

4. Scope and Limitations

This study's scope includes a thorough analysis of ethical hacking techniques and how they affect
cybersecurity. The study will address several ethical hacking methods, the advantages and
disadvantages of these approaches, and practical instances of their use in organisational security
plans.

There are some constraints to take into account, even if the study attempts to provide a thorough
explanation of ethical hacking. First off, the information provided could soon become old due to

8
the continuously changing nature of cyber threats. In order to lessen this, the study will
concentrate on essential ideas and methods that hold true even as the nature of threats evolves.
Second, case studies, expert comments, and already published literature will be the main sources
of secondary data for this research. Although this method offers insightful information, it might
not fully encompass the range of ethical hacking techniques and their consequences. In order to
ensure a comprehensive analysis, the research will incorporate a variety of sources to meet this
limitation.

Finally, there is a certain amount of danger associated with ethical hacking, and the efficiency of
the technique varies based on the implementation and circumstances. The study will take note of
these differences and stress how crucial it is to customise ethical hacking techniques to the
particular requirements of every company.

5. Structure of the Thesis

The thesis is structured to provide a logical and coherent exploration of ethical hacking and its
role in cybersecurity. The structure includes the following chapters:

Introduction: This chapter introduces the topic of ethical hacking, outlining its importance in
modern cybersecurity strategies. It also presents the research objectives, scope, and limitations.

Literature Review: This chapter reviews existing literature on ethical hacking, covering various
techniques, benefits, challenges, and real-world applications. It provides a theoretical foundation
for the study.

Methodology: This chapter outlines the research methodology, including data collection and
analysis methods. It explains how the study will achieve its objectives and address the research
questions.

Findings and Analysis: This chapter presents the findings of the research, analyzing the
effectiveness of ethical hacking in enhancing cybersecurity. It includes case studies and
real-world examples to illustrate key points.

9
Discussion: This chapter discusses the implications of the findings, identifying best practices and
recommendations for organizations looking to implement ethical hacking. It also addresses the
challenges and limitations identified in the study.

Conclusion: This chapter summarizes the key findings and contributions of the research. It
reiterates the importance of ethical hacking in cybersecurity and suggests areas for future
research.

By following this structure, the thesis aims to provide a comprehensive and insightful analysis of
ethical hacking and its role in enhancing cybersecurity

10
 Chapter- 2
Setting Up the Environment

Creating an environment conducive to ethical hacking is a critical first step for security
professionals. Ethical hacking involves identifying and exploiting vulnerabilities in systems to
enhance their security. To practice these skills safely, a controlled and isolated environment is
essential. This environment typically includes virtual machines (VMs), which simulate different
operating systems and applications. Virtualization software such as VirtualBox or other VM
platforms is used to set up and manage these VMs.

1. Installation of VirtualBox (or preferred VM software) on Windows

VirtualBox is a popular open-source virtualization software developed by Oracle. It allows users

to run multiple operating systems on a single physical machine. Here's a step-by-step guide to
installing VirtualBox on a Windows machine:

Download VirtualBox: Visit the official VirtualBox website and download the Windows version
of the installer.

Run the Installer: Double-click the downloaded file to launch the installer. Follow the
on-screen instructions, accepting the default settings unless you have specific requirements.

Custom Installation: During installation, you can choose the components to install. The default
options are usually sufficient for most users. You can also specify the installation location.

Network Interfaces: VirtualBox will install network interfaces on your system. These are
necessary for VM networking. Allow the installation of these interfaces.

Installation: Click the 'Install' button. You might need to grant administrative privileges.

Complete Installation: Once the installation is complete, launch VirtualBox from the Start
Menu or desktop shortcut.

11
VirtualBox provides a user-friendly interface to manage multiple VMs, allowing you to create,
configure, and run different operating systems
simultaneously. This setup is crucial for ethical hacking practices, as it enables the creation of
isolated environments to test various attack and defense techniques.

2. Configuration of Kali Linux and Metasploitable VMs

Once VirtualBox is installed, the next step is to set up VMs for ethical hacking exercises. Two
commonly used VMs in this context are Kali Linux and Metasploitable.

Kali Linux: Kali Linux is a Debian-based distribution designed for digital forensics and
penetration testing. It comes pre-installed with numerous tools used for ethical hacking.

Download Kali Linux: Visit the official Kali Linux website and download the appropriate ISO
file.

Create a New VM in VirtualBox: Open VirtualBox and click 'New' to create a new VM. Name
it 'Kali Linux', set the type to 'Linux', and the version to 'Debian (64-bit)'.

Allocate Resources: Allocate memory and disk space. A minimum of 2GB RAM and 20GB of
disk space is recommended.

12
Mount the ISO: In the VM settings, go to 'Storage' and mount the downloaded Kali Linux ISO
file to the virtual optical drive.

Install Kali Linux: Start the VM and follow the on-screen instructions to install Kali Linux.
This process includes partitioning the disk, selecting a mirror, and setting up a user account.

Post-Installation: After installation, remove the ISO and restart the VM. Update the system and
install any additional tools needed.

Metasploitable: Metasploitable is a deliberately vulnerable Linux VM designed for testing

security tools and training.

Download Metasploitable: Visit the Rapid7 website and download the Metasploitable VM.

Create a New VM in VirtualBox: Open VirtualBox and click 'New'. Name it 'Metasploitable',
set the type to 'Linux', and the version to 'Ubuntu (64-bit)'.

Allocate Resources: Allocate memory and disk space. A minimum of 512MB RAM and 10GB
of disk space is sufficient.

Import the VM: In the VM settings, go to 'Storage' and mount the downloaded Metasploitable
VMDK file.

Start Metasploitable: Boot the VM. There is no installation process for Metasploitable as it is
pre-configured.

13
3. Networking Setup Between Host and Guest VMs

Networking setup is crucial for simulating real-world scenarios in ethical hacking. You need to
configure the network to allow communication between your host machine and the guest VMs.

Network Modes: VirtualBox offers several network modes. For ethical hacking, the following
are commonly used:

NAT (Network Address Translation): This mode allows the VM to access external
networks (like the internet) via the host. It's simple but doesn't allow incoming
connections to the VM from the host.

Bridged Adapter: This mode connects the VM directly to the host's physical network.
The VM gets an IP address from the same range as the host, allowing full network access.

Host-Only Adapter: This mode creates a private network between the host and VMs. It’s
ideal for isolating the lab environment from external networks.

Configuring Network Adapters:

For Kali Linux: Go to the VM settings in VirtualBox, select 'Network', and choose
'Bridged Adapter' or 'Host-Only Adapter'. Ensure the adapter is enabled.
For Metasploitable: Repeat the above steps to configure the network adapter.

Assigning IP Addresses:
Bridged Adapter: The VM will get an IP address from your router. You can check this
by running ifconfig or ip a in the terminal.

Host-Only Adapter: VirtualBox provides a DHCP server for the host-only network.
Ensure the VM gets an IP from this range, or you can assign a static IP within the same
range.

Testing Connectivity:
From your host machine, open a terminal or command prompt.
Ping the IP address of the Kali Linux VM to ensure connectivity.
Similarly, ping the Metasploitable VM from Kali Linux to verify internal network
communication.

Additional Configurations:

SSH Access: Install and configure SSH on your VMs to allow remote access. This can be
done by installing openssh-server on both Kali Linux and Metasploitable.

14
 Shared Folders: Set up shared folders between the host and VMs for easy file transfer.

Ethical Hacking Applications

You can practise several ethical hacking tactics using this setup. Tools like Nmap for network
scanning, Metasploit for vulnerability analysis, and Wireshark for packet analysis are all
available with Kali Linux. Because the Metasploitable virtual machine is intentionally designed
to be susceptible, it is an ideal target for these tools, which let you practise safely.

By creating such an atmosphere, you can lower the possibility of unintentional harm or legal
problems by making sure your ethical hacking activities are carried out sensibly and in a
regulated area. Anyone who is serious about learning and using ethical hacking techniques needs
to take this first step.

15
 Chapter- 3

Basic Information Gathering

Reconnaissance, or obtaining information, is the initial stage of ethical hacking. To find potential
vulnerabilities, it entails gathering as much data as you can about the target system or network.
This stage of the ethical hacking process is very important since it sets the groundwork for later
phases. Collecting information effectively can greatly increase the likelihood of finding
vulnerabilities that can be exploited.

1. Techniques for Reconnaissance and Footprinting

Reconnaissance and footprinting are key techniques in the information-gathering phase. These
methods help an ethical hacker understand the structure, technology, and vulnerabilities of the
target system.

Passive Reconnaissance: This involves collecting information about a target without directly
interacting with it. Techniques include:

● Search Engines: Using search engines like Google to find information about the
target. This can include websites, blogs, news articles, and more.
●
● Social Media: Gathering data from social media platforms where employees might
share information about their workplace.
●
● WHOIS Lookup: This provides details about domain registration, such as the
owner's name, contact information, and hosting details.
●
● DNS Enumeration: Identifying DNS records to discover subdomains, mail servers,
and other critical infrastructure.
●

Active Reconnaissance: This involves directly interacting with the target system to gather
information. Techniques include:

16
 ● Port Scanning: Identifying open ports on a target system to determine which services
are running.

● Network Scanning: Mapping the network to understand its topology and identify
live hosts.

● Banner Grabbing: Capturing the banners of services running on open ports to

identify their versions and potential vulnerabilities.

● OS Fingerprinting: Determining the operating system of the target system.

Footprinting: This is a subset of reconnaissance focused on building a detailed profile of the

target. Techniques include:

● Website Footprinting: Analyzing the target's website to gather information about its
structure, technologies used, and possible entry points.

● Email Footprinting: Collecting information about email servers and potential

phishing attack vectors.

● Network Footprinting: Mapping the network to identify key devices, their roles, and
how they communicate.

Effective reconnaissance and footprinting provide a comprehensive understanding of the target,

enabling ethical hackers to identify the best approach for further investigation and potential
exploitation.

17
2. Tools Used: Nmap, Netdiscover, etc.

Several tools are available for reconnaissance and footprinting, each designed to gather specific
types of information about the target system or network. Here, we'll discuss some of the most
commonly used tools in ethical hacking.

Nmap (Network Mapper):

● Purpose: Nmap is a powerful open-source tool used for network discovery and
security auditing. It is capable of identifying live hosts, open ports, running services,
and their versions, as well as the operating system of the target.
● Features:
● Port Scanning: Nmap can perform comprehensive port scans to identify open
and closed ports.
● Service Detection: It can determine the services running on open ports and
their versions.
● OS Fingerprinting: Nmap can detect the operating system and device type.
● Scripting Engine: Nmap's NSE (Nmap Scripting Engine) allows for custom
scripts to automate various tasks, such as vulnerability detection and
exploitation.

● Usage:
● Basic scan: nmap <target>
● Scan for specific ports: nmap -p 80,443 <target>
● OS detection: nmap -O <target>

Netdiscover:

● Purpose: Netdiscover is a network address discovering tool primarily used in

wireless networks. It can also be used in wired networks to identify live hosts.
● Features:
● ARP Scanning: Netdiscover uses ARP (Address Resolution Protocol) to
discover hosts on a local network.
● Passive and Active Modes: It can operate in passive mode (listening for ARP
requests) or active mode (sending ARP requests).
● Usage:
● Passive mode: netdiscover -p
● Active mode: netdiscover -r <network/subnet>

18
WHOIS Lookup Tools:

● Purpose: WHOIS tools provide information about domain registration, including the
registrant's name, contact details, and hosting provider.
● Features:
● Domain Information: Retrieve details about the domain owner, registration
dates, and status.
● Contact Information: Find the contact details of the registrant,
administrative, and technical contacts.
● Usage:
● Online tools: Websites like whois.domaintools.com provide an easy interface
for WHOIS lookups.
● Command-line: whois <domain>

DNS Enumeration Tools:

● Purpose: Tools like dnsenum and dig are used to gather information about DNS
records of a target domain.
● Features:
● Subdomain Discovery: Identify subdomains associated with the target
domain.
● DNS Records: Retrieve various DNS records such as A, MX, NS, and TXT
records.
● Usage:
● dnsenum <domain>
● dig <domain>

Social Engineering Tools:

● Purpose: Tools like Maltego can be used to gather information from social media and
other online platforms.
● Features:
● Data Mining: Extract data from various online sources to build a profile of
the target.
● Visualization: Graphical representation of relationships between different
data points.
● Usage: Install and run Maltego, then use its transforms to gather and visualize data.

These tools form the backbone of the information-gathering phase in ethical hacking, allowing
professionals to collect and analyze data efficiently.

19
3. Analysis and Interpretation of Gathered Information

Once the data has been gathered using various reconnaissance and footprinting techniques and
tools, the next step is to analyze and interpret this information. The goal is to identify potential
vulnerabilities and determine the best approach for further testing or exploitation.

Data Organization:

● Categorization: Organize the gathered data into categories such as network topology,
open ports, services, and vulnerabilities.
● Documentation: Maintain detailed records of the information, including screenshots,
tool outputs, and notes.

Network Analysis:

● Topology Mapping: Create a visual map of the network topology, showing the
relationships between different devices and subnets.
● Live Hosts: Identify all live hosts on the network and their roles (e.g., servers,
workstations, IoT devices).
● Open Ports and Services: List all open ports and associated services on each host.
Pay special attention to services that are known to have vulnerabilities or are
misconfigured.

Vulnerability Identification:

● Service Versions: Check the versions of services running on open ports against
vulnerability databases (e.g., CVE, NVD) to identify known vulnerabilities.
● Misconfigurations: Look for common misconfigurations, such as default credentials,
open management interfaces, or unnecessary services.
● Exposure Points: Identify areas where sensitive information might be exposed, such
as through public-facing services or poorly configured firewalls.

OS and Application Analysis:

● Operating Systems: Determine the operating systems running on the target hosts.
Different OSs have different vulnerabilities and require specific exploits.
● Applications: Identify the applications installed on the target systems, focusing on
web applications, databases, and other critical software.

Risk Assessment:

20
 ● Severity Ranking: Rank the identified vulnerabilities based on their potential impact
and ease of exploitation. High-severity vulnerabilities that are easy to exploit should
be prioritized.
● Threat Modeling: Consider the potential threats to the target system, such as data
breaches, denial of service attacks, or unauthorized access.

Reporting:

● Summary: Provide a summary of the findings, highlighting the most critical

vulnerabilities and risks.
● Detailed Analysis: Include detailed analysis and evidence for each identified issue,
such as tool outputs, screenshots, and logs.
● Recommendations: Offer recommendations for mitigating the identified
vulnerabilities, such as applying patches, changing configurations, or enhancing
security policies.

Continuous Monitoring:

● Ongoing Assessment: Recognize that security is an ongoing process. Regularly

update your reconnaissance and footprinting activities to keep up with changes in the
target environment.
● Automation: Consider automating certain aspects of information gathering and
analysis using scripts and tools to ensure consistency and efficiency.

By meticulously analyzing and interpreting the gathered information, ethical hackers can develop
a comprehensive understanding of the target system's weaknesses and devise effective strategies
to secure it. This phase is critical for identifying potential attack vectors and ensuring that the
target system is resilient against various threats.

21
 Chapter- 4

Building an Attack Strategy, Exploitation and Backdoors

Creating a comprehensive attack strategy is fundamental to the ethical hacking process. This
involves systematically planning the attack, exploiting vulnerabilities, and maintaining access
through backdoors and persistence mechanisms. In the context of email spoofing, these steps can
be crucial in understanding how attackers could compromise email systems and implement
long-term threats.

1. Building an Attack Strategy

Building an effective attack strategy involves several key components. These include thorough
reconnaissance, vulnerability identification, planning the attack sequence, and choosing the right
tools and techniques.

Reconnaissance and Footprinting:

● Information Gathering: Collect as much information as possible about the target's

email infrastructure, including email servers, DNS records, and user information.

● Social Engineering: Use social engineering techniques to gather more data. This
could involve interacting with the target's employees or finding information on social
media.

Vulnerability Identification:
● Email Protocols: Identify vulnerabilities in email protocols like SMTP, IMAP, and
POP3. Common issues include open relays, weak authentication, and misconfigured
servers.

● Software and Plugins: Identify vulnerabilities in the email software and any plugins
or extensions used. This could involve checking for outdated software or known
vulnerabilities.

Planning the Attack:

22
 ● Phishing Campaigns: Plan a phishing campaign to trick users into revealing
sensitive information or installing malicious software. This involves crafting
convincing emails and determining the right timing for sending them.
● Email Spoofing: Plan how to spoof emails to make them appear as if they are coming
from trusted sources. This could involve using tools like SET (Social Engineering
Toolkit) to craft emails and spoof addresses.

Choosing Tools and Techniques:

● Exploitation Tools: Select tools for exploiting identified vulnerabilities. This could
include Metasploit for delivering payloads or custom scripts for exploiting specific
vulnerabilities.

● Persistence Mechanisms: Plan how to maintain access once the initial compromise
is achieved. This could involve setting up backdoors or using malware to ensure
continued access.

Exploitation and Backdoors

Exploitation is the process of leveraging identified vulnerabilities to gain unauthorized access.

Once access is achieved, backdoors and persistence mechanisms are used to maintain that access.

Exploitation:

● Initial Access: Gain initial access through vulnerabilities identified during the
reconnaissance phase. This could involve exploiting weak authentication in email
servers or delivering payloads through phishing emails.

● Privilege Escalation: Once access is gained, escalate privileges to gain more control
over the system. This could involve exploiting local vulnerabilities or using tools like
Metasploit to find and exploit further weaknesses.

Implementing Backdoors:
● Reverse Shells: Set up reverse shells to maintain remote access to the compromised
system. Tools like Netcat or Metasploit's Meterpreter can be used for this purpose.

● Web Shells: If the target is a web server, upload a web shell to maintain access. This
could involve exploiting vulnerabilities in web applications or misconfigured servers.

Persistence Mechanisms:

23
 ● Registry Modifications: Modify the registry on Windows systems to ensure that the
backdoor runs every time the system starts.

● Scheduled Tasks: Set up scheduled tasks or cron jobs to run the backdoor or other
malicious code at regular intervals.

● Service Installation: Install a malicious service that runs with elevated privileges and
provides remote access.

2. Compiling and Modifying Trojans

Trojans are malicious programs that appear to be legitimate software but perform harmful actions
when executed. Compiling and modifying Trojans involves creating these malicious programs
and customizing them to evade detection and achieve specific goals.

Compiling Trojans:
● Source Code: Obtain or write the source code for the Trojan. This could involve
using publicly available code or writing custom code to achieve specific objectives.

● Compiling: Use a compiler to convert the source code into an executable file. This
could involve using tools like GCC for Linux or Visual Studio for Windows.

● Testing: Test the compiled Trojan to ensure that it works as intended and does not
crash or produce errors.

Modifying Trojans:
● Code Obfuscation: Obfuscate the code to make it harder to detect and analyze. This
could involve using tools to rename variables, encrypt strings, and insert junk code.

● Polymorphic Code: Use polymorphic techniques to change the code each time it is
executed. This makes it harder for antivirus software to detect the Trojan based on
signature analysis.

● Custom Payloads: Modify the payloads delivered by the Trojan to achieve specific
objectives. This could involve adding keyloggers, data exfiltration tools, or other
malicious code.

24
3. Modifying Trojan Attributes (Icon, File Extension)

Modifying the attributes of a Trojan can help it evade detection and increase the likelihood of it
being executed by the target. This involves changing the icon and file extension to make the
Trojan appear as a legitimate file.

Changing the Icon:

● Icon Files: Obtain an icon file that matches the appearance of a legitimate
application. This could involve extracting icons from genuine software or creating
custom icons.

● Resource Editors: Use resource editing tools like Resource Hacker to change the
icon of the Trojan. This involves opening the executable file in the editor and
replacing the existing icon with the new one.

● Testing: Ensure that the modified Trojan still works as intended and that the icon
change is successful.

Changing the File Extension:

● Executable Extensions: Change the file extension to make the Trojan appear as a
non-executable file. This could involve using extensions like .pdf, .docx, or .jpg.

● Double Extensions: Use double extensions to trick the target into thinking the file is
safe. For example, changing a file name to "document.pdf.exe" can make it appear as
a PDF file.

● File Binders: Use file binders to combine the Trojan with a legitimate file. This
makes the Trojan appear as a harmless file while executing malicious code in the
background.

4. Email Spoofing

Email spoofing is a technique used to forge the sender address of an email to make it appear as if
it is coming from a trusted source. This technique is often used in phishing attacks and other
social engineering exploits.

Understanding Email Protocols:

● SMTP: Simple Mail Transfer Protocol (SMTP) is used to send emails. Understanding
how SMTP works is crucial for spoofing emails.

25
 ● SPF, DKIM, and DMARC: These are email authentication protocols used to verify
the legitimacy of emails. Understanding these protocols can help in bypassing or
defeating them.

Tools for Email Spoofing:

● SET (Social Engineering Toolkit): SET includes a module for email spoofing that
allows users to send spoofed emails with customized content.

● Sendmail: A command-line tool that can be used to send spoofed emails by

specifying custom sender addresses.

● Python Scripts: Custom Python scripts can be written to automate the process of
sending spoofed emails using libraries like smtplib.

Crafting Spoofed Emails:

● Content: Write convincing email content that appears to come from a trusted source.
This could involve mimicking the style and tone of legitimate emails.

● Attachments: Include malicious attachments such as Trojans or links to phishing

websites. Ensure that the attachments are well-disguised.

26
 ● Headers: Modify email headers to make the email appear as if it is coming from a
legitimate domain. This involves changing the "From" and "Reply-To" headers.

Delivery and Analysis:

● Sending Emails: Use the chosen tools to send the spoofed emails to the target.
Monitor delivery to ensure that the emails are not blocked by spam filters.

● Tracking: Track the response of the targets. This could involve monitoring email
opens, link clicks, and attachment downloads.

● Adjusting Tactics: Based on the response, adjust the tactics and content of the emails
to increase the likelihood of success.

27
 Chapter- 5

Email Spoofing: Sending Spoofed Emails Using Different Email Accounts

Through Web Hosting

Email spoofing is a technique used to forge the sender address on an email, making it appear as if
it comes from a trusted source. This deceptive practice is often used in phishing attacks, fraud
schemes, and other malicious activities. Understanding how to execute and defend against email
spoofing is essential for both ethical hackers and security professionals. This guide will cover the
technical aspects, tools, and methods involved in sending spoofed emails through web hosting.

1. Understanding Email Spoofing

Email spoofing exploits the inherent vulnerabilities in the email protocol, primarily SMTP
(Simple Mail Transfer Protocol). SMTP lacks robust authentication mechanisms, making it
relatively easy for attackers to send emails with a forged sender address.

SMTP Overview:

● Function: SMTP is used to send emails from a client to a server or between servers.
● Lack of Authentication: SMTP was designed without strong authentication, which
allows for the manipulation of email headers.

Email Headers:
● From: Indicates the sender's email address.
● Reply-To: Specifies the address where responses should be sent.
● Return-Path: Used for bounce messages.

Manipulating these headers allows attackers to craft emails that appear to come from legitimate
sources.

2. Prerequisites for Email Spoofing

To send spoofed emails, several prerequisites must be met, including domain registration, access
to web hosting services, and the appropriate tools and knowledge.

Domain Registration:

28
 ● Register a domain name that can be used to send spoofed emails. The domain name
should ideally resemble a legitimate domain to enhance the credibility of the spoofed
emails.

Web Hosting:

● Obtain a web hosting account that provides email services. The hosting provider
should allow the customization of email headers.

● Ensure that the hosting plan includes SMTP access.

Email Sending Tools:

● Sendmail: A command-line tool for sending emails. It allows customization of email
headers.

● PHPMailer: A PHP library for sending emails with custom headers.

● Python smtplib: A Python module that provides functions to send emails using the
SMTP protocol.

29
Understanding Email Authentication Protocols:

● SPF (Sender Policy Framework): Prevents unauthorized users from sending emails
on behalf of your domain.

● DKIM (DomainKeys Identified Mail): Adds a digital signature to email headers.

● DMARC (Domain-based Message Authentication, Reporting & Conformance):

Combines SPF and DKIM to prevent email spoofing.

3. Setting Up the Environment

Setting up the environment involves configuring the web hosting service, creating email
accounts, and preparing the necessary scripts or tools for sending spoofed emails.

Configuring Web Hosting:

● Log in to the web hosting control panel.

30
 ● Create email accounts that will be used to send spoofed emails.

● Ensure SMTP access is enabled.

DNS Settings:
● Configure the DNS records for your domain. This includes setting up MX records for
email delivery and configuring SPF, DKIM, and DMARC records if necessary.

● To bypass SPF, DKIM, and DMARC, the attacker might need to find misconfigured
servers or exploit vulnerabilities in the target's email configuration.

Installing Necessary Tools:

● Sendmail: Install Sendmail on a Linux server using package managers like apt or
yum.

● PHPMailer: Download and include the PHPMailer library in your PHP scripts.

● Python smtplib: Ensure Python is installed on your server and import the smtplib
module in your scripts.

4. Crafting and Sending Spoofed Emails

With the environment set up, the next step is to craft and send spoofed emails. This involves
creating convincing email content and manipulating email headers.

Crafting the Email Content:

● Write email content that mimics the style and tone of legitimate emails from the
spoofed sender.

● Include elements like company logos, signatures, and formatting to enhance

credibility.

Manipulating Email Headers:

● Modify the From, Reply-To, and other headers to make the email appear as if it is
coming from a trusted source.

Using Sendmail:

31
 ● Create a file (e.g., email.txt) with the email headers and content: From:
spoofed@example.com To: victim@example.com Subject: Important Update This is
a spoofed email message.

● Use Sendmail to send the email:

sendmail -t < email.txt

Using PHPMailer:

● Create a PHP script to send spoofed emails: Using Python smtplib:

<?php
use PHPMailer\PHPMailer\PHPMailer;
require 'vendor/autoload.php';

$mail = new PHPMailer();

$mail->isSMTP();
$mail->Host = 'smtp.yourhost.com';
$mail->SMTPAuth = true;
$mail->Username = 'yourusername';
$mail->Password = 'yourpassword';
$mail->SMTPSecure = 'tls';
$mail->Port = 587;

$mail->setFrom('spoofed@example.com', 'Spoofed Sender');

$mail->addAddress('victim@example.com');

32
$mail->isHTML(true);
$mail->Subject = 'Important Update';
$mail->Body = 'This is a spoofed email message.';

if(!$mail->send()) {
echo 'Message could not be sent.';
echo 'Mailer Error: ' . $mail->ErrorInfo;
} else {
echo 'Message has been sent';
}

● Create a Python script to send spoofed emails:

import smtplib
from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart

sender_email = "spoofed@example.com"
receiver_email = "victim@example.com"
subject = "Important Update"
body = "This is a spoofed email message."

msg = MIMEMultipart()
msg['From'] = sender_email
msg['To'] = receiver_email
msg['Subject'] = subject
msg.attach(MIMEText(body, 'plain'))

try:
server = smtplib.SMTP('smtp.yourhost.com', 587)
server.starttls()
server.login("yourusername", "yourpassword")
text = msg.as_string()
server.sendmail(sender_email, receiver_email, text)
server.quit()
print("Email sent successfully")
except Exception as e:
print(f"Failed to send email: {e}")

33
Defending Against Email Spoofing

While learning about email spoofing is important for understanding potential threats, defending
against such attacks is crucial for maintaining email security.

Implementing Email Authentication:

● SPF: Configure SPF records to specify which servers are allowed to send emails on
behalf of your domain.

● DKIM: Set up DKIM to add a digital signature to your emails, ensuring their
authenticity.
● DMARC: Implement DMARC to instruct email receivers on how to handle emails
that fail SPF or DKIM checks.

Monitoring and Reporting:

● Regularly monitor email traffic for signs of spoofing.

● Use DMARC reports to get insights into unauthorized email activity.

User Education:

● Educate users about the risks of email spoofing and how to identify suspicious emails.

● Encourage users to verify the sender's address and to be cautious of unexpected

attachments or links.

Technical Measures:
● Employ anti-spam and anti-phishing solutions to filter out spoofed emails.

● Use email gateways that enforce strict authentication checks.

34
 Chapter- 6
Final Result

This report details the findings of an ethical hacking engagement focused on assessing the
organization's vulnerability to email spoofing attacks. Email spoofing is a technique where
attackers forge the sender address in an email, making it appear to originate from a trusted
source. This can be used for phishing attacks, where the recipient is tricked into clicking
malicious links or revealing sensitive information.

The engagement employed a combination of social engineering techniques and technical analysis
to identify weaknesses in email security protocols and user awareness.

35
 Appendices

Ethical Hacking - Email Spoofing

This appendix dives deeper into email spoofing techniques used in ethical hacking engagements.
It's crucial to remember that ethical hackers only perform spoofing activities with explicit
permission from the target organization and within the legal boundaries of penetration testing.

Knowledge on Email Spoofing

Email spoofing involves forging the sender address in an email to make it appear as if it
originated from a different source. Malicious actors exploit spoofing for phishing attacks, where
they trick recipients into revealing sensitive information or clicking malicious links. Ethical
hackers leverage spoofing to:

● Simulate Phishing Attacks: Test employee awareness and susceptibility to phishing

attempts.

● Assess Email Security Controls: Evaluate the effectiveness of email filters and spam
detection mechanisms in identifying spoofed emails.

● Bypass Sender Reputation Filters: Test if legitimate emails might be getting

blocked due to overzealous filtering based on sender reputation.

Techniques for Ethical Email Spoofing (Controlled Environment)

Important Note: These techniques should only be performed in a controlled lab environment
with written permission and within the scope of a penetration testing engagement.

● Modifying Email Headers: Some email clients allow editing the "From" field before
sending. This enables testers to craft emails with spoofed sender addresses.

● Using Spoofing Tools: Ethical hacking frameworks like Kali Linux offer tools for
crafting spoofed emails. These tools typically require the Mail Transfer Agent (MTA)
server details to function.

36
Ethical Considerations for Email Spoofing

● Prior Authorization: Always obtain written permission from the client organization
before initiating any email spoofing activities.

● Limited Scope: Restrict spoofing attempts to a specific set of users or domains as

defined in the testing scope.

● Transparency: Inform participants about the email spoofing exercise beforehand to

avoid confusion and panic.

● Educational Purpose: Use spoofing results to educate employees on phishing red

flags and secure email practices.

● Reporting: Document the spoofing methodology and results in the final penetration
testing report.

Mitigating Email Spoofing

● SPF, DKIM & DMARC: Implement email authentication protocols like Sender
Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based
Message Authentication, Reporting & Conformance (DMARC) to validate email
senders.

● User Awareness Training: Educate employees on identifying phishing attempts.

Train them to be cautious of unexpected emails, especially those requesting sensitive
information or urging them to click on links.

● Email Filtering: Configure email filters to identify suspicious email characteristics

like generic greetings, misspelled domain names, and urgency tactics.

By understanding email spoofing techniques and implementing proper security measures,

organizations can significantly reduce the risk of falling victim to phishing scams. This appendix
provides a starting point for ethical hackers to explore email spoofing in a controlled
environment and for organizations to bolster their email security posture.

37
 References

● Farabee Islam, Md Nazmul Hoq, Professor Dr. Chowdhury Mofizur Rahman,

“Application of Hacking with server type Spoofing,” IEEE Transactions on Image
Processing, 2022.
●
● F. T. Pinki, N. Khatun, S. M. M. Islam, “Content based Email spoofing and remedy
prediction using support vector machine,” Journal of Agricultural and Food
Chemistry, 2021.

● Md. Asif Iqbal, Kamrul Hasan Talukder, “Detection Tools and Machine Learning,”
International Journal of Agricultural and Biological Engineering, 2022.

● Malvika Ranjan, Manasi Rajiv Weginwar, Neha Joshi, A.B. Ingole, “Detection and
Classification of Leaf Disease Using Artificial Neural Network,” International
Journal of Computer Applications, 2022.

● Prof. Dr. Nabarun Bhattacharyya thesis paper.

● Got Vill paper on Ethical Hacking.

● Udemy Acadamy on Said Bilal course on ethical hacking.

● Knowledge on Ethical Hacking from Wiki How.

38
project ethical hacking_Jafreed Mondal.pdf
ORIGINALITY REPORT

4%
SIMILARITY INDEX

PRIMARY SOURCES

1 fastercapital.com
Internet 85 words — 1%
2 huggingface.co
Internet 32 words — 1%
3 medium.com
Internet 30 words — 1%
4 tecadmin.net
Internet 30 words — 1%
5 sleeknote.com
Internet 27 words — < 1%
6 www.tutspointer.com
Internet 27 words — < 1%
7 2101704615fio.blog.binusian.org
Internet 25 words — < 1%
8 quickleft.com
Internet 24 words — < 1%
9 phoenixnap.com
Internet 22 words — < 1%
10 recerc.eu
Internet