Professional Documents
Culture Documents
Final year project Report
Final year project Report
A PROJECT REPORT
Submitted by
JAFREED MONDAL
Supervised by
Prof. Dr. Nabarun Bhattacharyya
of
2022-2024
1
BONAFIDE CERTIFICATE
SIGNATURE
SIGNATURE
External Examiner:
2
ACKNOWLEDGEMENT
JAFREED MONDAL
Master of Computer Application (MCA)
3
TABLE OF CONTENTS
Content Page No
TITLE PAGE 1
BONAFIDE CERTIFICATE 2
ACKNOWLEDGEMENT 3
TABLE OF CONTENTS 4
ABSTRACT 5
APPENDICES 36-37
REFERENCES 38
4
Abstract
Ethical hacking utilizes controlled simulations to expose security weaknesses. In this context,
email spoofing simulations would involve sending emails with spoofed sender addresses to
targeted users within the organization. These emails, however, would be clearly marked as part
of a security test and would not contain malicious content.
The recipient response to these simulated spoofing attempts is then analyzed. Factors like email
open rates, clicks on embedded links, and downloads of attachments would be evaluated. This
helps gauge employee awareness and susceptibility to social engineering tactics often employed
in spoofing scams.
By identifying weaknesses in user awareness and potential security loopholes, organizations can
implement targeted security training programs and technical measures to mitigate the risks
associated with email spoofing attacks. This ethical hacking approach empowers organizations to
proactively strengthen their email security posture.
5
Chapter- 1
INTRODUCTION
Vulnerability assessments, social engineering, and network scanning are some of the methods
used in ethical hacking. When it comes to obtaining sensitive information, social engineering
takes use of human psychology, whereas network scanning looks for any architectural flaws in
systems. Vulnerability evaluations look for known weaknesses in systems that could be used by
bad actors.
Organization's security posture is maintained in large part by ethical hackers. They do this by
spotting vulnerabilities early on and taking steps to mitigate them so that firms may remain
ahead of future threats. Given the sophistication and frequency of assaults in today's digital
environment, it is imperative that security measures be proactive.
Finding vulnerabilities before malevolent hackers can exploit them is one of the main advantages
of ethical hacking. Through the simulation of actual attacks, ethical hackers are able to find
vulnerabilities that could otherwise remain hidden. By taking a proactive stance, companies can
fortify their defences and lower their risk of financial loss, reputational harm, and data breaches.
6
Moreover, ethical hacking encourages an awareness of security throughout the organisation.
Frequent vulnerability assessments and penetration tests inform staff members about possible
risks and stress the value of following security procedures. This increased knowledge can greatly
lower the possibility that human error-related cyberattacks would be effective.
Ethical hacking benefits individual organisations as well as the larger cybersecurity ecosystem.
Through exchanging knowledge about identified weaknesses and methods of attack, ethical
hackers contribute to the advancement of security protocols and standards throughout several
sectors. To address the ever-growing menace of cybercrime, collaboration is needed.
This study's main goal is to investigate how ethical hacking can improve cybersecurity
precautions. The goal of the study is to present a thorough grasp of ethical hacking techniques,
their significance in contemporary cybersecurity tactics, and the advantages they provide to
businesses.
7
Specific objectives include:
Comprehending Ethical Hacking Methods: This course will explore a range of ethical hacking
methods, such as vulnerability assessments, social engineering, and network scanning. This will
give a thorough rundown of the techniques employed by ethical hackers to recognise and
eliminate security risks.
Analysing the Impact of Ethical Hacking: This study aims to determine how well ethical
hacking works to improve security posture and thwart cyberattacks. Analysing case studies and
actual instances of businesses that have profited from ethical hacking techniques would be
necessary for this.
Limitations and obstacles: The study will also list the restrictions and obstacles that come with
ethical hacking. This entails being aware of the possible dangers as well as the moral issues
surrounding vulnerability assessments and penetration testing.
Encouraging Best Practices: Considering the research's conclusions, best practices will be
suggested for businesses wishing to include ethical hacking in their cybersecurity plan. This will
cover suggestions for keeping up to date with the most recent threat intelligence, encouraging a
security-aware culture, and carrying out routine assessments.
There are some constraints to take into account, even if the study attempts to provide a thorough
explanation of ethical hacking. First off, the information provided could soon become old due to
8
the continuously changing nature of cyber threats. In order to lessen this, the study will
concentrate on essential ideas and methods that hold true even as the nature of threats evolves.
Second, case studies, expert comments, and already published literature will be the main sources
of secondary data for this research. Although this method offers insightful information, it might
not fully encompass the range of ethical hacking techniques and their consequences. In order to
ensure a comprehensive analysis, the research will incorporate a variety of sources to meet this
limitation.
Finally, there is a certain amount of danger associated with ethical hacking, and the efficiency of
the technique varies based on the implementation and circumstances. The study will take note of
these differences and stress how crucial it is to customise ethical hacking techniques to the
particular requirements of every company.
The thesis is structured to provide a logical and coherent exploration of ethical hacking and its
role in cybersecurity. The structure includes the following chapters:
Introduction: This chapter introduces the topic of ethical hacking, outlining its importance in
modern cybersecurity strategies. It also presents the research objectives, scope, and limitations.
Literature Review: This chapter reviews existing literature on ethical hacking, covering various
techniques, benefits, challenges, and real-world applications. It provides a theoretical foundation
for the study.
Methodology: This chapter outlines the research methodology, including data collection and
analysis methods. It explains how the study will achieve its objectives and address the research
questions.
Findings and Analysis: This chapter presents the findings of the research, analyzing the
effectiveness of ethical hacking in enhancing cybersecurity. It includes case studies and
real-world examples to illustrate key points.
9
Discussion: This chapter discusses the implications of the findings, identifying best practices and
recommendations for organizations looking to implement ethical hacking. It also addresses the
challenges and limitations identified in the study.
Conclusion: This chapter summarizes the key findings and contributions of the research. It
reiterates the importance of ethical hacking in cybersecurity and suggests areas for future
research.
By following this structure, the thesis aims to provide a comprehensive and insightful analysis of
ethical hacking and its role in enhancing cybersecurity
10
Chapter- 2
Setting Up the Environment
Creating an environment conducive to ethical hacking is a critical first step for security
professionals. Ethical hacking involves identifying and exploiting vulnerabilities in systems to
enhance their security. To practice these skills safely, a controlled and isolated environment is
essential. This environment typically includes virtual machines (VMs), which simulate different
operating systems and applications. Virtualization software such as VirtualBox or other VM
platforms is used to set up and manage these VMs.
Download VirtualBox: Visit the official VirtualBox website and download the Windows version
of the installer.
Run the Installer: Double-click the downloaded file to launch the installer. Follow the
on-screen instructions, accepting the default settings unless you have specific requirements.
Custom Installation: During installation, you can choose the components to install. The default
options are usually sufficient for most users. You can also specify the installation location.
Network Interfaces: VirtualBox will install network interfaces on your system. These are
necessary for VM networking. Allow the installation of these interfaces.
Installation: Click the 'Install' button. You might need to grant administrative privileges.
Complete Installation: Once the installation is complete, launch VirtualBox from the Start
Menu or desktop shortcut.
11
VirtualBox provides a user-friendly interface to manage multiple VMs, allowing you to create,
configure, and run different operating systems
simultaneously. This setup is crucial for ethical hacking practices, as it enables the creation of
isolated environments to test various attack and defense techniques.
Once VirtualBox is installed, the next step is to set up VMs for ethical hacking exercises. Two
commonly used VMs in this context are Kali Linux and Metasploitable.
Kali Linux: Kali Linux is a Debian-based distribution designed for digital forensics and
penetration testing. It comes pre-installed with numerous tools used for ethical hacking.
Download Kali Linux: Visit the official Kali Linux website and download the appropriate ISO
file.
Create a New VM in VirtualBox: Open VirtualBox and click 'New' to create a new VM. Name
it 'Kali Linux', set the type to 'Linux', and the version to 'Debian (64-bit)'.
Allocate Resources: Allocate memory and disk space. A minimum of 2GB RAM and 20GB of
disk space is recommended.
12
Mount the ISO: In the VM settings, go to 'Storage' and mount the downloaded Kali Linux ISO
file to the virtual optical drive.
Install Kali Linux: Start the VM and follow the on-screen instructions to install Kali Linux.
This process includes partitioning the disk, selecting a mirror, and setting up a user account.
Post-Installation: After installation, remove the ISO and restart the VM. Update the system and
install any additional tools needed.
Download Metasploitable: Visit the Rapid7 website and download the Metasploitable VM.
Create a New VM in VirtualBox: Open VirtualBox and click 'New'. Name it 'Metasploitable',
set the type to 'Linux', and the version to 'Ubuntu (64-bit)'.
Allocate Resources: Allocate memory and disk space. A minimum of 512MB RAM and 10GB
of disk space is sufficient.
Import the VM: In the VM settings, go to 'Storage' and mount the downloaded Metasploitable
VMDK file.
Start Metasploitable: Boot the VM. There is no installation process for Metasploitable as it is
pre-configured.
13
3. Networking Setup Between Host and Guest VMs
Networking setup is crucial for simulating real-world scenarios in ethical hacking. You need to
configure the network to allow communication between your host machine and the guest VMs.
Network Modes: VirtualBox offers several network modes. For ethical hacking, the following
are commonly used:
NAT (Network Address Translation): This mode allows the VM to access external
networks (like the internet) via the host. It's simple but doesn't allow incoming
connections to the VM from the host.
Bridged Adapter: This mode connects the VM directly to the host's physical network.
The VM gets an IP address from the same range as the host, allowing full network access.
Host-Only Adapter: This mode creates a private network between the host and VMs. It’s
ideal for isolating the lab environment from external networks.
Assigning IP Addresses:
Bridged Adapter: The VM will get an IP address from your router. You can check this
by running ifconfig or ip a in the terminal.
Host-Only Adapter: VirtualBox provides a DHCP server for the host-only network.
Ensure the VM gets an IP from this range, or you can assign a static IP within the same
range.
Testing Connectivity:
From your host machine, open a terminal or command prompt.
Ping the IP address of the Kali Linux VM to ensure connectivity.
Similarly, ping the Metasploitable VM from Kali Linux to verify internal network
communication.
Additional Configurations:
SSH Access: Install and configure SSH on your VMs to allow remote access. This can be
done by installing openssh-server on both Kali Linux and Metasploitable.
14
Shared Folders: Set up shared folders between the host and VMs for easy file transfer.
You can practise several ethical hacking tactics using this setup. Tools like Nmap for network
scanning, Metasploit for vulnerability analysis, and Wireshark for packet analysis are all
available with Kali Linux. Because the Metasploitable virtual machine is intentionally designed
to be susceptible, it is an ideal target for these tools, which let you practise safely.
By creating such an atmosphere, you can lower the possibility of unintentional harm or legal
problems by making sure your ethical hacking activities are carried out sensibly and in a
regulated area. Anyone who is serious about learning and using ethical hacking techniques needs
to take this first step.
15
Chapter- 3
Reconnaissance, or obtaining information, is the initial stage of ethical hacking. To find potential
vulnerabilities, it entails gathering as much data as you can about the target system or network.
This stage of the ethical hacking process is very important since it sets the groundwork for later
phases. Collecting information effectively can greatly increase the likelihood of finding
vulnerabilities that can be exploited.
Reconnaissance and footprinting are key techniques in the information-gathering phase. These
methods help an ethical hacker understand the structure, technology, and vulnerabilities of the
target system.
Passive Reconnaissance: This involves collecting information about a target without directly
interacting with it. Techniques include:
● Search Engines: Using search engines like Google to find information about the
target. This can include websites, blogs, news articles, and more.
●
● Social Media: Gathering data from social media platforms where employees might
share information about their workplace.
●
● WHOIS Lookup: This provides details about domain registration, such as the
owner's name, contact information, and hosting details.
●
● DNS Enumeration: Identifying DNS records to discover subdomains, mail servers,
and other critical infrastructure.
●
Active Reconnaissance: This involves directly interacting with the target system to gather
information. Techniques include:
16
● Port Scanning: Identifying open ports on a target system to determine which services
are running.
● Network Scanning: Mapping the network to understand its topology and identify
live hosts.
● Website Footprinting: Analyzing the target's website to gather information about its
structure, technologies used, and possible entry points.
● Network Footprinting: Mapping the network to identify key devices, their roles, and
how they communicate.
17
2. Tools Used: Nmap, Netdiscover, etc.
Several tools are available for reconnaissance and footprinting, each designed to gather specific
types of information about the target system or network. Here, we'll discuss some of the most
commonly used tools in ethical hacking.
● Purpose: Nmap is a powerful open-source tool used for network discovery and
security auditing. It is capable of identifying live hosts, open ports, running services,
and their versions, as well as the operating system of the target.
● Features:
● Port Scanning: Nmap can perform comprehensive port scans to identify open
and closed ports.
● Service Detection: It can determine the services running on open ports and
their versions.
● OS Fingerprinting: Nmap can detect the operating system and device type.
● Scripting Engine: Nmap's NSE (Nmap Scripting Engine) allows for custom
scripts to automate various tasks, such as vulnerability detection and
exploitation.
● Usage:
● Basic scan: nmap <target>
● Scan for specific ports: nmap -p 80,443 <target>
● OS detection: nmap -O <target>
Netdiscover:
18
WHOIS Lookup Tools:
● Purpose: WHOIS tools provide information about domain registration, including the
registrant's name, contact details, and hosting provider.
● Features:
● Domain Information: Retrieve details about the domain owner, registration
dates, and status.
● Contact Information: Find the contact details of the registrant,
administrative, and technical contacts.
● Usage:
● Online tools: Websites like whois.domaintools.com provide an easy interface
for WHOIS lookups.
● Command-line: whois <domain>
● Purpose: Tools like dnsenum and dig are used to gather information about DNS
records of a target domain.
● Features:
● Subdomain Discovery: Identify subdomains associated with the target
domain.
● DNS Records: Retrieve various DNS records such as A, MX, NS, and TXT
records.
● Usage:
● dnsenum <domain>
● dig <domain>
● Purpose: Tools like Maltego can be used to gather information from social media and
other online platforms.
● Features:
● Data Mining: Extract data from various online sources to build a profile of
the target.
● Visualization: Graphical representation of relationships between different
data points.
● Usage: Install and run Maltego, then use its transforms to gather and visualize data.
These tools form the backbone of the information-gathering phase in ethical hacking, allowing
professionals to collect and analyze data efficiently.
19
3. Analysis and Interpretation of Gathered Information
Once the data has been gathered using various reconnaissance and footprinting techniques and
tools, the next step is to analyze and interpret this information. The goal is to identify potential
vulnerabilities and determine the best approach for further testing or exploitation.
Data Organization:
● Categorization: Organize the gathered data into categories such as network topology,
open ports, services, and vulnerabilities.
● Documentation: Maintain detailed records of the information, including screenshots,
tool outputs, and notes.
Network Analysis:
● Topology Mapping: Create a visual map of the network topology, showing the
relationships between different devices and subnets.
● Live Hosts: Identify all live hosts on the network and their roles (e.g., servers,
workstations, IoT devices).
● Open Ports and Services: List all open ports and associated services on each host.
Pay special attention to services that are known to have vulnerabilities or are
misconfigured.
Vulnerability Identification:
● Service Versions: Check the versions of services running on open ports against
vulnerability databases (e.g., CVE, NVD) to identify known vulnerabilities.
● Misconfigurations: Look for common misconfigurations, such as default credentials,
open management interfaces, or unnecessary services.
● Exposure Points: Identify areas where sensitive information might be exposed, such
as through public-facing services or poorly configured firewalls.
● Operating Systems: Determine the operating systems running on the target hosts.
Different OSs have different vulnerabilities and require specific exploits.
● Applications: Identify the applications installed on the target systems, focusing on
web applications, databases, and other critical software.
Risk Assessment:
20
● Severity Ranking: Rank the identified vulnerabilities based on their potential impact
and ease of exploitation. High-severity vulnerabilities that are easy to exploit should
be prioritized.
● Threat Modeling: Consider the potential threats to the target system, such as data
breaches, denial of service attacks, or unauthorized access.
Reporting:
Continuous Monitoring:
By meticulously analyzing and interpreting the gathered information, ethical hackers can develop
a comprehensive understanding of the target system's weaknesses and devise effective strategies
to secure it. This phase is critical for identifying potential attack vectors and ensuring that the
target system is resilient against various threats.
21
Chapter- 4
Creating a comprehensive attack strategy is fundamental to the ethical hacking process. This
involves systematically planning the attack, exploiting vulnerabilities, and maintaining access
through backdoors and persistence mechanisms. In the context of email spoofing, these steps can
be crucial in understanding how attackers could compromise email systems and implement
long-term threats.
Building an effective attack strategy involves several key components. These include thorough
reconnaissance, vulnerability identification, planning the attack sequence, and choosing the right
tools and techniques.
● Social Engineering: Use social engineering techniques to gather more data. This
could involve interacting with the target's employees or finding information on social
media.
Vulnerability Identification:
● Email Protocols: Identify vulnerabilities in email protocols like SMTP, IMAP, and
POP3. Common issues include open relays, weak authentication, and misconfigured
servers.
● Software and Plugins: Identify vulnerabilities in the email software and any plugins
or extensions used. This could involve checking for outdated software or known
vulnerabilities.
22
● Phishing Campaigns: Plan a phishing campaign to trick users into revealing
sensitive information or installing malicious software. This involves crafting
convincing emails and determining the right timing for sending them.
● Email Spoofing: Plan how to spoof emails to make them appear as if they are coming
from trusted sources. This could involve using tools like SET (Social Engineering
Toolkit) to craft emails and spoof addresses.
● Exploitation Tools: Select tools for exploiting identified vulnerabilities. This could
include Metasploit for delivering payloads or custom scripts for exploiting specific
vulnerabilities.
● Persistence Mechanisms: Plan how to maintain access once the initial compromise
is achieved. This could involve setting up backdoors or using malware to ensure
continued access.
Exploitation:
● Initial Access: Gain initial access through vulnerabilities identified during the
reconnaissance phase. This could involve exploiting weak authentication in email
servers or delivering payloads through phishing emails.
● Privilege Escalation: Once access is gained, escalate privileges to gain more control
over the system. This could involve exploiting local vulnerabilities or using tools like
Metasploit to find and exploit further weaknesses.
Implementing Backdoors:
● Reverse Shells: Set up reverse shells to maintain remote access to the compromised
system. Tools like Netcat or Metasploit's Meterpreter can be used for this purpose.
● Web Shells: If the target is a web server, upload a web shell to maintain access. This
could involve exploiting vulnerabilities in web applications or misconfigured servers.
Persistence Mechanisms:
23
● Registry Modifications: Modify the registry on Windows systems to ensure that the
backdoor runs every time the system starts.
● Scheduled Tasks: Set up scheduled tasks or cron jobs to run the backdoor or other
malicious code at regular intervals.
● Service Installation: Install a malicious service that runs with elevated privileges and
provides remote access.
Trojans are malicious programs that appear to be legitimate software but perform harmful actions
when executed. Compiling and modifying Trojans involves creating these malicious programs
and customizing them to evade detection and achieve specific goals.
Compiling Trojans:
● Source Code: Obtain or write the source code for the Trojan. This could involve
using publicly available code or writing custom code to achieve specific objectives.
● Compiling: Use a compiler to convert the source code into an executable file. This
could involve using tools like GCC for Linux or Visual Studio for Windows.
● Testing: Test the compiled Trojan to ensure that it works as intended and does not
crash or produce errors.
Modifying Trojans:
● Code Obfuscation: Obfuscate the code to make it harder to detect and analyze. This
could involve using tools to rename variables, encrypt strings, and insert junk code.
● Polymorphic Code: Use polymorphic techniques to change the code each time it is
executed. This makes it harder for antivirus software to detect the Trojan based on
signature analysis.
● Custom Payloads: Modify the payloads delivered by the Trojan to achieve specific
objectives. This could involve adding keyloggers, data exfiltration tools, or other
malicious code.
24
3. Modifying Trojan Attributes (Icon, File Extension)
Modifying the attributes of a Trojan can help it evade detection and increase the likelihood of it
being executed by the target. This involves changing the icon and file extension to make the
Trojan appear as a legitimate file.
● Icon Files: Obtain an icon file that matches the appearance of a legitimate
application. This could involve extracting icons from genuine software or creating
custom icons.
● Resource Editors: Use resource editing tools like Resource Hacker to change the
icon of the Trojan. This involves opening the executable file in the editor and
replacing the existing icon with the new one.
● Testing: Ensure that the modified Trojan still works as intended and that the icon
change is successful.
● Double Extensions: Use double extensions to trick the target into thinking the file is
safe. For example, changing a file name to "document.pdf.exe" can make it appear as
a PDF file.
● File Binders: Use file binders to combine the Trojan with a legitimate file. This
makes the Trojan appear as a harmless file while executing malicious code in the
background.
4. Email Spoofing
Email spoofing is a technique used to forge the sender address of an email to make it appear as if
it is coming from a trusted source. This technique is often used in phishing attacks and other
social engineering exploits.
25
● SPF, DKIM, and DMARC: These are email authentication protocols used to verify
the legitimacy of emails. Understanding these protocols can help in bypassing or
defeating them.
● Python Scripts: Custom Python scripts can be written to automate the process of
sending spoofed emails using libraries like smtplib.
● Content: Write convincing email content that appears to come from a trusted source.
This could involve mimicking the style and tone of legitimate emails.
26
● Headers: Modify email headers to make the email appear as if it is coming from a
legitimate domain. This involves changing the "From" and "Reply-To" headers.
● Tracking: Track the response of the targets. This could involve monitoring email
opens, link clicks, and attachment downloads.
● Adjusting Tactics: Based on the response, adjust the tactics and content of the emails
to increase the likelihood of success.
27
Chapter- 5
Email spoofing is a technique used to forge the sender address on an email, making it appear as if
it comes from a trusted source. This deceptive practice is often used in phishing attacks, fraud
schemes, and other malicious activities. Understanding how to execute and defend against email
spoofing is essential for both ethical hackers and security professionals. This guide will cover the
technical aspects, tools, and methods involved in sending spoofed emails through web hosting.
Email spoofing exploits the inherent vulnerabilities in the email protocol, primarily SMTP
(Simple Mail Transfer Protocol). SMTP lacks robust authentication mechanisms, making it
relatively easy for attackers to send emails with a forged sender address.
SMTP Overview:
● Function: SMTP is used to send emails from a client to a server or between servers.
● Lack of Authentication: SMTP was designed without strong authentication, which
allows for the manipulation of email headers.
Email Headers:
● From: Indicates the sender's email address.
● Reply-To: Specifies the address where responses should be sent.
● Return-Path: Used for bounce messages.
Manipulating these headers allows attackers to craft emails that appear to come from legitimate
sources.
To send spoofed emails, several prerequisites must be met, including domain registration, access
to web hosting services, and the appropriate tools and knowledge.
Domain Registration:
28
● Register a domain name that can be used to send spoofed emails. The domain name
should ideally resemble a legitimate domain to enhance the credibility of the spoofed
emails.
Web Hosting:
● Obtain a web hosting account that provides email services. The hosting provider
should allow the customization of email headers.
● Python smtplib: A Python module that provides functions to send emails using the
SMTP protocol.
29
Understanding Email Authentication Protocols:
● SPF (Sender Policy Framework): Prevents unauthorized users from sending emails
on behalf of your domain.
Setting up the environment involves configuring the web hosting service, creating email
accounts, and preparing the necessary scripts or tools for sending spoofed emails.
30
● Create email accounts that will be used to send spoofed emails.
DNS Settings:
● Configure the DNS records for your domain. This includes setting up MX records for
email delivery and configuring SPF, DKIM, and DMARC records if necessary.
● To bypass SPF, DKIM, and DMARC, the attacker might need to find misconfigured
servers or exploit vulnerabilities in the target's email configuration.
● Sendmail: Install Sendmail on a Linux server using package managers like apt or
yum.
● PHPMailer: Download and include the PHPMailer library in your PHP scripts.
● Python smtplib: Ensure Python is installed on your server and import the smtplib
module in your scripts.
With the environment set up, the next step is to craft and send spoofed emails. This involves
creating convincing email content and manipulating email headers.
● Write email content that mimics the style and tone of legitimate emails from the
spoofed sender.
● Modify the From, Reply-To, and other headers to make the email appear as if it is
coming from a trusted source.
Using Sendmail:
31
● Create a file (e.g., email.txt) with the email headers and content: From:
spoofed@example.com To: victim@example.com Subject: Important Update This is
a spoofed email message.
Using PHPMailer:
<?php
use PHPMailer\PHPMailer\PHPMailer;
require 'vendor/autoload.php';
32
$mail->isHTML(true);
$mail->Subject = 'Important Update';
$mail->Body = 'This is a spoofed email message.';
if(!$mail->send()) {
echo 'Message could not be sent.';
echo 'Mailer Error: ' . $mail->ErrorInfo;
} else {
echo 'Message has been sent';
}
import smtplib
from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart
sender_email = "spoofed@example.com"
receiver_email = "victim@example.com"
subject = "Important Update"
body = "This is a spoofed email message."
msg = MIMEMultipart()
msg['From'] = sender_email
msg['To'] = receiver_email
msg['Subject'] = subject
msg.attach(MIMEText(body, 'plain'))
try:
server = smtplib.SMTP('smtp.yourhost.com', 587)
server.starttls()
server.login("yourusername", "yourpassword")
text = msg.as_string()
server.sendmail(sender_email, receiver_email, text)
server.quit()
print("Email sent successfully")
except Exception as e:
print(f"Failed to send email: {e}")
33
Defending Against Email Spoofing
While learning about email spoofing is important for understanding potential threats, defending
against such attacks is crucial for maintaining email security.
● SPF: Configure SPF records to specify which servers are allowed to send emails on
behalf of your domain.
● DKIM: Set up DKIM to add a digital signature to your emails, ensuring their
authenticity.
● DMARC: Implement DMARC to instruct email receivers on how to handle emails
that fail SPF or DKIM checks.
User Education:
● Educate users about the risks of email spoofing and how to identify suspicious emails.
Technical Measures:
● Employ anti-spam and anti-phishing solutions to filter out spoofed emails.
34
Chapter- 6
Final Result
This report details the findings of an ethical hacking engagement focused on assessing the
organization's vulnerability to email spoofing attacks. Email spoofing is a technique where
attackers forge the sender address in an email, making it appear to originate from a trusted
source. This can be used for phishing attacks, where the recipient is tricked into clicking
malicious links or revealing sensitive information.
The engagement employed a combination of social engineering techniques and technical analysis
to identify weaknesses in email security protocols and user awareness.
35
Appendices
This appendix dives deeper into email spoofing techniques used in ethical hacking engagements.
It's crucial to remember that ethical hackers only perform spoofing activities with explicit
permission from the target organization and within the legal boundaries of penetration testing.
Email spoofing involves forging the sender address in an email to make it appear as if it
originated from a different source. Malicious actors exploit spoofing for phishing attacks, where
they trick recipients into revealing sensitive information or clicking malicious links. Ethical
hackers leverage spoofing to:
● Assess Email Security Controls: Evaluate the effectiveness of email filters and spam
detection mechanisms in identifying spoofed emails.
Important Note: These techniques should only be performed in a controlled lab environment
with written permission and within the scope of a penetration testing engagement.
● Modifying Email Headers: Some email clients allow editing the "From" field before
sending. This enables testers to craft emails with spoofed sender addresses.
● Using Spoofing Tools: Ethical hacking frameworks like Kali Linux offer tools for
crafting spoofed emails. These tools typically require the Mail Transfer Agent (MTA)
server details to function.
36
Ethical Considerations for Email Spoofing
● Prior Authorization: Always obtain written permission from the client organization
before initiating any email spoofing activities.
● Reporting: Document the spoofing methodology and results in the final penetration
testing report.
● SPF, DKIM & DMARC: Implement email authentication protocols like Sender
Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based
Message Authentication, Reporting & Conformance (DMARC) to validate email
senders.
37
References
● Md. Asif Iqbal, Kamrul Hasan Talukder, “Detection Tools and Machine Learning,”
International Journal of Agricultural and Biological Engineering, 2022.
● Malvika Ranjan, Manasi Rajiv Weginwar, Neha Joshi, A.B. Ingole, “Detection and
Classification of Leaf Disease Using Artificial Neural Network,” International
Journal of Computer Applications, 2022.
38
project ethical hacking_Jafreed Mondal.pdf
ORIGINALITY REPORT
4%
SIMILARITY INDEX
PRIMARY SOURCES
1 fastercapital.com
Internet 85 words — 1%
2 huggingface.co
Internet 32 words — 1%
3 medium.com
Internet 30 words — 1%
4 tecadmin.net
Internet 30 words — 1%
5 sleeknote.com
Internet 27 words — < 1%
6 www.tutspointer.com
Internet 27 words — < 1%
7 2101704615fio.blog.binusian.org
Internet 25 words — < 1%
8 quickleft.com
Internet 24 words — < 1%
9 phoenixnap.com
Internet 22 words — < 1%
10 recerc.eu
Internet