Practical Works for BSc CS Course in Ethical Hacking, Study Guides, Projects, Research of Computer science

Download Practical Works for BSc CS Course in Ethical Hacking and more Study Guides, Projects, Research Computer science in PDF only on Docsity! MALAD KANDIVALI EDUCATION SOCIETY’S NAGINDAS KHANDWALA COLLEGE OF COMMERCE, ARTS & MANAGEMENT STUDIES & SHANTABEN NAGINDAS KHANDWALA COLLEGE OF SCIENCE MALAD [W], MUMBAI – 64 (AUTONOMOUS) (Reaccredited ‘A’ Grade by NAAC) (AFFILIATED TO UNIVERSITY OF MUMBAI) (ISO 9001:2015) CERTIFICATE Name: Mr. Aman Sahu Roll No: 545 Programme: BSc CS Semester: V This is certified to be a bonafide record of practical works done by the above student in the college laboratory for the course Ethical Hacking for the partial fulfillment of the Fifth Semester of BSc CS during the academic year 2023-2024. The journal work is the original study work that has been duly approved in the year 2023-2024 by the undersigned. External Examiner Subject-In-Charge (Ms. Vishakha Bagwe) Date of Examination: (College Stamp) INDEX Sr.No. Date Topic Page No Sign 1 Use Google, traceroute and Whois for Reconnaissance 2 Use Cain and Abel for cracking Windows account password using Dictionary attack 3 Implementing cryptanalysis tool 4 Study and implementation of sniffing tools 5 Study of Denial of Service attack tools 6 Study of Hijacking tools 7 Perform SQL injection attack 8 Create a simple keylogger using python 9 Using the tools for scanning network 10 Use Wireshark (Sniffer) to capture network traffic and analyze TYCS Aman Sahu 545 Page 3 1.B :- 1.C :- TYCS Aman Sahu 545 1D: Doman Resevaton Domain x | (A) Whos gattrgeskcom x | @ LosingeramuR XG brviview ince: x + vo- 0 x € > © Gi webstatsdomainorg/djwn.inur-view-index-shtminet IGE a @ WEBSTATSDOMAIN Ea collet nd antes Inurl-view-index-shtmi.net Get a widget aun veins Li rut ie sh (EDD inur-viewindex-shtmi.netis DOWN scaes2e07.05 Find Ateratives POPULARITY: <=— SAFETY, LEG gal_ CONTACT NFO: otto cm advertising [ik] !nurl-view-index-shtmL.net Domain Statistics este Heat wage Tie In matings shm_Live Cameras. rr won sim | 4 2 cy cn Goo bp OUDeC EE + af SF onan 0" vo-o72023 Page 4 TYCS Aman Sahu 545 Page 5 Practical No:- 2 Aim:- Use Cain and Abel for cracking Windows account password using Dictionary attack. Theory:- "Cain & Abel" is a password recovery tool that can be used for various purposes, including dictionary attacks and other password cracking techniques. However, it's important to note that using tools like Cain & Abel for unauthorized purposes, such as cracking passwords without proper authorization, is illegal and unethical. A dictionary attack is a type of password cracking where an attacker uses a list of common words or phrases (known as a "dictionary") to attempt to guess a password. Cain & Abel, like other similar tools, can automate this process by trying each word from the dictionary against the target password until a match is found. STEPS: Step : 1 TYCS Aman Sahu 545 Page 8 Step: 6 TYCS Aman Sahu 545 Page 9 Practical No:-3 Aim:- Implementing cryptanalysis tool . Theory:- 1) RC4 (also known as Rivest Cipher 4) is a form of stream cipher. It encrypts messages one byte at a time via an algorithm. 2) RC4 encryption isn't omnipresent. In fact, the Internet Engineering Task Force has explicitly banned RC4's use in some spaces. But knowing how the tool works could help you improve upon it as you look for ways to protect your data. To explain things simply, RC4 relies on this step-by-step model: 1. Initiate: You input a secret key and the text you'd like to protect. 2. Encrypt: The cipher scrambles your text via encryption. The work happens byte by byte rather than in chunks. 3. Send: Your scrambled text heads to the recipient. That person should have a copy of the secret key you used to protect the data. 4. Decryption: The recipient walks back through these steps to uncover your original text. STEPS: Step: 1 TYCS Aman Sahu 545 Page 10 Step: 2 Step: 3 TYCS Aman Sahu 545 Page 13 Step: 2 Step: 3 TYCS Aman Sahu 545 Page 14 Practical No:-4 Aim:- Study and implementation of sniffing tools. Theory:- Studying and implementing sniffing tools involves understanding how network traffic is captured and analyzed for various purposes. Sniffing tools are used to intercept and monitor network traffic, allowing administrators, analysts, and security professionals to gain insights into the communication between devices and identify potential issues or threats. However, it's crucial to note that using sniffing tools inappropriately or without authorization can violate privacy and legal boundaries. Here's a general overview of studying and implementing sniffing tools: 1. Learn Networking Basics: Before diving into sniffing tools, it's important to have a solid understanding of networking concepts. Familiarize yourself with protocols, networking models (e.g., OSI model), IP addressing, and basic networking technologies. 2. Understand Packet Capture: Sniffing tools capture packets of data as they traverse a network. Study how packets are structured, including headers and payloads. Learn about the various types of packets, such as Ethernet, IP, TCP, UDP, and their role in network communication. 3. Choose a Sniffing Tool: There are several popular sniffing tools available, each with its own features and capabilities. Some commonly used tools include: a) Wireshark: A comprehensive packet capture and analysis tool with a user-friendly interface. b) tcpdump: A command-line packet capture tool available on many Unix-like systems. c) WinPcap: A Windows-based packet capture library that supports various sniffing applications. 4. Installation and Setup: Install the chosen sniffing tool on your system. Ensure that you have the necessary permissions to capture network traffic, as many sniffing tools require administrative or superuser privileges. 5. Capture Network Traffic: Start capturing network traffic using the selected tool. You can choose to capture traffic on a specific interface, filter packets based on criteria (e.g., IP addresses, ports), and save captured data to a file for analysis. TYCS Aman Sahu 545 Page 15 6. Analyze Captured Traffic: Once you have captured network traffic, you can analyze it to gain insights into the communication between devices. Look for patterns, anomalies, and potential security threats. Understand how to interpret packet headers, identify protocols, and analyze payloads. 7. Ethical Considerations: It's crucial to use sniffing tools ethically and responsibly. Unauthorized interception of network traffic can violate privacy and legal regulations. Always ensure that you have proper authorization and are using these tools for legitimate purposes, such as network troubleshooting, security assessments, or monitoring network performance. 8. Practice and Experimentation: Experiment with different types of network traffic and scenarios. Practice analyzing different protocols, understanding network behavior, and identifying potential security vulnerabilities. 9. Stay Updated: Network technologies and protocols evolve over time. Stay updated with the latest trends, security threats, and advancements in networking to effectively use sniffing tools. STEPS: Step 1: Open the cain software and navigate to sniffer tab on the top. TYCS Aman Sahu 545 Page 18 Step 5: While remaining on the sniffer tab navigate to the APR tag at the bottom. Step 6: Click anywhere in the top pane and then click the + or add to list sign in the top bar. This will open new ARP Poisoning routing window. Highlight the two targets The IP Address and the corresponding Default Gateway and click ok. TYCS Aman Sahu 545 Page 19 Step 7: ARP Poisons the Target: Now that the ARP poisoning is set, click the start/ stop APR button on the tool bar, this will change the status from idle to poisoning. TYCS Aman Sahu 545 Page 20 Practical No:-5 Aim:- Study of Denial of Service attack tools. Theory:- The study of denial-of-service (DoS) attack tools is an important aspect of cybersecurity. These tools are designed to overwhelm or disrupt the availability of a targeted system, network, or service by flooding it with a large volume of traffic. Understanding these tools helps security professionals defend against such attacks. Here are some key points to consider: 1. Types of DoS Attack Tools: There are various types of DoS attack tools, including: - Ping Flood: Overloading a target with ICMP Echo Request (ping) packets. - Syn Flood: Exploiting the TCP handshake process by sending multiple SYN requests without completing the handshake. - UDP Flood: Sending a large number of UDP packets to overwhelm a target's resources. - HTTP Flood: Flooding a web server with HTTP requests to exhaust its resources. - Amplification Attacks: Utilizing vulnerable servers to amplify the volume of attack traffic directed at the target. - Botnets: Coordinating a network of compromised computers (botnet) to launch a massive attack. 2. Countermeasures: To defend against DoS attacks, security measures include: - Network Segmentation: Dividing the network to isolate critical resources from potential attack traffic. - Firewalls and Intrusion Detection/Prevention Systems (IDS/IPS): Filtering and identifying malicious traffic. - Rate Limiting: Restricting the rate of incoming traffic to prevent overwhelming resources. - Content Delivery Networks (CDNs): Distributing traffic across multiple servers to mitigate the impact of attacks. - Cloud-Based Protection: Leveraging cloud services to absorb and filter malicious traffic. - Anomaly Detection: Monitoring for unusual patterns that might indicate an attack. 3. Legal and Ethical Considerations: Studying DoS attack tools should be done for educational purposes and within ethical boundaries. Unauthorized use of these tools to launch attacks is illegal and unethical. 4. Penetration Testing: Ethical hackers and security professionals use DoS attack simulations as part of penetration testing to assess a system's resilience against such attacks. 5. Learning from Attacks: Studying past DoS attacks and the tools used helps the cybersecurity community better understand attack vectors, vulnerabilities, and effective defense strategies. TYCS Aman Sahu 545 Page 23 The study of hijacking tools is important in cybersecurity to understand how attackers can compromise and take control of systems, accounts, or networks. However, it's crucial to approach this topic with ethical intentions and use your knowledge to enhance security rather than engage in malicious activities. Here are some key points to consider when studying hijacking tools: 1. Types of Hijacking Tools: - Session Hijacking: Unauthorized takeover of an active session between a user and a system. - DNS Hijacking: Redirecting DNS queries to malicious servers, leading users to fake websites. - ARP Spoofing/Poisoning: Manipulating ARP tables to reroute traffic through an attacker's system. - Clickjacking: Tricking users into clicking on something different from what they perceive. - BGP Hijacking: Manipulating Border Gateway Protocol routes to reroute traffic. 2. Understanding Attack Techniques: - Research and Analysis: Study how hijacking attacks work, their entry points, and the techniques used by attackers. - Vulnerability Analysis: Understand the vulnerabilities that hijackers exploit, such as weak passwords, unpatched software, or misconfigurations. 3. Countermeasures: - Encryption: Implement strong encryption to protect data in transit. - Multi-Factor Authentication (MFA): Use MFA to add an extra layer of security to user accounts. - Secure Configuration: Ensure proper configuration of devices, servers, and networks. - DNSSEC: Deploy Domain Name System Security Extensions to prevent DNS hijacking. - Network Monitoring: Regularly monitor network traffic for anomalies and unauthorized activities. 4. Ethical Considerations: - Always use your knowledge of hijacking tools for ethical and legal purposes, such as securing systems and networks. - Obtain proper authorization before conducting any testing or analysis on systems that you don't own. 5. Security Awareness: - Educate users about the risks associated with various types of hijacking attacks. - Promote a culture of cybersecurity within organizations to prevent attacks. TYCS Aman Sahu 545 Page 24 Practical No:-7 Aim:- Perform SQL injection attack. Theory:- A SQL injection attack is a type of cybersecurity vulnerability where malicious actors exploit vulnerabilities in a web application's input fields to execute unauthorized SQL (Structured Query Language) commands. These attacks can lead to unauthorized access to a database, data theft, data manipulation, or even full control over a system. Here's how SQL injection attacks work: 1. Vulnerability: Web applications often use user input to construct SQL queries that interact with a database. If the application does not properly validate and sanitize user input before using it in SQL queries, attackers can inject malicious SQL code. 2. Injection: Attackers input specially crafted SQL statements into input fields, such as login forms or search boxes, with the aim of manipulating the application's interaction with the database. 3. Exploitation: The malicious SQL code can alter the logic of the original query, allowing attackers to retrieve, modify, or delete data that they should not have access to. 4. Types of SQL Injection: - Classic SQL Injection: Attackers manipulate input to inject malicious SQL code. - Blind SQL Injection: Attackers exploit vulnerabilities without seeing the application's responses directly. - Time-Based Blind SQL Injection: Attackers infer vulnerabilities by measuring delays in responses. - Boolean-Based Blind SQL Injection: Attackers deduce vulnerabilities using true/false queries. 5. Impact: - Unauthorized Data Access: Attackers can retrieve sensitive data from the database. - Data Manipulation: Attackers can modify, delete, or insert data into the database. - Full System Compromise: In extreme cases, attackers can gain control over the underlying system. 6. Prevention and Mitigation: - Parameterized Queries: Use parameterized queries or prepared statements to separate user input from SQL code. - Input Validation and Sanitization: Validate and sanitize user inputs before using them in queries. - Web Application Firewalls (WAFs): Implement WAFs to filter and block malicious SQL injection attempts. - Least Privilege: Ensure that database accounts have minimal privileges to limit the impact of a successful attack. TYCS Aman Sahu 545 Page 25 7. Security Testing: - Regularly conduct security testing, including penetration testing, to identify and address SQL injection vulnerabilities. STEPS: Step 1: Step 2: Step 3: TYCS Aman Sahu 545 Page 28 Step 10: Step 11: Step 12: Step 13: TYCS Aman Sahu 545 Page 29 Practical No:-8 Aim:- Create a simple keylogger using python. Theory:- A keylogger is an insidious form of spyware. You enter sensitive data onto your keyboard, believing nobody is watching. In fact, keylogging software is hard at work loggingeverything that you type. Keyloggers are activity-monitoring software programs that givehackers access to your personal data. Steps: 1. Open command prompt install “pip install pynput”. 2. Switch off the firewall option from the Settings. 3. Save the Python file by the name “key_logger.py”. Step 1:- First go to Virus and threat protection settings and turn off the Real-time protection. Step 2:- And then go to python and write a keylogger code in python and run it. TYCS Aman Sahu 545 Page 30 Step 3:- Then Go to your browser Enter any keyword like search any website or anything else. Step 4:- And then in your File Manger a text file has created with the details of key’s, which you are pressed on your keyboard. TYCS Aman Sahu 545 Page 33 Step 3: Step 4: TYCS Aman Sahu 545 Page 34 9.B :- Step 1: Step 2: TYCS Aman Sahu 545 Page 35 9.C :- Step 1: Step 2: TYCS Aman Sahu 545 Page 38 Practical No:-10 Aim:- Use Wireshark (Sniffer) to capture network traffic and analyze. Theory:- Wireshark is a widely used network protocol analyzer that allows you to capture and analyze network traffic. It's an open-source tool that provides valuable insights into the communication happening within a network. Here's how you can use Wireshark to capture and analyze network traffic: 1. Installation: - Download and install Wireshark from the official website. - Install any necessary drivers or additional components, especially for capturing traffic on wireless networks. 2. Capturing Traffic: - Launch Wireshark and select the network interface you want to capture traffic from (e.g., Ethernet, Wi-Fi, loopback). - Click the "Start" button to begin capturing packets. 3. Packet Analysis: - Wireshark will display a live view of captured packets, including details like source and destination IP addresses, protocols, ports, and packet content. - Use filters to focus on specific traffic types, source/destination IPs, or protocols. 4. Packet Decoding and Inspection: - Click on individual packets to view their details and packet contents in various layers of the OSI model. - Expand sections to see the raw data and decoded information for each protocol. 5. Follow TCP Stream: - Right-click on a TCP packet and choose "Follow TCP Stream" to see the entire conversation between the source and destination in a readable format. 6. Statistics and Graphs: - Wireshark provides statistics about captured packets, including protocol distribution, conversation pairs, and more. - Use graphical tools to visualize statistics and trends. 7. Exporting Data: - You can export captured packets or specific conversations in various formats (e.g., CSV, XML, JSON) for further analysis. TYCS Aman Sahu 545 Page 39 8. Dissectors and Plugins: - Wireshark supports dissectors and plugins that enable it to decode and display specific protocols or data types. 9. Troubleshooting and Analysis: - Use Wireshark to troubleshoot network issues, diagnose performance problems, and identify anomalies in network traffic. 10. Learning Resources: - Wireshark's official documentation and online resources offer tutorials, guides, and examples to help you effectively use the tool. STEPS: Step 1: TYCS Aman Sahu 545 Page 40 Step 2: Step 3: Step 4: