Name: Piyush Jain

Course: Ethical Hacking Course- CEHv 11

Mobile No: 9886137127
Email-Id: jpiyush063@gmail.com
Batch Date: 5th July
Project Name: CEH Module 3: Assignment 3

1|Page
 CEH Module 3 Assignment 3

1) Identify the targets system’s os with the Time-to-live (TTL) and TCP window sizes using
wireshark
Ans) Wireshrak is a network protcol analyzer that allows capturing and interactively browsing
the traffic running on a computer network. It is used to identify the target OS through sinffing
/capturing the response generated from the target machine to the request-originated
machine.futher you can observe the TTL and TCP window size fields in the captured TCP packet.
Using these values, the target OS Can be deteremined.

Here, we will use the wireshark tool to perform OS discovery on the target host(s)

The wireshark network analyzer main window appears; double click the available ethernet or
interface (here, Ethernet) to start the packet capture, as shownin the screenshot Note: if
software Update window appears, click remind me later.

Open the Command Prompt, type ping (Target IP Address) and press Enter Note.

2|Page
Observer Wireshark capturing Packets

3|Page
Choose any packet to the ICMP reply from the windows server 2016 to windows machines
And expand the Internet portcol version 4 node in the packet details pane.
The TTL value is recorded as 128, which means that the ICMP reply possibly came from a
windows-based machine.

Now stop the capture in the wireshark window by clicking on the stop button from the toolbar
Now, click the start capturing packets button from the toolbar. If an unsaved packets…pop up
appears, click continue without saving.
Wireshark will start capturing the new packets.

4|Page
 In the commad prompt window, type ping (target IP Address) and please enter

Observe the packets captured wireshark

Choose any packets of ICMP reply from the (Ubuntu) to windows 10 machine and expand the
internet protocol version node in the packets details pane.
The TTL value is recorded as 64 which means the ICMP reply possibly came from a linux-based
machine.

5|Page
his

Stop the capture in the wireshark window by clicking on the stop button
This conculde the demonstration of identifying the OS of the target system using wireshark

2) Perform OS discovery using Nmap script Engines (NSE)

Ans) Here, we will use Nmap to perform OS discovery using A- parameter. -O parameter and NSE

The Zenmap GUI appears, in the command field, type the command nmap -A (target IP address)
(here, the target machine is windows server 2016) and click scan Note -A to perform an
aggersive scan.
The scan results appear, displaying the open ports and running services along with their versions
And target details such as OS, computer name, NetBIOS computer name, etc under the Host
Script results section

6|Page
In the command field, type the command nmap -O (Taregt IP address) (here, the target machine
is windows server 2016(IP Address) and click scan Note:- O performs the OS discovery
The scan results appear, displaying information about open ports, respective services running on
the open ports, and the name of the OS runningon the target system.

7|Page
In the command field,type the command nmap -script smb-os-discovery.nse (target IP address)
(here, the target machine is windows server 2016 (IP address) and clicl scan note: -Script:
specifies the cutomize script and smb-os-discovery.nse attempts to determine the OS,computer
name, domain name workgroup, and current time over the smb portocl

The scan results appear, dsiplaying the target OS,computer name,NetBIOS computer name, etc
details under the HOST SCRIPT results section

This conculdes the demonstration of discovering the OS running on the target system using
nmap

8|Page