CNS Lab Workbook

20CS6352 Cryptography and Network Security Laboratory Experiment No:
Lab Task 01: Implementation of Substitution Ciphers
Date of the Session: ____ /____ /____ Time of the Session:
Task 1: Implementation of Caesar Cipher with key selected by user
Description:
Code:
VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem
15
Input & Output:

1)
2)
Result:
15
Lab Task 02: Implementation of Substitution Ciphers
Task 02: Implementation of Hill Cipher and Playfair cipher
Hill Cipher
Description:
Code:
15
15
Input & Output:

1)
2)
Play Fair Cipher
Description:
15
Code:
15
15
15
Input & Output:

1)
2)
Result:
15
Lab Task 03: Implementation of Transposition Cipher
Task 3: Implementation of Columnar Transposition Cipher
Description:
Code:
15
15
Input & Output:
1)
2)
Result:
15
Lab Task 04: Implement Symmetric Encryption Algorithms
Task 4: Implementation of Data Encryption Standard with 56-bit key
Description:
Code:
15
Input & Output:

1)
2)
Result:
15
Lab Task 05: Implement Symmetric Encryption Algorithms
Task 5: Implementation of Advanced Encryption Standard
Description:
Code:
15
Input & Output:

1)
2)
Result:
15
Lab Task 06: Implement Asymmetric Encryption Algorithms
Task 6: Implementation of RSA algorithm
Description:
Code:
15
Input & Output:
15
1)
2)
Result:
15
Lab Task 07: Implement Asymmetric Encryption Algorithms
Task 7: Implementation of Diffie Hellman Key Exchange algorithm
Description:
Code:
15
15
Input & Output:
1)
2)
Result:
15
Lab Task 08: Implement hashing Algorithms
Task 8: Implementation of MD5, SHA-1 and SHA-512 hashing techniques
MD5
Description:
Code:
15
Input & Output:
1)
2)
SHA-1 & SHA-512
Description:
15
Code:
Input & Output:

1)
2)
Result:
15
Lab Task 09: Network Monitoring Using Wireshark and Tcpdump

Tcpdump
Task 9:
 Demonstrate TCP Three Way Handshake and HTTP Password Sniffing using
Wireshark.
 Analyze ICMP packets using TCP Dump
TCP Three Way Handshake using Wireshark
Steps:
1. Install Wireshark on your computer and launch it.
2. Start capturing packets by clicking on the "Capture" button.
15
3. Open a web browser and enter a website's address in the URL bar, for example,
www.google.com.
4. You will see a series of packets being captured by Wireshark. Look for the SYN
packet sent by your computer to the destination website's IP address. The SYN
packet is the first packet of the TCP Three Way Handshake.
15
5. Once you find the SYN packet, select it and right-click on it. Then, select
"Follow" and choose "TCP Stream" from the dropdown menu.
6. A new window will open showing the TCP stream between your computer and the
website. Select the SYN packet sent by your computer in this window.
15
7. Next, find and select the SYN-ACK packet sent by the destination website to your
computer. This packet is the second packet of the TCP Three Way Handshake.
8. Finally, find and select the ACK packet sent by your computer to the destination
website. This packet is the third and final packet of the TCP Three Way
Handshake.
Result: Demonstration of TCP Three Way Handshake using Wireshark is successful.
15
HTTP Password Sniffing using Wireshark
Steps:
1. Open Wireshark and start a new capture by clicking on the "Capture" button.
2. Select the network interface that you want to use for the capture, and click on the
"Start" button to begin capturing network traffic.
15
3. Open a web browser and go to a website that requires a username and password
to log in.
4. Enter
a
username and password and click on the "Login" button to submit the credentials.
15
5. Stop the capture in Wireshark by clicking on the "Stop" button.
6. Filter the captured packets to show only HTTP traffic by typing

http.request.method = = “POST” in the filter box.
7. Look for the packets that contain the username and password information. You
can do this by looking for packets that have a "POST" or "GET" request,
followed by a "Credentials" or "Authentication" field.
8. Analyze the packet containing the username and password information to extract
the plaintext password.
9. (OR) Right click on the selected packet and follow the “HTTP Stream”. A
window appears describing all the attributes of the packet including username and
password.
15
Result: HTTP Password Sniffing using Wireshark is implemented successfully.
15
Analyze ICMP packets using TCP Dump
Steps:
1. Open a terminal window on your computer and ping google.com
2. Type the following command to start tcpdump with the appropriate options to
capture.
Result: Analyzing ICMP packets using TCPDUMP is completed successfully.
15
Lab Task 10: Port Scan Using NMAP
Task 10: Perform a port scan (SYN, CONNECT, ACK, NULL, FIN, XMAS) on
scanme.nmap.org domain and identify what ports and services including OS detection and
output to normal and XML formats.
Procedure:
Victim System with ip address 10.0.2.4
Attacker System with ip address 10.0.2.15
15
SYN Scan
15
Connect() Scan
ACK Scan
15
NULL Scan
15
FIN Scan
XMAS Scan
15
15
OS detection
Result: Perform a port scan (SYN, CONNECT, ACK, NULL, FIN, XMAS)
and identify what ports and services including OS detection implemented
successfully.
15
Lab Task 11: Remote Server Login using SSH
Task 11: Create a new Linux user and Perform a Password less authentication for newly
created user and investigate how SSH works.
Procedure:
Step 1: Create a NatNetwork by clicking on the Create button in the Tools menu of
Oracle VM VirtualBox Manager.
Step 2: Configure the Network settings of both the VM’s (Kali Linux and Ubuntu) by
changing the network to NatNetwork as shown below.
15
Step 3: Start the VMs (Kali Linux and Ubuntu). Open the terminal and get the ip address
of both the VMs.
15
Step 4: Install ssh server on both VMs.
15
Step 5: Enable the ssh service on both VMs.
Step 6: Start the ssh service on Kali Linux.
Step 7: Log into the Ubuntu VM by entering the password as shown below.
15
Step 8: Add an user named test.
Step 9: Exit from

Ubuntu
Step 10: Log in as the new user(test) via SSH by entering the password for the user
test.
15
Step 11: Now exit from Ubuntu.
Step 12: In Step 10, we have logged in as user test by entering password. To
perform passwordless authentication we need to generate an SSH key pair and copy
it in the target machine.
Now Generate the SSH key pair as shown below.
Step 13: Verify whether the key pair has been generated by checking the files
available in the .ssh directory.
15
Step 14: Copy the public key to the remote server(Ubuntu VM logged in as test).
Step 15: Now try to login as user test via SSH. You can observe that without
authenticating with password you can directly login to the remote server(Ubuntu
VM logged in as test).
Result: The task to create a new Linux user and perform a Password less
authentication for newly created user implemented successfully.
15
Lab Task 12: Passive Reconnaissance
Task 12: Demonstrate passive reconnaissance by gathering information about a website

using
a) archive.org
b) whois
c) netcraft
d) Search engine and search operators
Procedure:
Here we are gathering the information about Amazon.com website using the following
tools:
a) archive.org
Archive.org is a non-profit digital library that aims to provide universal access to
knowledge and historical records, including books, web pages, videos, audio recordings,
and software programs. It is a digital archive that collects and preserves information from
the internet and other sources for future generations.
15
15
15
15
b) whois
Whois.com is a website that provides information on domain name registrations. It allows
users to look up information about domain names, including the owner of the domain, the
date of registration, the expiration date, and the domain registrar.
15
15
c) netcraft
15
Netcraft is a website that provides internet security services and research data to help
individuals and organizations protect themselves online.
15
15
15
d) Search engine and search operators

Search engines and search operators can be used for passive reconnaissance in various
ways, including:
 Gathering information about the target
 Identifying vulnerabilities
 Finding related domains and subdomains
 Identifying associated websites
 Finding leaked information
Search engine:
By searching a specific website in a search engine, we can navigate to the desired links for
information.(Example: Searching for amazon)
Search operators:
 filetype: Finds files that only fall under a specific file type.
Here we have used type of file as pdf, site and searched for pdfs containing word video
game in amazon.com website.
15
 inurl: Finds pages on a site that has the targeted search term in the URL.
Here we are searching for the pages containing the word footwear in the URL of
amazon website.
15
 intitle: This is a narrower operator that can help us find more targeted results for
specific search phrases.
Here we are searching for pages with words amazon and products that include
trending in the top of the page.
15
 site: refine search parameters to come from only the site/domain specified
Searches for information on Furniture on gathered by amazon website.
 cache: Display cached version of a web page.
Here we are searching for cached version of amazon.in website.
15
Result: Demonstrating passive reconnaissance by gathering information about a website

using archive.org, whois, netcraft, Search engine and search operators
15

CNS Lab Workbook

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CNS Lab Workbook

Uploaded by

Copyright:

Available Formats

20CS6352 Cryptography and Network Security Laboratory Experiment No:

Lab Task 01: Implementation of Substitution Ciphers

Date of the Session: ____ /____ /____ Time of the Session:

Task 1: Implementation of Caesar Cipher with key selected by user

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Input & Output:

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Lab Task 02: Implementation of Substitution Ciphers

Date of the Session: ____ /____ /____ Time of the Session:

Task 02: Implementation of Hill Cipher and Playfair cipher

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Input & Output:

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Input & Output:

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Lab Task 03: Implementation of Transposition Cipher

Date of the Session: ____ /____ /____ Time of the Session:

Task 3: Implementation of Columnar Transposition Cipher

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Input & Output:

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Lab Task 04: Implement Symmetric Encryption Algorithms

Date of the Session: ____ /____ /____ Time of the Session:

Task 4: Implementation of Data Encryption Standard with 56-bit key

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Input & Output:

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Lab Task 05: Implement Symmetric Encryption Algorithms

Date of the Session: ____ /____ /____ Time of the Session:

Task 5: Implementation of Advanced Encryption Standard

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Input & Output:

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Lab Task 06: Implement Asymmetric Encryption Algorithms

Date of the Session: ____ /____ /____ Time of the Session:

Task 6: Implementation of RSA algorithm

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Input & Output:

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Lab Task 07: Implement Asymmetric Encryption Algorithms

Date of the Session: ____ /____ /____ Time of the Session:

Task 7: Implementation of Diffie Hellman Key Exchange algorithm

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Input & Output:

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Lab Task 08: Implement hashing Algorithms

Date of the Session: ____ /____ /____ Time of the Session:

Task 8: Implementation of MD5, SHA-1 and SHA-512 hashing techniques

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Input & Output:

SHA-1 & SHA-512

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Input & Output:

VR20 A.Y. 2022-2023 CSE VRSEC III/IV B.Tech VI Sem

Lab Task 09: Network Monitoring Using Wireshark and Tcpdump

Date of the Session: ____ /____ /____ Time of the Session:

Date of the Session: / / Time of the Session:

Date of the Session: / / Time of the Session:

Date of the Session: / / Time of the Session:

Date of the Session: / / Time of the Session:

Date of the Session: / / Time of the Session:

Date of the Session: / / Time of the Session:

Date of the Session: / / Time of the Session:

Date of the Session: / / Time of the Session:

Date of the Session: / / Time of the Session:

Date of the Session: / / Time of the Session:

Date of the Session: / / Time of the Session:

Date of the Session: / / Time of the Session: