lOMoARcPSD|46942257

EH LAB Manual Final

Computer Science SL (Meenakshi College of Engineering)

Scan to open on Studocu

Studocu is not sponsored or endorsed by any college or university

Downloaded by Deepa S ([email protected])
 lOMoARcPSD|46942257

MEENAKSHI COLLEGE OF ENGINEERING

CHENNAI-78
B.E. COMPUTER SCIENCE AND ENGINEERING

CCS344-ETHICAL HACKING LAB MANUAL

2021 REGULATION

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

PRACTICAL EXERCISES: 30 PERIODS

1. Install Kali or Backtrack Linux / Metasploitable/ Windows XP

2. Practice the basics of reconnaissance.

3. Using FOCA / SearchDiggity tools, extract metadata and expanding the target
list.

4. Aggregates information from public databases using online free tools like
Paterva’s Maltego.

5. Information gathering using tools like Robtex.

6. Scan the target using tools like Nessus.

7. View and capture network traffic using Wireshark.

8. Automate dig for vulnerabilities and match exploits using Armitage

FOCA : http://www.informatica64.com/foca.aspx.

Nessus : http://www.tenable.com/products/nessus.

Wireshark : http://www.wireshark.org.

Armitage : http://www.fastandeasyhacking.com/.

Kali or Backtrack Linux, Metasploitable, Windows XP

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Ex:No.: 1

Date: Install Kali or Backtrack Linux / Metasploitable/ Windows XP

Aim:
To Install Kali Linux on Windows using Oracle Virtual Box

Procedure:

1. VirtualBox Installation:
● Proceed to download VirtualBox fromthe official
website( https://www.virtualbox.org/wiki/Downloads )

2. Downloading Kali Linux ISO Image:

● Following VirtualBox setup, obtain the Kali Linux ISO image from the
provided link( https://www.kali.org/get-kali/#kali-installer-images )
● You have the option to either directly download the ISO or employ the torrent
for the download.

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

3. Create a new virtual machine and configure storage, memory:

● With VirtualBox successfully installed, commence the application via
the start menu.
● Select the "New" option to initiate the creation of a fresh virtual
machine.

● Name your virtual machine.

● Keep the default folder name for the VM file.
● Browse and select the Kali Linux ISO file.
● Set the Type to Linux and Version to any 64-bit Linux.
● Configure the RAM (recommend 2-4 GB for an 8 GB RAM system).
● Choose 2 or 4 processors.
● In the Hard Disk section, keep the file location as is.
● Allocate at least 20-25 GB for Kali Linux installation.
● Select VDI as the hard disk file type.
● Do not select pre-allocate full size.
● Click "Finish" to create the virtual machine.

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

4. Install Kali Linux on the virtual machine:

● With the virtual machine configured, you can now proceed with the installation
of Kali Linux. To do this, click the “Start” button in the toolbar orright-click >
selectstart > normalstart.

● After a successful boot, you should see a screen showing various

options for installing Kali Linux.
● Select the first default option to start the installer.

● In the next few screens,select Language,region, and other basic details

per your location.
● Add any hostage you want.

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

● In the nextscreen, keep the domain name blank. Then give your
name and user name(theloginname). Enter the password for
that user.
● In the partition screen,select “guided – use the entire disk”. This is
the best option for installing in VirtualBox. If installing it on the
physical system, do not use this.

● Continue with the installation as per the on-

screen instructions.

● When the following prompt appears,select the following

ones(default), which feature the Xfce Desktop environment and key
hacking tools. Hit enter to continue.

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

● Wait For The Installation to finish. Kali Linux installation VirtualBox will
take a few minutes (approximately 10 minutes). While nearing the end
of the installation,the installer will ask you about the GRUB installation.
Answer Yes and choose the device /dev/sda and continue.

● Click on Restart Now after the installation is complete. Wait for a

fewseconds and you should be here on the login screen.
● Use the user id and password to log in. And you should see
KaliLinux desktop is running inside VirtualBox as VM in
Windows.

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Result:
The installation of Kali Linux on VirtualBox was successful, creating a safe space
to explore ethical hacking tools and techniques.

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Ex:No.: 2 Practising the Basics of Reconnaissance in

Ethical Hacking.

Aim:
To Practise the Basics of Reconnaissance in Ethical Hacking.

Terminal Commands and Their Use:

1. Ping Scan with Nmap:

● Command: nmap -sn <target_ip>
● Use: Perform a ping scan to determine which hosts are up in a given IP range.

Sample Output:

2. DNS Enumeration with Dig:

● Command: dig <target_domain>
● Use: Perform DNS enumeration to retrieve information about a target
domain's DNS records

Sample Output:

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

3. WHOIS Lookup:
● Command: whois <target_domain>
● Use: Retrieve registration and ownership information about a domain.

Sample Output:

4. Traceroute:
● Command: traceroute <target_domain>
● Use: Identify the path packets take from your system to the target,
revealing intermediate routers' IP addresses.

Sample Output:

10

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Result:
Thus, essential reconnaissance techniques in ethical hacking were practiced using
terminal commands, successfully enabling the gathering of information about target
IP addresses, domains, DNS records, and registration details.

11

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Ex:No.: 3 Using FOCA / SearchDiggity tools, extract metadata and

expand the target list.

Aim:
To understand how to extract metadata from a website using FOCA (Fingerprinting
Organizations with Collected Archives) software.

Procedure:

1. Setting up SQL Server

● Open a web browser and navigate to the Microsoft SQL Server Express
download page.
● Click on the 'Download' button to download the installer.
● Once downloaded, double-click on the installer file.
● Accept the terms and conditions.
● Select the installation type as "Basic" and proceed.
● The installer will take care of the rest. Wait for the installation to complete.

2. Installing FOCA Software

● Download FOCA from its official website or a trusted source.
● Once downloaded, locate the downloaded ZIP file and extract it.
● Open the extracted folder and double-click on FOCA.exe to launch the
application.

3. Creating a New Project in FOCA

● Upon opening FOCA, click on 'New Project'.
● Name your project and in the 'Domain' field, enter the website from which you
want to extract metadata.
● Click on 'Create Project'.

4. Searching and Downloading Documents

● Select the search engines you want FOCA to use.
● Choose the types of documents you want to search for (like PDF, DOC, PPT,
etc.).
● Click on 'Search All'.
● A list of files related to your search will appear.
● Right-click on any listed file and choose 'Download All' to download all listed
files.

12

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

5. Extracting Metadata
● Once all files are downloaded, right-click again on any downloaded file in
FOCA.
● Choose 'Extract All Metadata'.
● Wait for the process to complete.

6. Viewing Extracted Metadata

● On the left side of the FOCA interface, click on 'Metadata'.
● You will see a list of metadata information extracted from the downloaded files.

Output:

Result:

Thus, extraction of metadata from a website using FOCA (Fingerprinting

Organizations with Collected Archives) software has been successfully done.

13

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Ex:No.: 4 Aggregates information from public databases using

online free tools like Paterva‘s Maltego.

Aim:
The aim of this lab is to teach you how to use Paterva's Maltego for aggregating
information from public databases.

Procedure:

1. Installing Maltego
● Visit the official Maltego website to download the software. Make sure to
choose the correct version for your operating system.
● Install Maltego by following the on-screen instructions.
● Once the installation is complete, open the Maltego application.
● Register or log in to your Maltego account.
2. Creating a New Graph
● Click on the 'File' menu in the Maltego interface and then select 'New'.
● A new graph window will open, which will be your workspace for this session.
3. Basic Entity Search
● Drag and drop an entity type (like "Domain", "Email Address", etc.) from the
Entity Palette on the left into the graph.
● Double-click on the entity and enter the specific domain or email address you
want to investigate.
4. Run a Transform
● Right-click on the entity you've placed on the graph.
● From the 'Run Transform' menu, select an appropriate transform. For example,
you might choose "To Email [Using Search Engine]" for an email entity.
● Maltego will execute the transform and provide you with new entities
connected to your original entity.
5. Exploring and Aggregating Information
● Continue to run more transforms on the new entities that appear on your
graph to gather more information.
● You can adjust your view, zoom in/out, and rearrange entities as needed for
better understanding.
o Aggregated data might include things like associated social media
accounts,related websites, IP addresses, etc.

14

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Output:

Result:

Thus, Information Aggregation with Paterva's Maltego has been successfully done
and executed.

15

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Ex:No.: 5

Information gathering using tools like Robtex.

Aim:
The aim of this lab exercise is to understand how to gather information on domains,
IP addresses, and networks using Robtex, an online tool that provides various kinds
of data for network research.

Procedure:

1. Accessing Robtex
● Open your web browser and go to the Robtex website by navigating to
https://www.robtex.com/.
● You will see a search bar on the main page, where you can enter the domain
name, IP address, or network that you wish to investigate.

2. Domain Lookup
● In the Robtex search bar, type the domain you want to investigate. For
example, example.com.
● Click the 'Search' button or press Enter.
● Robtex will return a wealth of information about the domain, including DNS
records, IP address data, server location, and more.

3. IP Address Lookup
● In the Robtex search bar, enter the IP address you want to investigate.
● Hit the 'Search' button or press Enter.
● Robtex will provide data related to the IP address, such as the owning
organization, geolocation, ASN information, and potentially linked domains.

4. ASN Lookup
If you want to search for an Autonomous System Number (ASN), enter it into the
search bar.
Press the 'Search' button.
Information like AS routes, IP ranges, and associated domains will be displayed.

5. Understanding and Analyzing Data

● Take your time to go through the different tabs and sections that Robtex offers
for each type of search. This can include but is not limited to:
○ DNS records
○ Mail server records

16

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

○ Domain siblings and subdomains

○ Shared IPs
○ ASN information
● Each section can offer valuable insights into the domain, IP, or network you
are investigating.

Output:

Result:

Thus, the gathering of information using Robtex has been successfully done and
executed.

17

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Ex:No.: 6

Scanning a Target Using Nessus

Aim:
To understand how to use Nessus for vulnerability scanning on a target system or
network.

Procedure:

1. Initial Setup and Login

● Open Nessus by navigating to the application via your program menu or using
the desktop shortcut if available.
● If you're using Nessus for the first time, you will need to activate it. You can
get an activation code by registering on the Tenable website.
● Once activated, log in to the Nessus interface using your credentials.

2. Updating Plugins
● Before starting your scan, it's recommended to update Nessus plugins to get
the latest vulnerability checks.
● Usually, Nessus updates its plugins automatically, but you can manually
update them by navigating to the 'Plugins' section and clicking 'Update'.

3. Creating a New Scan

● Once logged in, click on the 'New Scan' button on the dashboard.
● You will be presented with various scanning templates like Basic Network
Scan, Advanced Scan, etc. Choose the one that suits your needs.
● Name your scan and add a description for reference.

4. Configuring Scan Settings

● In the 'Targets' field, enter the IP addresses or hostnames of the systems you
want to scan. Make sure you have authorization to scan these targets.
● You can specify advanced settings like scan schedules, notifications, and
other preferences depending on the type of scan you have chosen.
● If necessary, you can also configure authentication settings to scan internal
elements of the target system.

5. Starting the Scan

● After configuring all the settings, click on the 'Save' button to save your scan
settings.
● To initiate the scan, click on the 'Launch' button.

18

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

6. Monitoring the Scan

● Once the scan is initiated, you can monitor its progress in the dashboard.
● Nessus will display various metrics and statistics related to the scan, like the
number of vulnerabilities found, the severity levels, etc.

7. Analyzing the Results

● After the scan is completed, click on it to view the detailed report.
● The report will categorize vulnerabilities as Critical, High, Medium, Low, or
Info based on their severity.
● You can click on each vulnerability to get more details, like a description of the
issue, the impact, and recommended solutions.

Output:

19

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Result:

Thus, the Scanning a Target Using Nessus has been successfully done and
executed.

20

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Ex:No.: 7
View and capture network traffic using Wireshark.

Aim:
To View and capture network traffic using Wireshark.

Procedure:

1. Download Wireshark:
● Visit the official Wireshark download page at
https://www.wireshark.org/download.html.
● Download the appropriate version for your operating system (Windows,
macOS, or Linux).

2. Install Wireshark:
● Run the downloaded installer.
● Follow the installation wizard's instructions.

3. Launch Wireshark:
● Once the installation is complete, open the Wireshark application.

4. Select Network Interface:

● Wireshark will display a list of available network interfaces.
● Choose the network interface through which you want to capture traffic (e.g.,
Ethernet or Wi-Fi).

5. Start Capturing Traffic:

● Click on the "Start" or "Capture" button to begin capturing network
traffic.

6. Analyze Captured Packets:

● While capturing, you can analyze the live stream of network packets.
● Use filters and search features in Wireshark to focus on specific types of
packets or protocols.

7. Stop Capturing:
● When you have captured enough data or want to stop the capture, click the
"Stop" or "Capture" button again.

21

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

8. View Captured Packets:

● After stopping the capture, you can view the captured packets.
● Click on any packet to see its details, including source and destination IP
addresses, protocols, and packet content.

Output:

Result:

Thus, Viewing and capturing network traffic using Wireshark has been successfully
done and executed

22

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Ex:No.: 8 Automate dig for vulnerabilities and match exploits using

Armitage FOCA

Aim:
To Automate dig for vulnerabilities and match exploits using Armitage FOCA

Procedure:

1. Scanning and Reconnaissance:

● Launch Kali Linux and open Armitage.
● Perform network scanning using tools like Nmap to identify open ports and
active hosts.
● Utilize Armitage to import the scan results and create a target list.

2. Vulnerability Analysis:
● Conduct vulnerability scanning on the target hosts using Armitage's built-in
features.
● Identify potential vulnerabilities in the scanned systems, such as outdated
software, weak passwords, or misconfigurations.
● Use FOCA (Fingerprinting Organizations with Collected Archives) to gather
information about the target organization's documents and metadata.

3. Exploit and Attack:

● In Armitage, explore available exploits and payloads for the identified
vulnerabilities.
● Select an appropriate exploit and payload combination for the target system.
● Launch the attack on the target system.

23

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Output:

Result:

Thus, Automate dig for vulnerabilities and match exploits using Armitage FOCA has
been successfully done.

24

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Downloaded by Deepa S ([email protected])

 lOMoARcPSD|46942257

Downloaded by Deepa S ([email protected])