Scribd
Upload
3 views28 pages

NAVYA Ethical Assign

The document outlines an assignment on Ethical Hacking submitted by Navya Sagar, detailing various aspects of network security and ethical hacking fundamentals. It covers topics such as ethical hacking techniques, social engineering, network scanning commands, DDoS attacks, password capturing methods, and encryption techniques. Additionally, it includes practical implementations of tools like NMAP, Wireshark, and RSA encryption, along with examples and code snippets.

Uploaded by

nsagarbe21
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
3 views28 pages

NAVYA Ethical Assign

The document outlines an assignment on Ethical Hacking submitted by Navya Sagar, detailing various aspects of network security and ethical hacking fundamentals. It covers topics such as ethical hacking techniques, social engineering, network scanning commands, DDoS attacks, password capturing methods, and encryption techniques. Additionally, it includes practical implementations of tools like NMAP, Wireshark, and RSA encryption, along with examples and code snippets.

Uploaded by

nsagarbe21
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 28

UCS 806: Ethical Hacking

Assignment

Submitted by:
Navya Sagar
102103739
BE 4th Year, COE

Submitted TO:

Dr. Rohit Ahuja


Lecturer(CSED)

Computer Science and Engineering Department


Thapar Institute of Engineering and Technology, Patiala
May 2025
Q1. To implement Network Security fundamentals – Ethical Hacking, Social
Engineering practices

Q Objective:
Understand and demonstrate basic network security concepts and ethical hacking fundamentals,
including:

• What ethical hacking is


• Basic reconnaissance
• Introduction to Social Engineering attacks

What is Ethical Hacking?


Ethical hacking involves legally breaking into systems to find vulnerabilities and help fix them before
malicious hackers do.

Types of Ethical Hacking:

• Reconnaissance (info gathering)


• Scanning (ports/services)
• Gaining Access
• Maintaining Access
• Covering Tracks

Tools: nmap, whois, netstat, traceroute

1
What is Social Engineering?

Social Engineering manipulates human behavior to trick people into giving up confidential info.

Common types:

1. Phishing – Fake emails/pages to steal credentials.


2. Baiting – Offering fake downloads (like movies/software) that contain malware.
3. Tailgating – Physically following someone into a secure area.

2
4. Pretexting – Creating a false identity to gain trust.
Q-2. To execute following NMAP, HPING3 commands and study output of
each command
Tool Command Target Address Type of Scan

nmap -sT -F IP address TCP connect scan

nmap -sS -F IP address SYN scan

nmap -sU -F IP address UDP scan

nmap -sF -F IP address FIN scan

nmap -O -F IP address Determine OS

nmap -p22 -O IP address Determine OS on Port


22

nmap -p 1- -30, 40-65535 address Scan given port


ranges

nmap -iL IP in .txt Scan targets from a


file

nmap -A -F IP address Enables OS detection


and traceroute

nmap -sV -F IP address Version of the service


running on the port

nmap 192.168.10.0/24 Sub net Scan a Class C subnet


range

nmap 10.1.1.5-100 Range Scan the range of IPs


between 10.1.1.5 up to
10.1.1.100

nmap www.somedomain.com Domain First resolve the IP of


the domain and then
scan its IP address

hping3 -S IP -p 80 IP address Port scanning

hping3 -a <IP> -S <IP> -p 80 IP address SYN Flood Attack


–flood

hping3 –fin -S {target ip} IP address FIN Flag

3
nmap -sT -F

nmap -sS -F

4
nmap -sU –F

5
nmap -sF -F

6
nmap -O -F

7
nmap -p22 -O

8
nmap -p 1-

nmap -iL iplist.txt

9
nmap -A -F

10
nmap -sV -F

11
12
nmap 192.168.10.0/24

13
nmap 10.1.1.5-100

14
nmap www.google.com

Portscanning of hping3

15
Syn Flood attack

Q-3. To capture Wi-Fi Traffic using Wireshark and implement the following

 IP filtering

 Port filtering

 OSI network layer analysis

 TCP packet capture analysis

 HTTP Analysis

 UDP wireshark analysis

 ARP packet analysis

 Packet filter analysis for ICMP

16
IP filtering

IP filtering

Port filtering

17
OSI network layer analysis

18
TCP packet capture analysis

HTTPAnalysis

19
UDP wireshark analysis

20
ARPpacketanalysis

Packetfilter analysis for ICMP

Q4. To study system threat attacks like Distributed Denial of Services using Trinoo

What is DDoS?

21
Distributed Denial of Service (DDoS) is an attack where multiple compromised systems
flood a target (usually a server or a website) with traffic to exhaust resources and make it
unavailable to legitimate users.

Trinoo DDoS Tool:

• One of the first known DDoS tools.


• Uses a master-slave (botnet) architecture:
o Master: Controls several compromised machines (slaves). o
Slaves (Daemons): Launch UDP flood attacks against the victim.

Working:

1. Attacker communicates with master using a backdoor.


2. Master sends command to all slaves.
3. Slaves flood the target server with UDP packets.

Impact:

Target server is overwhelmed and crashes or becomes unresponsive Q5.

To study techniques used for Web-Based Password Capturing

Overview:
Attackers capture passwords through:
1. Phishing Pages:
o Clone real websites (like Facebook).
o Users enter credentials into fake forms.
2. Keyloggers:
o Software records keystrokes on a victim's machine.
3. JavaScript Injection:
o Malicious code inserted into web forms to steal inputs.
4. Man-in-the-Middle Attacks (MITM): o Intercept data between user and server
using tools like Wireshark.

Example Tool: Social Engineering Toolkit (SET)

• Allows cloning of websites.


• Captures usernames and passwords entered by users.

Defense:

• Use HTTPS, two-factor authentication, browser security.

22
Q6. To study different types of attacks caused by Virus and Trojans

Viruses:

• Self-replicating malicious code.


• Spreads by attaching to files/programs.

Trojans:

• Malicious programs disguised as legitimate software. Allow


remote access, steal data, or install malware.

Types of Trojan Attacks:

• Remote Access Trojans (RATs)


• Keyloggers
• Downloader Trojans (downloads other malware) Q7. To study Anti-

Intrusion Technique – Honeypot

Honeypot:
A security mechanism that sets up a fake vulnerable system to attract attackers.

Purpose:

• Detect intrusion attempts.


• Study attacker behavior.
• Divert attackers from real systems.

How it works:

• Exposes dummy ports or services. Logs attacker actions.

Popular Tools:

• Kippo: SSH honeypot


• Honeyd: Emulates services and OS fingerprinting
• Dionaea: Malware collection

Example Output (SSH honeypot):


[LOGIN ATTEMPT] user: root password: 123456 from IP: 192.168.1.101

Q8. To implement Data Encryption Standard (DES)

DES Overview:

• Symmetric block cipher.


• Encrypts data in 64-bit blocks using a 56-bit key.

23
Steps:

1. Key generation
2. Initial permutation
3. 16 rounds of Feistel function
4. Final permutation

C Example using OpenSSL:


#include <openssl/des.h>
#include <stdio.h>
#include <string.h>

int main() {
DES_cblock key = "mysecret";
DES_key_schedule schedule;

DES_set_key_unchecked(&key, &schedule);
const_DES_cblock input =
"HELLO123";
DES_cblock output;

DES_ecb_encrypt(&input, &output, &schedule, DES_ENCRYPT);


printf("Encrypted: ");
for (int i = 0; i < 8; i++)
printf("%02X ", output[i]);

DES_cblock decrypted;
DES_ecb_encrypt(&output, &decrypted, &schedule, DES_DECRYPT);

printf("\nDecrypted: %s\n", decrypted);


return 0; }

Compile using: gcc des.c -o des -lcrypto

Q9. To Implement Asymmetric Encryption Scheme - RSA RSA

Overview:

• Uses two keys: Public (encrypt) and Private (decrypt)


• Based on large prime factorization

Steps:

1. Generate key pair


2. Encrypt with public key
3. Decrypt with private key

C Code for RSA Encryption/Decryption

24
#include <stdio.h>
#include <openssl/rsa.h>
#include <openssl/pem.h>
#include <openssl/err.h>
#include <string.h>
int main()
{ int
ret;
RSA *rsa_keypair = NULL;
BIGNUM *bne = NULL;
BIO *pri = NULL, *pub = NULL;
size_t pri_len, pub_len; char
*pri_key, *pub_key;
unsigned char message[] = "Hello RSA!";
unsigned char encrypted[256]; unsigned
char decrypted[256];

int bits = 2048;


unsigned long e = RSA_F4;

// 1. Generate key pair


bne = BN_new(); ret =
BN_set_word(bne, e); if
(ret != 1) return -1;

rsa_keypair = RSA_new();
ret = RSA_generate_key_ex(rsa_keypair, bits, bne, NULL);
if (ret != 1) return -1;

// 2. Public Key Encryption


int enc_len = RSA_public_encrypt(strlen((char *)message), message,
encrypted,
rsa_keypair, RSA_PKCS1_OAEP_PADDING);
if (enc_len == -1) {
printf("Encryption failed.\n");
ERR_print_errors_fp(stderr); return
-1;
} printf("Encrypted data
(hex): "); for (int i = 0; i <
enc_len; i++) printf("%02X",
encrypted[i]); printf("\n");

// 3. Private Key Decryption


int dec_len = RSA_private_decrypt(enc_len, encrypted, decrypted,
rsa_keypair, RSA_PKCS1_OAEP_PADDING); if (dec_len == -1) {
printf("Decryption failed.\n");
ERR_print_errors_fp(stderr); return
-1;
}
decrypted[dec_len] = '\0'; // Null-terminate the decrypted string
printf("Decrypted message: %s\n", decrypted);

// Cleanup
RSA_free(rsa_keypair);
BN_free(bne);

return 0;

25
}

Compilation Instructions (Linux)


Install OpenSSL (if not already installed):

bash CopyEdit sudo apt


update sudo apt install
libssl-dev

Compile the code:

bash CopyEdit gcc rsa_example.c -o


rsa_example -lcrypto

Run it:

bash CopyEdit
./rsa_example

Q10. To study and implement IP-based Authentication Mechanism

What it is:
Access control based on client IP address.

Example 1: Apache Web Server Using


.htaccess:
Order Deny,Allow
Deny from all
Allow from 192.168.1.100

Example 2: SSH Server (Linux)

In /etc/hosts.allow: sshd:

192.168.1.100

In /etc/hosts.deny: sshd:

ALL

Explanation:

• Only the IP 192.168.1.100 can access the SSH/web server.


Others are blocked.

26
Applications:

• Used in firewalls, web applications, secure services.

27

You might also like