C.S. Projects

Archive for the ‘Network Forensic — Semester 5’ Category

Ethical Hacking — Week 11

Maintain Access

Today’s session was about maintaining access. Maintaining access after pen testing is done as a professional pentester is unethical as when we sign the NDA which stands for Non Disclosure Agreement with the company, that NDA states we are not allowed to maintain access, hence we can not continue to maintain access.

We need to maintain access as this leads to no need to reinvent the wheel, the previous vulnerabilities are already patched, sysadmin harden the system and it saves time. However, when maintaining access, it is important to ensure to read the NDA properly as some NDA states a backdoor can’t be placed.

There are certain methods to maintain access such as creating OS backdoors, Tunnel and web based backdoors. Backdoors is a method which allows attacker to access target without using normal authentication while remaining undetected. Cymothoa is a tool which can be used inject a backdoor. The command is cymothoa -p 4255 -s 1 -y 555It is possible to use DVL which stands for Damn Vulnerable Linux to learn more about other exploits.

Tunneling is encapsulating one network protocol inside another network protocol. Web based backdoors can be used when the target is web based.

Ethical Hacking — Week 10

Privilege Escalation

Today’s session focused on attacking passwords. Passwords is used as one of the authentication factor, this can be based on either something you know or something you have or who you are

There two types of password attacks offline attacks and online attacks In offline attacks, hackers need physical access to the machine to be able to perform this attack, whereas in online attack, the attack can be done from a remote location.

The tools used in offline attack could be Rainbowcrack or Samdump2 or John the Ripper or Ophcrack or Crunch or Wyd

The tools used in online attack could be BruteSSH or Hydra or Dsniff or Hamster or TCPdump or Topic or Wireshark

Ethical Hacking — Week 9

Target Exploitation

In today’s session, I learned about EternalBlue. EternalBlue is a cyberattack exploit developed by the US National Security Agency otherwise known as the NSA. It was leaked by the Shadow Brokers hacker group on April 14, 2017.

EternalBlue exploits a vulnerability in Microsoft’s implementation of the Server Message Block protocol. The vulnerability exists because the SMB version 1 (SMBv1) server in various versions of Microsoft Windows mishandles specially crafted packets from remote attackers, allowing them to execute arbitrary code on the target computer.

In May 2019, the city of Baltimore struggled with a cyberattack by digital extortionists using EternalBlue. The attack froze thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services.

I also reviewed about the topics I learned previously. I learned about social engineering attacks. Social Engineering attacks are considered deadly as it is very easy to execute. It is a low-risk and high-reward type of attack. It is very easy to fool people in these kinds of attacks as it depends on their trust and exploits it. I also reviewed about SET again which is Social Engineering Toolkit which is used to create famous websites and trick victims into giving out their personal details.

Intelligent System — Week 9

Neural Networks

In today’s session I learned about Neural Network. I learned about the difference between biological neurons and artificial neurons such as biological neurons are fault-tolerant whereas artificial neurons are not fault-tolerant. I learned about single layer neural network and multi layer neural network.I also learned about learning rate and artificial neural network. I also learned about deep learning and how to train a single layer perceptrons

Intelligent System – Week 8

Decision Tree

In today’s class, I learned about Classification, Regression and Clustering. I learned about the real life examples of them and I also learned about overfitting. I also learned why overfitting is not good. I also learned about Decision Trees. I found the decision tree algorithm quite confusing and it took me a while to understand it.

Ethical Hacking — Week 8

Social Engineering

In today’s session, I learned a bit about SET which stands for Social-Engineer Toolkit.SET is an open source penetration testing framework designed for social engineering. SET is a product of TrustedSec, LLC – an information security consulting firm located in Cleveland, Ohio.

There are several steps needed to install it. The first step is to go to your kali linux and in your terminal, type git clone https://github.com/trustedsec/social-engineer-toolkit/ setoolkit/.The second step is to type cd setoolkit, then the third step is to type pip3 install -r requirements.txt then the last step is to type python setup.py.

One of the things I learned about is CUPP which stands for Common User Passwords Profiler. This is a tool that is used to find valid passwords based on the target’s personal, psychological, and social characteristics.

The method I learned today was credential harvester attack. This is a method used when we do not want to specifically get a shell but perform phishing attacks in order to obtain username and passwords from the system. In this attack vector, a website is cloned and when the victims enters their user credentials, their usernames and passwords will be posted back to our machine.Afterwards, the victim is redirected back to the actual legitimate website.

Ethical Hacking — Week 7

DVWA

In today’s session, I learned about DVWA which stands for Damn Vulnerable Web App and how to install it. It has three levels of security, low, medium and high.

The first step to install DVWA is to go to kali linux and prepare the terminal and type sudo su. Then move the directory to /var/www/html by typing cd /var/www/html/then download the DVWA package by typing wget https://github.com/ethicalhack3r/DVWA/archive/master.zip. Afterwards, extract the file by typing unzip master.zip.

The next step is to move the master content to the current directory, type mv DVWA-Master/*./var/www/html. Afterwards, type chown -R www-data:www-data/var/www/html

Once installation is done, start the web server and database by typing service apache2 start; service mysql start. Afterwards, check mySQL server by typing mysql_secure_installation and press Y for every Y/N question asked.Type the IP address of your kali linux into the search engine of any browser. Then, you will be directed to DVWA setup.

The presence of any red coloured text indicated missing configuration, hence that must be fixed. Type mysql -u root -p in order set up the database for DVWA. You will asked to enter the password.

Afterwards, type create database [database name]; grant all privileges on [database name].* to dvwa_user@localhost identified by ‘[password]’; flush privileges;Then type quit to exit mySQL.

Edit the configuration in the config.inc.php and enter the details of the database created in the previous step. Refresh your browser, if there are no red coloured text then you have properly configured everything, or else check the previous steps again to ensure you did not make any mistake.

Press on Create/Reset Database You will see a login page, type admin for the username and password for the password. Afterwards, you will be able to see and use the tools available such as Brute Force, SQL injection etc.

Intelligent System – Week 7

Apriori

Today was another online class learning and we learned about Apriori. I got an exercise and after that we directly had a quiz. In my opinion, the quiz was quite difficult and I was so confused doing it.

Ethical Hacking — Week 6

Vulnerability Mapping

In today’s session I learned about types of vulnerabilities and the tools for vulnerability mapping .

The types of vulnerabilities are Design vulnerabilities, Implementation Vulnerabilities, Operational Vulnerabilities, Local Vulnerability and Remote Vulnerability.

In design vulnerability, the vulnerability is found in the software or protocol specifications. In implementation vulnerabilities, the vulnerability is found in the code.In operational vulnerability, the vulnerability is found due to improper configuration and deployment target in an environment. In local vulnerability, the attacker needs local access to trigger vulnerability in the target.In remote vulnerability, the attacker does not need local access to trigger and exploit the vulnerability in the target.

The tools that can be used for vulnerability mapping are OpenVAS, Nessus, W3af, Sqlmap, acunetix, Fortify and Metasploit

Intelligent System – Week 6

K Clustering

This week was an online class learning and i learned about different Clustering technique. Marketing, Biology, Libraries, Insurance, City Planning and Earthquake studies. I learned algorithms like K means clustering as well. We got an exercise and had to use K-means clustering to solve them.