Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd Logo
Upload

Welcome to Scribd!

  • 21 views

    Digital Assignment (Lab) - 2: LAB SLOT: L31+32 Name: REG. NO.

    Uploaded by

    Aditya Raj
    This document contains the summary of a digital assignment completed by Akshit Sawnani with registration number 18BIT0318. It details the IP address and gateway of the student's laptop, capturing username and password details using Wireshark, filtering Wireshark to show Facebook packet details, and using Nmap to scan ports and detect vulnerabilities.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Digital Assignment (Lab) - 2: LAB SLOT: L31+32 Name: REG. NO.

    Uploaded by

    Aditya Raj
    21 views11 pages
    This document contains the summary of a digital assignment completed by Akshit Sawnani with registration number 18BIT0318. It details the IP address and gateway of the student's laptop, capturing username and password details using Wireshark, filtering Wireshark to show Facebook packet details, and using Nmap to scan ports and detect vulnerabilities.

    Original Title

    18BIT0318_VL2020210105303_AST02

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document contains the summary of a digital assignment completed by Akshit Sawnani with registration number 18BIT0318. It details the IP address and gateway of the student's laptop, capturing username and password details using Wireshark, filtering Wireshark to show Facebook packet details, and using Nmap to scan ports and detect vulnerabilities.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    21 views11 pages

    Digital Assignment (Lab) - 2: LAB SLOT: L31+32 Name: REG. NO.

    Uploaded by

    Aditya Raj
    This document contains the summary of a digital assignment completed by Akshit Sawnani with registration number 18BIT0318. It details the IP address and gateway of the student's laptop, capturing username and password details using Wireshark, filtering Wireshark to show Facebook packet details, and using Nmap to scan ports and detect vulnerabilities.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 11

    CSE3501

    DIGITAL ASSIGNMENT(LAB)-2
    LAB SLOT: L31+32

    NAME: AKSHIT SAWNANI


    REG. NO.: 18BIT0318

    FACULTY: Prof. SUMAIYA THASEEN


    AKSHIT SAWNANI
    18BIT0318

    Write ip address of your laptop and gateway


    IPv4 address: - 192.168.43.153

    Gateway:- 192.168.43.77
    AKSHIT SAWNANI
    18BIT0318

    Wireshark [6 marks]
    1. Send a packet to vulnerable website and capture the username
    and password of the website in TCP stream of wireshark
    [ clear snapshot of username: regno, password: firstname in
    wireshark panel and snapshot of website where username and
    password is entered]

    Vulnerable site (Unsecure) used :- http://h2020.myspecies.info/

    USERNAME: 18BIT0318

    PASSWORD: AKSHIT

    To sniff username and passwords we need to use the TCP stream on a http POST
    request, so we use the command to extract out the http POST request, i.e.,
    http.request.method==POST
    AKSHIT SAWNANI
    18BIT0318

    To sniff out the username and password we go to HTML Form URL Encoded, and
    we get the username and password mentioned.

    To sniff out the username and password following TCP Stream we need to go to
    cookies and click on follow and then click on TCP Stream.
    AKSHIT SAWNANI
    18BIT0318

    2. Apply filtering to show destination address or destination port


    of face book in the interface and analyze the packet structure.
    [clear snapshot of facebook ip addr as destination and your ip
    address as source]

    ip address of facebook.com = 31.13.79.35

    To set the source address we use the command –

    ip.dst == 31.13.79.35 && (tcp.dstport==443 || udp.dstport==443)

    Result obtained:-
    AKSHIT SAWNANI
    18BIT0318

    The Structure of the packet :

    This contains information about frame number to be communicated between this


    client and all other servers, Frame length/size, time taken to reach the client,
    whether the frame is ignored etc, mostly all information about a frame as a whole.

    This gives us information about the gateway for the switching between routers
    from server side and the client side, generally the IP address for both source and
    destination.
    AKSHIT SAWNANI
    18BIT0318

    This provides us information about the Source IP and Destination IP of the hosts,
    whether it is a IPv4 or IPv6, total length of this header, flags if any, Offset bits, the
    protocol used, and the header checksum to check when it reaches the destination.

    This gives us information about the source and destination port number related to
    each data packet on where transmission takes place, it also contains information
    about the length of this segment.
    AKSHIT SAWNANI
    18BIT0318

    Nmap [4 marks]:-
    clear snapshot of your ipaddr
    Ipaddr=192.168.43.153
    AKSHIT SAWNANI
    18BIT0318

    1. nmap -p T:8888,443 ipaddr ( what is the service name which is


    closed on 8888)

    nmap -p T:8888,443 192.168.43.153


    Simple specific command specific to the ports 8888 and 443. The T in the
    specifies for TCP Protocol in the respective ports.
    Similarly T is for TCP Protocol, U is for UDP Protocol. The service which is
    closed on 8888/tcp is sun-answerbook.

    2. nmap -T4 -A cloudflare.com ( from the complete output, give


    only the trace route result)

    (TRACEROUTE Result) T4 is in respect with the timing. T4 is Aggressive


    Scan along with -A is used so it assumes we are on a reasonably fast and
    reliable network, sometimes treating it as T5. The TRACEROUTE result is
    the highlighted part.
    AKSHIT SAWNANI
    18BIT0318

    3. nmap –script=http-enum ipaddr

    nmap --script http-enum 192.168.43.153


    It finds webapps from known paths. It enumerates directories used by
    popular web applications and servers. This parses a fingerprint file that's
    similar in format to the Nikto Web application scanner. This script, however,
    takes it one step further by building in advanced pattern matching as well as
    having the ability to identify specific versions of Web applications.
    AKSHIT SAWNANI
    18BIT0318

    4. nmap -sV -p 443 --script=ssl-heartbleed ipaddr

    nmap -sV -p 443 --script ssl-heartbleed 192.168.43.153


    It detects Heartbleed Vulnerability. Heartbleed detection is one of the
    available SSL scripts. It will detect the presence of the well-known
    Heartbleed vulnerability in SSL services specific to port 443 in this case.

    Digital Signature

    You might also like