Lab 1: Kali Linux, Network Scanning & Social Engineering (5 Marks)

Student Name (aka script kiddies):

Matric No:
Group:

Screenshot of Kali > Run ‘ifconfig’

• Installing & Exploring Kali Linux

Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security
Auditing. Kali contains several hundred tools which are geared towards various information security
tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering.

• Install Virtual Box or VMWare Workstation Player

Virtual Box or VMWare is a hypervisor which allows you to emulate an operating system on
your own PC and use it like it's running on real hardware. The emulated host running on
hypervisor is called as virtual machine.

Virtual box is free and open-source software by Oracle Corporation; you can download it from
here https://www.virtualbox.org/wiki/Downloads

VMWare Workstation Player is Free but Proprietary software by Vmware; you can download
it from here
https://my.vmware.com/web/vmware/free#desktop_end_user_computing/vmware_wo
rkstation_player/15_0

After finish downloading, install and run the hypervisor on your machine.

• Install Kali Linux Virtual Machine

You can install Kali Linux from either bootable image (.iso) or virtual machine image (.ova).
You can download both types from here https://www.kali.org/get-kali/#kali- virtual-
machines

If you install via bootable image (.iso), create new virtual machine in your hypervisor and
boot the image. Follow the installation instruction.

If you install via VM image (.ova), you can import it into the hypervisor, it may takes a while.
After finish with installation please run you kali Linux virtual machine

• Make sure VM has internet connectivity

Please make sure you configure your virtual machine network adapter as NAT (network
address translation). You can test internet connectivity by opening a terminal on Kali and try
 to ping google or cloud flare DNS. ping 8.8.8.8 / ping 1.1.1.1

• Run and Explore Kali Linux

After finish with installation, it’s time to explore kali and tools that came with it, please answer
this question

List at least 10 security/hacking tools available in Kali (1.5 Marks). Provide screenshot at least
3 screenshot of those tools (1.5 Marks).

• burpsuite

• Wireshark

• sqlmap

• metasploit Framework
• John the ripper
• Autopsy
• nmap
• aircrack-ng
• Social engineering toolkit
• recon-ng

Please provide the output when execute “uname –a” in terminal (1 Mark). Please
explain the output (2 Marks)

Linux kali 5.19.0-kali2-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.19.11-1kali2 (2022-10-10)

• Network Scanning with Nmap Tool

Network scanning refers to the use of a computer network to gather information regarding computing
systems. Network scanning is mainly used for security assessment, system maintenance, and also for
performing attacks by hackers. One of the used network scanning tools is Nmap. Nmap is hacker best
friend.

Nmap is used to discover hosts and services on a computer network by sending packets and analyzing
the responses. Nmap provides a number of features for probing computer networks, including host
discovery and service and operating system detection.

• Run and Explore Nmap

You can begin to run nmap by opening up terminal on kali and run this command sudo
nmap, you can find it from GUI. You can read the manual of nmap by using man nmap
 command. Please read and understand its operation.

• Perform Basic Scan

** Make sure you only scan authorized host (e.g. scanme.nmap.org). Don’t scan other
host on the internet as this may trigger alarm

You can begin to scan a target host using this command

nmap -v -A scanme.nmap.org

From the scan result output, list downs the open port of the host: (1 Mark)
• Discovered open port 22/tcp on 45.33.32.156
• Discovered open port 80/tcp on 45.33.32.156
• Discovered open port 31337/tcp on 45.33.32.156
• Discovered open port 9929/tcp on 45.33.32.156
kali
Provide the Nmap command to perform UDP port only scanning; use
scanme.nmap.org as host (1 Mark)

• sudo nmap -vv -sU usescanme.nmap.org

• Perform Advances Scan

** Make sure you only scan authorized host. Don’t scan other host on the internet as this may
trigger alarm

You can perform more advance scan using Nmap by adding more parameter. You can read
about Nmap parameter using man nmap

Use this command to perform advance scan using Nmap, #nmap –p0- -v –A –T4
scanme.nmap.org. From the scan result output please state the operating system of
the target host (1 Mark)
Linux Operating System.

Please explain the parameter being used in previous scan (2 Marks)

• -p0- : scan specified ranges of ports.

• -v: Increase verbosity level

• -A: enable OS detection

• -T4: Set timing template

The Social-Engineer Toolkit is an open-source penetration testing framework designed for Social-
Engineering. SET has a number of custom attack vectors that allow you to make a believable attack in
a fraction of the time.

• Run and explore SET Tool

You can run SET tool in Kali Linux by clicking Application Tab > Social Engineering Menu
> SET tool

Explore the tool and list down all type of Social Engineering attack available in the tool (1
Mark)

1) Social-Engineering Attacks
2) Penetration Testing (Fast-Track)
3) Third Party Modules
4) Update the Social-Engineer Toolkit
5) Update SET configuration
6) Help, Credits, and About
• Clone a website using SET Tool

One of the most effective social engineering attacks is by fooling victim to provide sensitive
information to a fake website. You can clone a genuine website using SET tool.

From the tool main menu choose option 1) Social-Engineering Attack > 2) Website Attack
Vectors > 3) Credential Harvester > 2) Site Cloner. Firstly, you will be asked to enter the IP
address which the information will be send, enter the IP address of your Kali machine. You can
obtain your IP address by using ifconfig command on terminal.

After that, you will be asked to enter the URL of the website you want to clone. You can clone
student portal, Facebook or online banking site. Be creative. After the process finish, don’t
close the terminal yet, as data send by the fake website will be shown there. To open your fake
site, put the IP address of your machine to the web browser.

Provide Screenshot of your fake site (2 Marks)

_ _

• Perform information gathering using Search Engine and Social Media

Now you have learnt to create a fake website, let’s find a victim. Choose an employee of a
company and find his/her personal information especially his email so that we can send a
phishing email. You can use social media site (e.g. Facebook, LinkedIn) or search engine to
find such information of a person.
 Provide a screenshot of the victim on the social media / Internet site and provide his/her
email address (1 Mark)

**Disclaimer: Don’t actually contact the person of interest. Just gather information which available
publicly. Don’t break any law

• Create a Phishing email

Now that you have

Create a phishing email containing the URL of the fake site; provide screenshot of your
phishing email (1 Mark)
_

**Disclaimer: Don’t send the Phishing email to the real person. You will get caught

• Reflection

In your opinion, provide a way to prevent network scanning being performed to your
organization host or devices. (2 marks)
Install a properly configured software firewall. If the scanners in question are on a remote network, use a
network firewall to also block inbound connections.

In your opinion, provide a way to prevent a person from being exposed to social engineering attack. (2
marks)

By deleting any request for personal information or passwords. This is because, nobody should be
contacting for personal information via email unsolicitedly. If get asked for it, then it must be a scam.