[go: up one dir, main page]
Scribd
Upload
204 views13 pages

Cb3602 Lab Manual

The document outlines various cybersecurity exercises, including using Wireshark to explore protocol headers, demonstrating MD5 hash collisions, computing MACs and HMACs, and implementing various types of attacks such as buffer overflow, DoS, and MITM. Each exercise includes a clear aim, procedure, expected output, and confirmation of successful execution. Tools required for each task are also specified, along with the results achieved.

Uploaded by

developers crew
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
204 views13 pages

Cb3602 Lab Manual

The document outlines various cybersecurity exercises, including using Wireshark to explore protocol headers, demonstrating MD5 hash collisions, computing MACs and HMACs, and implementing various types of attacks such as buffer overflow, DoS, and MITM. Each exercise includes a clear aim, procedure, expected output, and confirmation of successful execution. Tools required for each task are also specified, along with the results achieved.

Uploaded by

developers crew
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

EX : 01

Using Wireshark to Explore Protocol Headers


DATE :

Aim :
Using Wireshark to Explore Protocol Headers

Procedure:

• Install Wireshark on your system.

• Launch Wireshark and start a packet capture on the network interface you are using.

• Visit any website and observe the captured packets.

• Look at the packet details to identify the Ethernet, IP, TCP, HTTP, and other protocol
headers.

• Analyze the headers to understand the information contained in each layer.

Flow Diagram

Output:

- Ethernet II: Src MAC, Dst MAC

- IPv4: Src IP, Dst IP, TTL

- TCP: Src Port, Flags

- HTTP: GET /index.html

Result:

The procedure is followed successfully.


EX : 02
Demonstrate Two Different Certificates Producing Same MD5 Hash
DATE :

Aim
Demonstrate Two Different Certificates Producing Same MD5 Hash
Procedure:

• Study MD5 hash collisions using tools like HashClash or online examples.
• Obtain two sample X.509 certificates with same MD5 hash.
• Use OpenSSL or hashing tool to verify MD5 collisions.

Flow Diagram

Output:
Same MD5 hash for both files.
Result:
The procedure is followed successfully.
EX : 03
Computing MACs, HASH and HMAC for Messages
DATE :

Aim
Computing MACs, HASH and HMAC for Messages
Procedure:

• Write or use a script to compute HASH using SHA-256.


import hashlib
import hmac

msg = b"Hello"
key = b"secret"

print("SHA256:", hashlib.sha256(msg).hexdigest())
print("HMAC:", hmac.new(key, msg, hashlib.sha256).hexdigest())

• Compute HMAC using a secret key and SHA algorithm.


• Compare results and understand message integrity checking.

Flow Diagram:

Output:
SHA256 and HMAC values
Result:
The procedure is followed successfully.
EX : 04
Implement and Demonstrate Buffer Overflow Attack
DATE :

Aim :
Implement and Demonstrate Buffer Overflow Attack
Procedure

• Create a C program vulnerable to buffer overflow.

• Compile without stack protection (e.g., -fno-stack-protector).

• Input large strings to exploit and overwrite memory.

• Observe abnormal program behavior.

Flow Diagram :

Output :
Segmentation fault or return address overwrite.
Result:
The procedure is followed successfully.
EX : 05
Implement and Demonstrate DoS and DDoS Attacks
DATE :

Aim:
Implement and Demonstrate DoS and DDoS Attacks
Procedure
• Use tools like LOIC or Hping3 to generate DoS traffic.

• Simulate DDoS using multiple virtual machines or containers.

• Observe server slowdowns or unresponsiveness

Flow Diagram

Output:

Target server becomes slow or unreachable under traffic.


Result:
The procedure is followed successfully.
EX : 06
Implement ARP Attack and Man-in-the-Middle (MITM)
DATE :

Aim:
To Implement ARP Attack and Man-in-the-Middle
Tools Required:

• Ettercap for Windows


• Wireshark

Procedure:

• Install Ettercap from the official website and follow instructions.


• Install Wireshark to monitor network traffic.
• Enable IP forwarding by executing a registry command in Administrator CMD.
• Launch Ettercap, scan for hosts, add target and gateway to target list.
• Initiate ARP poisoning and start sniffing.
• Monitor captured traffic using Wireshark.

Flow Chart
Output:
Captured packets between the victim and the gateway displayed in Wireshark.

Result:
Successfully performed ARP spoofing and intercepted network traffic.
EX : 07
Implement Botnet Attack Detection Using Public Dataset
DATE :

Aim:
Implement Botnet Attack Detection Using Public Dataset.
Tools Required:

• Python (Anaconda)
• Jupyter Notebook
• Scikit-learn
• Pandas
• NumPy
• N-BaIoT Dataset

Procedure:

• Install Anaconda and launch Jupyter Notebook.


• Download N-BaIoT dataset from Kaggle.
• Load dataset using Pandas, preprocess it.
• Split into training/testing datasets.
• Train a classifier like Random Forest.
• Evaluate performance with accuracy, precision, recall.
Flowchart
Output:
Classification report displaying the model's accuracy, precision, and recall.

Result:
Successfully detected botnet activities using ML on Windows.
EX : 08
Explore and Install Snort Intrusion Detection Tool
DATE :

Aim:
Explore and Install Snort Intrusion Detection Tool
Tools Required:

• Snort
• WinPcap or Npcap

Procedure:

• Install WinPcap or Npcap.


• Download and install Snort for Windows.
• Edit snort.conf with correct rule paths.
• Run Snort in test mode to check configuration
Flowchart

Output:
Snort initializes without errors and is ready to monitor traffic.
Result:
Successfully installed and configured Snort.
EX : 09
Implement Firewall Rules Using Snort
DATE :

Aim :
To Implement Firewall Rules Using Snort
Tools Required:

• Snort
• Custom rule set
Procedure:

• Create a rule in local.rules (e.g., alert on HTTP connections).


• Include local.rules in snort.conf.
• Run Snort with the configuration.
• Generate HTTP traffic and check for alerts.
Flowchart

Output:
Snort alerts displayed on the console when HTTP traffic is detected.
Result:
Firewall rules implemented successfully using Snort.
EX : 10
Generate Network Attack and Detect Using Snort
DATE :

Aim:
To Generate Network Attack and Detect Using Snort
Tools Required:

• Snort
• Metasploit
• Target system (VM)
Procedure:

• Install Metasploit Framework on a separate system or VM.


• Ensure target system is on same network.
• Configure and run Snort to detect the attack.
Flowchart

Output:
Snort detects and logs attack patterns from Metasploit.
Result:
Successfully detected network attack using Snort.

You might also like