Please see attached docs.
4 CYB 205 Lab – Command Line tools This lab is done in 2 parts – the command line, and the applications. We will use the applications in class. We will work at the command line in Windows and Linux, then look at some hacking tools in Kali, including the Harvester and Metagoofil. Part 1: Command Line Tools – the first steps of scanning. As you do this lab, take screenshots of your work. Explain what the command does, and make sure you label your screenshots. This is done at the command line in Windows. Be sure you get screenshots. If you want to challenge yourself, do the lab in both Windows and Linux. Pre-lab work: define the following commands: ping traceroute ipconfig and ifconfig (is ifconfig deprecated now? What does that mean? What should you use?) nslookup hostname MAC address Step 1: Open a command line window. To go to the command line in Windows, type cmd in the search bar. (To go to the command line on Mac OS X, open your Applications folder, then open the Utilities folder. Open the Terminal application. You may want to add this to your dock. Another way is to launch terminal by using the Spotlight search in OS X, searching for “terminal”.) Step 2: From the command line, using the ping command ping three of your favorite websites. For example, if I wanted to ping Amazon, at the command prompt I would type ping Amazon.com Step 3: Use whois or Robtex to find the IPAddress of your three favorite websites. To look at Robtex - https://www.robtex.com/dns-lookup/, then select the Summary tab. At the command prompt, type ping IP Address you found in your search. i.e., to ping Amazon, at the command prompt type ping 54.239.17.6 Step 4: Answer the following question: what information were you able to gather from the WhoIs search? What about Robtex? Which do you prefer, and why? Step 5: At the command prompt window, type the following command: tracert your three favorite websites, where the text your three favorite websites are replaced by the three websites you used when conducting your ping search. i.e., if I were using this command for Amazon, I would type tracert www.amazon.com Step 5: Using the tracert command, do the same thing you did in step 4, except this time use the IP address instead of the domain name. Step 6: In 3-4 sentences, what does tracert find? How would this be helpful to a network administrator or a hacker? Step 7: Using ipconfig or ifconfig – at the Windows command prompt, type ipconfig /all and provide a screenshot of your results. You can do this in your Kali Linux box; however, if you do this in Kali, you’ll type ifconfig at the command line. Step 8: What is the MAC address you found in step 7? Here’s a cool utility to help you - http://aruljohn.com/mac.pl Type the MAC address you found in the textbox that says “lookup MAC address”. Provide your results. Step 9: At the Windows command prompt, type netstat Watch the output for a while, then hit CTRL C to close it. Now, at the Windows command prompt, type netstat /? Answer the following questions: What does the -a switch do? What does the -e switch do? What does the -p switch do? What does the -n switch do? Part 2: Kali Hacking Tools A note about this lab: screenshots must be provided along with descriptive information. Don’t stop here! Step 1: Open your virtual machine and go to the /usr/bin directory Step 2: Observe all the programs that come with Kali. Do a little bit of research on 3 of them – what do they do? Step 3: Look at the list of programs. Is The Harvester listed? If yes, do some research and find out what this program does. Why would it be useful to a hacker? Tool #1 - The Harvester tool: Step 4: If The Harvester is not listed, use the command to install it: apt-get install theharvester Step 5: Do some research and look at TheHarvester. What information does it provide? Here are some of The Harvester options: -d: Domain to search or company name -b: Data source (google,bing,bingapi,pgp,linkedin,google-profiles,people123,jigsaw,all) -s: Start in result number X (default 0) -v: Verify host name via dns resolution and search for virtual hosts -f: Save the results into an HTML and XML file -n: Perform a DNS reverse query on all ranges discovered -c: Perform a DNS brute force for the domain name -t: Perform a DNS TLD expansion discovery -e: Use this DNS server -l: Limit the number of results to work with(bing goes from 50 to 50 results, -h: use SHODAN database to query discovered hosts google 100 to 100, and pgp doesn't use this option) Examples: theharvester -d microsoft.com -l 500 -b google theharvester -d microsoft.com -b pgp theharvester -d microsoft -l 200 -b linkedin Step #6: Do a Harvester search on your favorite website – maybe utica.edu! Here’s an example: theharvester -d utica.edu -l 50 -b google Step #7: What information did you find in your search? Tool #2 – exif tool Step #8: Place a .jpg image on the desktop of your virtual machine. Step #9: At the command line, type exif name of your .jpg file Step #10: You should see some coordinates appear. Use this website to find the location the photo was taken: https://www.gps-coordinates.net/ Step #11: Enter those coordinates into the following website (see graphics below for information on coordinates). Tool #3: Metagoofil Step #12: Do some research on the Internet. What does this tool do? Step #13: Search the /usr/bin directory. Is metagoofil listed? If not, you need to install it. How do you do this? Navigate back to your desktop. Step #14: If you were to scan for documents from a domain (-d kali.org) that are PDF files (-t pdf), searching 100 results (-l 100), download 25 files (-n 25), saving the downloads to a directory (-o kalipdf), you would enter this command: metagoofil -d kali.org -t pdf -l 100 -n 25 -o kalipdf Try it, except lower the number of results to 20 and the number of downloaded files to 5 on a different website. Really read this, and understand what you’re doing. metagoofil -d kali.org -t pdf -l 20 -n 5 -o kalipdf Step #15: Conduct another search and create your own parameters. What did you do? What are your results? Step #16: Now it’s your turn. Do some research on some cool things you can do with Kali. With your neighbor(s), use a few tools not listed here. Provide good screenshots and directions on what you did. How did you obtain your results? Where did you find information to do this? Hint: Google is your friend, and if you ask it nicely, it will provide you some beginning tutorials. If you’re an advanced user, really challenge yourself here! Guidelines for Writing a Lab Report Group work: each group will meet prior to beginning lab work. There are three members per group. Each group member rotates the role as outlined below: Manager. The manager delegates the work (including her/his own). At the conclusion of the lab, the manager includes a paragraph indicating who was responsible for each section. The manager of the lab report is ultimately responsible for quality control, which includes formatting. Time keeper. The time keeper creates a timeline for project completion. At the conclusion of the lab, the time keeper includes the timeline, which is a list of the tasks delegated by the manager. The time keeper determines if the tasks were completed per the time line, and if not, when the tasks were completed. Did each person complete their assigned tasks on time? If not, why? Note taker. The note taker maintains a directory (folder) of lab results, findings, and screenshots. The note taker is also responsible for archiving the communications between group members. This allows the professor to review group communication to ensure all group members participated. This folder will be zipped and submitted as part of the lab report. General Guidelines: Lab reports should be written in a clear and concise manner in the 3rd person. For the purposes of this class there should never be any reference to I, he, she, we, etc. For instance, instead of writing “As instructed, I opened all files except for the unallocated space text file.” write “As instructed, all files were opened except the unallocated space text file.” Another example: instead of writing “When attempting to open this file, we receive an error stating that the file was either damaged or is not a supported file type.” Consider “When attempting to open this file, an error is received stating that the file was either damaged or is not a supported file type.” Please ensure that all sentences are grammatically correct and that there are no mistakes in spelling. Please make sure to use proper grammar, sentence structure, and make sure you include proper citation and referencing of other's work. Use APA for citations and references. Make sure your font and size are consistent throughout the lab. Because your papers require APA, use Times New Roman 12-point font, 1-inch margins, double spaced. See Report Sections below for guidance on what is expected for each section of the lab report. Also, you can find a Sample Lab Report that meets these guidelines in the Getting Started section under Assignment and Lab Writing Guidelines. Title Page: Should include your name and the name of the experiment. An example is: Name (s) Course Number and Name (e.g., CYB 333 – Information Security) Name of the Lab (e.g., Wireshark Lab) Report Sections: Introduction This section shall consist of a description and discussion of the general technology that you will be working on and not just the specific experiment and the specific software. For example, if the assigned lab is on steganography and using the Invisible Secrets software system, you would write about the technology area of steganography, what it is, how it works, what tools and technologies exist in the area of steganography, etc. Write this section in a general sense. Objective “The objective