Main Menu

My Account
Online Free Samples
   Free sample   Ethical hacking assignment custom built scripts port scannerand password cracker

Ethical Hacking Assignment on Custom-built Scripts: Port Scanner&Password Cracker

Question

Task: Ethical Hacking AssignmentOverview:
Programming is an essential skill for an ethical hacker or a pen-tester; therefore, having an understanding of this skill is considered an advantage. The aim of this portfolio assessment, along with the relevant lecture/reading materials, is to provide students with the skills that enable them to understand different programs/utilities, and to find vulnerabilities in order to rectify them before an unethical hacker can take advantage of such loopholes.

Ethical Hacking AssignmentTask: You are required to write two simple custom-built programs/scripts: one for a ‘Port Scanner’ and the other for a ‘Password Cracker’. To undertake this task, you will be provided with pseudocodes for both programs/scripts at the start of the semester. Note the following essential requirements/important information:
a. The port scanner must be written for and run against the given Pen-Testing Investigation machine. The output of your port scanner can be compared to the output of ‘nmap’.
b. The password cracker must be written and executed against the ‘shadow’ file of the given Pen-Testing Investigation machine. You will be required to understand the concept of wordlists, such as ‘RockYou’ and ‘darkc0de’. However, while executing the program, you are allowed to create a subset of the wordlist file containing a maximum of 200 entries.
c. Students are free to use programming language and a platform of their choice; however, Python is recommended for those who are new to programming.
d. Students must provide instructions for compiling and executing both scripts as per the chosen programming language and platform.
e. In addition to pseudocodes, related readings and lecture materials should be sufficient for students to complete this portfolio assessment.
f. You must make use of comments in your source code. If you have taken help from any online source or a book, you must acknowledge that in your comments.
g. Support from your tutor/lecturer will only be available on the Kali Linux platform and coding in Python programming language.

Answer

Introduction:
As an ethical hacker it is mandatory to understand programming languages. In this ethical hacking assignmentwe were asked to write two custom scripts listed below.

• Port Scanner
• Password cracker
Both the programs are written using Python. Python has may libraries which are operating system specific. Such libraries are used in these programs. Both these programs are created on Ubuntu Linux and must be compatible with any Linux distro. Python 2.7 is used to write these programs and must be run with the same python version for batter results.

Port Scanner:
Port scanning is a fundamental stepin the information gathering phase of a Penetration Test. It gives the tester an idea about the system by scanning it for its open ports and services running on them. A port scanner is a program that scans a host for its open ports. A script fully compatible with python 2.7is written to make a simple port scanner program. This script is ready to execute under any Linux based Operating System.

This scriptasks the user to enter an IP address or a domain name to scan. Then it asks for the port number to start and end the scan. It uses a function to get IP address if a domain name is mentioned. Then it makes use of the socket library to check for the open ports. It tries to establish a TCP connection with each mentioned port. If a connection succeeds it learn that port is open. To interrupt an undergoing scan sys library is called. It stops the scan with a message upon pressing CTRL+C.

******************************************************************************
# Program for port scanning
# importing the relevant libraries
import socket
import sys
# Asking for the website or IP address under scan
targetIP = raw_input("Enter a website or IP address to scan: ")
startPort = int(raw_input("Enter the starting port number: "))
endPort = int(raw_input("Enter the ending port number: "))
# defining the variables
currentPort = startPort
count = 0
# convert the domain name to IP address
targetHostIP = socket.gethostbyname(targetIP)
# To give it a nicer look
print ("." * 70)
print (targetHostIP,"is being scanned, please wait")
print ("." * 70)
# scan and print the open ports
try:
for port in range(startPort, endPort):
# Look for IPv4 address and establishing a TCP connection with the host
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
result = sock.connect_ex((targetIP, port))
if result == 0:
print ("Port {}: is Open".format(port))
count = count + 1
currentPort = currentPort + 1
sock.close()

# if there is no port in the given range is open print the message.
if count == 0:
print("Given ports are closed in this host.")
# after completing the scan print the message.
print("Scan has completed successfully.")
# To stop the undergoing scan
except KeyboardInterrupt:
print ("Ctrl+C pressed; Scan stopped.")
sys.exit()
******************************************************************************

Requirements:
To run this code:
• Python 2.7 must be installed.
• By default, it is not compatible with python 3.x but can be made compatible by replacing raw_input with inputin line numbers7, 8 and 9.
• IP address, hostname, or domain name anything can be used to specify the target.
• The exact command should be like python portscanner.py

Output:
Successful execution should produce an output like below.

Password Cracker in ethical hacking assignment

Password Cracker:
A password cracker is a program which is used to extract the encrypted passwords in plain text by using brute force or comparing with a dictionary or wordlist. We have made a very small and simple password cracker program written in python. This program uses a small wordlist containing 200 words. Program is compatible with python 2.7 and can be run on any distribution of Linux.

Linux distributions normally store the hashed passwords for all the users in a file name “shadow” present in “etc” directory. This code asks the user to enter the path for shadow file and then for the dictionary file. Then it simply creates hash for each password in the wordlist and compare it with the hashed password for each user one by one. If a match found, it will simply return the correct password for the user otherwise it will return an output line saying that no match was found. This code uses a crypt library to encrypt the passwords. Windows OS does not provide support for this library hence the code is not compatible with Windows OS. It must be run on any Linux distribution. The code with appropriate comments is given below.

******************************************************************************
# Password cracker program
# importing relevant libraries
import crypt
# Asking the path of shadow and dictionary files
shadow_file = raw_input("Enter the path for shadow file: ")
dict_file = raw_input("Enter the path for password file: ")
# Defining a password cracker function
defpasscrack(cryptpass):
# opening the dictionary file
pwdList = open(dict_file,'r')
# create a hash for each password in the wordlist and store it in a variable.
for each_passwd in pwdList.readlines():
each_passwd = each_passwd.strip('\n')
cryptword = crypt.crypt(each_passwd,cryptpass)
# compare both the hashes and display the result
if (cryptword == cryptpass):
print ("[+] Found password: "+each_passwd+"\n")
return
print ("[-] Password not found.\n")
return
# main function
def main():
hashList = open(shadow_file,'r')
# reading each password hash from the file and store it in a variable
for line in hashList.readlines():
if ":" in line:
user = line.split(':')[0]
cryptpass = line.split(':')[1].strip(' ')
print ("[*] Cracking password for: "+user)
passcrack(cryptpass)
if __name__ == "__main__":
main() ******************************************************************************

Requirements:
To run this program:

• Must be running any Linux distro, Debian, Ubuntu is recommended.
• Python 2.7 must be installed.
• Shadow file must be copied to the same directory in which the script resides.
• From Linux terminal following command must be run. python passwordcracker.py

Output:
A successful execution produces the following output.

Password Cracker in ethical hacking assignment

References
Cracking passwords with Python. (n.d.). Hacking and security. https://hackingandsecurity.blogspot.com/2016/05/cracking-passwords-with-python.html
Port scanner using Python. (2020, April 30). GeeksforGeeks. https://www.geeksforgeeks.org/port-scanner-using-python/
Simple /etc/shadow cracker.Ethical hacking assignment (n.d.). Stack Overflow. https://stackoverflow.com/questions/38907450/simple-etc-shadow-cracker
What is a Port scan? (n.d.). Palo Alto Networks. https://www.paloaltonetworks.com/cyberpedia/what-is-a-port-scan

NEXT SAMPLE

Related Samples

Question Bank

Looking for Your Assignment?

Search Assignment
Plagiarism free Assignment

FREE PARAPHRASING TOOL

PARAPHRASING TOOL
FREE PLAGIARISM CHECKER

FREE PLAGIARISM CHECKER

PLAGIARISM CHECKER
FREE PLAGIARISM CHECKER

FREE ESSAY TYPER TOOL

ESSAY TYPER
FREE WORD COUNT AND PAGE CALCULATOR

FREE WORD COUNT AND PAGE CALCULATOR

WORD PAGE COUNTER



AU ADDRESS
9/1 Pacific Highway, North Sydney, NSW, 2060
US ADDRESS
1 Vista Montana, San Jose, CA, 95134
ESCALATION EMAIL
support@totalassignment
help.com