User Account

All Pages

What is the ip address of the web server

Assignment Help Computer Engineering
Reference no: EM131260000

Analyzing Wireshark Capture

You ran Wireshark during one of the logins to the site and got the following capture, webadmin.pcap.  Download the pcap file in Kali and open it in Wireshark.  Use the information in it to fill in the blanks of the following:

What is the IP address of the web server? 

What page was accessed to login? 

To prove the lack of security, what was the username   and password used to login?

What HTTP-related protocol would you recommend that the company use to protect the username and password?

Setup for remainder of exam

For this exam you will need Kali installed in VirtualBox as well as Windows installed in VirtualBox. Note: if your host is Windows you could technically use that, but be aware that for this to work you will be doing things such as disabling firewall and installing tools like netcat etc. on Windows, which is why running it in VirtualBox is the suggested method.

To get a Windows 7 image to run in VirtualBox, go to https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ and download IE8 on Win 7 VirtualBox image.  Once you have downloaded the zip, unzip it (preferably with 7zip) to extract the owa file within.  You can them import that owa image into VirtualBox.

Run your Windows virtual machine.  Use the installed browser to download and then install Firefox and/or Chrome.

Turn off the Windows firewall on your Windows virtual machine.  This will ensure that Kali is able to see it.

Shutdown your Windows virtual machine.

Change the network settings of your Windows virtual machine

Select either Host-only (better) or Bridged adapter for the Networking setting of the Windows virtual machine.  Note: If using Host-only make sure that your Kali VM also has at least 1 network adapter set as Host-only network (shown in video from last class).

Then run both Kali and your Windows virtual machines.

Test that Kali can see your Windows machine and vice-versa using the ping command.

Open terminal/command shell in both Kali and Windows.  In Kali, type ifconfig to see its IP address.  On Windows, type ipconfig to see its IP address.  Now that you know the IP address of both machines you can test that each can see the other.

In the Kali terminal type ping IP-address-of-your-Windows-VM.  For example, if your Windows VM has the IP address of 192.168.1.7, you would type ping 192.168.1.7. Then do the opposite. Try pinging your Kali VM from your Windows VM using the cmd prompt in Windows.

Capture All Kali Work Using Script

Finally, like we did in the bandit assignment, you must capture all your Kali work using script.  Your log file must be named midterm.log and the corresponding timing file must be named midterm_timing.txt.  Remember to use the -a flag on script.  Also, if you are not completing everything in one session, use exit when you have finished a session, and re-run the script command again at the beginning of a new session.

Finding Files

You are going to need to transfer a few tools from Kali to Windows.  In the Kali terminal window, use the command shown in class to locate the Windows executables for sbd, netcat, and ncat.

Where is the Windows ncat executable located in Kali?

Transfer necessary files

1. Start the web server on your Kali VM.

2. Copy the Windows executable netcat and ncat files into the web server's root directory.

3. Make sure that the permissions on them are readable for all.

4. Fire up Wireshark on Kali and set a capture filter to only capture data between the IP of your Kali VM and the IP of your Windows VM.

5. Start the capture on the correct interface.

6. In your Windows VM open Firefox/Chrome and put in the IP address of your Kali VM followed by /sbd.exe to download the sbd.exe to your Windows VM. So for instance, if the IP address of my Kali VM was 192.168.1.13, in my Windows VM the address I would type into Firefox/Chrome would be https://192.168.1.13/ncat.exe

7. Now also download the Windows netcat executable in the same way.

8. Stop the Wireshark capture.  Make sure that your Wireshark capture shows the HTTP download of all the tools.

9. Save (as) the capture in the default pcap-ng format in a file named cats-download.pcapng.  Upload that file as a submission to this question.

Use netcat or ncat to transfer sbd

1. Again fire up Wireshark and capture only traffic between your Kali and Windows VM's.

2. Use either netcat or ncat to transfer the Windows executable for sbd from Kali to Windows.

3. Stop your Wireshark capture.

4. Save (as) the file as sbd-transfer.pcapng.

5. Upload sbd-transfer.pcapng here.

Attachment:- Assignment.rar

Reference no: EM131260000

Questions Cloud

Find a sphere with initial temperature a function of r only : a flat circular disk with sides held at 100?C with the flat surfaces insulated
Examine two aspect of teamwork training that change a person : Examine two aspects of teamwork training that change a person into a transformational leader. Justify your response.
What do we mean by change in accounting estimates : What do we mean by a change in accounting estimates? How is a change in accounting estimate different than a change in accounting principle? Why did the accounting profession choose to handle changes in estimates using the prospective approach instea..
What do we mean by a change in accounting principle : What do we mean by a change in accounting principle? Where are changes in accounting principle disclose on a company's annual report? How is the change reflected on a company's financial statements? The most noteworthy item on the income statement is..
What is the ip address of the web server : You ran Wireshark during one of the logins to the site and got the following capture, webadmin.pcap.  Download the pcap file in Kali and open it in Wireshark. Use the information in it to fill in the blanks of the following: What is the IP address..
Could the information in the documents be trade secrets : Wilchcombe was not paid, but was given credit on the album as a producer. After the album had sold 2 million copies, Wilchcombe filed a suit against LJESB, alleging copyright infringe- ment. The defendants claimed that they had a license to use th..
Number of games the fans attends : Suppose the typical Buffalo Bills fan has the following demand curve for Bills football games: P = 100 - 10G where G is the number of games the fans attends.
The president of hill enterprises terri hill projects : Her operations manager is considering a new plan, which begins in January with 200 units on hand. Stockout cost of lost sales is $100 per unit. - Evaluate this plan.
Federal claims on the contested income tax issues : Anna's 2013 individual tax return was examined and the IRS proposed changes resulting in additional tax. Anna wishes to bypass the IRS's appeal system and file a refund suit in the united states court of federal claims on the contested income tax iss..

Reviews

Write a Review

Computer Engineering Questions & Answers

  Write down a not so bad cardiac simulator

The user has to be prompted to type in a 3 digit number, and then the program should print to the screen whatever the CARDIAC Instruction Decoder box would show had that been the instruction.

  Explain the actions you will take to correct

A user calls to report that she is unable to log on to email. You respond with a couple of quick questions. Because you know that no one else is using the network right now, you cannot find out whether the problem is unique to her machine or affec..

  How pert may be used for strategic decision making

Based on the article "One Application for Using PERT Methodology in Strategic Decisions," write down a memo to your CIO recommending how PERT may be used for strategic decision making and assisting project managers who need to deal with complex pr..

  Who are the victims of the cybercrimes

Who are the victims of the cybercrimes that are your examples? What sorts of problems do the acts described create for the victims

  How quick kruskal''s algorithm run

imagine that all edge weights in a graph are integers in the range from 1 to |V|.how quick Kruskal's algorithm run.

  Give an example of a useful class

Visual Basic.NET allows you to make your own classes. Provide an example of a useful class you could create. What methods and properties would you include? Show an example of a method declaration for your class.

  Make a detailed list of briefing points which would help

assume that you are working for the marketing department of microsoft china. develop a detailed list of briefing points

  Why a foreign key must match another table primary key

Word's Save as Web Page Command, by default, saves the document in a format known as?

  Generate and show all power-of-two numbers

show an arbitrary user-input integer.generate and display all power-of-two numbers in the range +128 to -128.

  Create a gui front end for bubble sort

This is what I want to achieve. I have an array of positive integers that I wish to sort according to the sequence represented by the integer number line

  Determine the effect of this capacitor bank on line loadings

Determine the effect of this capacitor bank on line loadings and the total real power losses (shown immediately below bus 2 on the one-line).

  Make a c++ class that implements a "safe" array

design a C++ class that implements a "safe" array, where the arrays bounds are checked before accessing its elements. The class constructor must accept an integer parameter and create a dynamic array of that size for storing integers, implemented ..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd