User Account

All Pages

Generation of mass mailer attacks, striping

Assignment Help Computer Network Security
Reference no: EM133697611

Computer Network and Security

Assessment: Generation of Mass Mailer Attacks, Striping and Spoofing by Using Kali Linux

Assessment Description and Instructions
There are two major tasks that students are supposed to perform in this assessment.
Social engineering attacks - Mass Mailer Attack
SSL Stripping and ARP Spoofing in Kali Linux

Part-1 Social engineering attacks - Mass Mailer Attack

Social engineering attacks are one of the top techniques used against networks today. Why spend days, weeks, or even months trying to penetrate layers of network security when we can just trick a user into running a file that allows us full access to their machine and bypass antivirus, firewalls, and many intrusion detection systems? This is most commonly used in phishing attacks today, craft an e-mail or create a fake website that tricks user into running, malicious file that creates a backdoor into their system.
In this assessment student will use Kali Linux which includes one of the popular social engineering attack toolkit available, Devid kennedy's Social Engineering Toolkit (SET). More recently several non-social engineering tools have also been added to SET making it a very robust attack tool.
Follow the steps to generate a mailer attack.

Step-1 Installation of Kali Linux:
Kali Linux is a popular operating system used for penetration testing and ethical hacking. While Kali Linux is primarily designed to be installed on its own dedicated hardware or as a virtual machine, there are ways to install it on Windows and macOS. Here are the general steps for installing Kali Linux on both operating systems:
Installation on Windows:
Download the Kali Linux installer for Windows from the official Kali Linux website.
Run the installer executable file and follow the on-screen instructions.
Choose the installation location and other options as per your preference.
Once the installation is complete, you can launch Kali Linux from the Start menu or desktop shortcut.
Installation on macOS:
Download the Kali Linux ISO image for macOS from the official Kali Linux website.
Install a virtualization software like VirtualBox or VMware Fusion on your macOS.
Open the virtualization software and create a new virtual machine.
Configure the virtual machine settings, including allocating system resources and attaching the Kali Linux ISO image as the bootable media.
Start the virtual machine and follow the Kali Linux installation process within the virtualized environment.
Once the installation is complete, you can access Kali Linux by running the virtual machine and launching the operating system.
It's important to note that Kali Linux is a powerful tool and should be used responsibly and legally. Ensure you have a valid use case and adhere to the applicable laws and regulations when using Kali Linux. Additionally, make sure to keep your Kali Linux installation updated with the latest security patches and updates to maintain its effectiveness and security.

After the successful installation, students are required to follow the steps outlined

Step-2 type following command in a terminal :

The Screenshot is following :

We can see the Social-Engineering Attacks in the top of the menu, so we choose number 1 and hit Enter. Then we will be displayed social engineering options as we can see in the following screenshot:

Here in this lab we choose options 5. That is Mass Mailer Attack.
Step-3
One way a Social Engineer will attack a network is to send out a flood of e-,ails to company address and see who will respond or run the malicious attachment we sent with it.

After entering in option 5 in SET we got two options

E-mail Attack single E-mail Address
E-mail Attack Mass Mailer
The screenshot is following:

For this example let's just send one. We press 1 and hit "Enter".
Step-4
Then we enter a target e-mail address. See the following screenshot

For this example, let's just send one. We press 1 and hit "Enter".

Now we select option 1 to use a Gmail account or another server. For this lab we will use a fake Gmail account. The Gmail address and password must be correct.
Then we choose a spoofed name to use for the 'from' line of the message.

Now SET asks for the password of the Gmail account.

Then we press yes at the prompt "Flag this message/s as high priority ?"

We don't want to attach any malicious file so we choose "no" when prompt "Do you want to attach a file ?"

Enter "p" when prompted to "Send the message as html or plain ?"

Now type-in a fake message, preferably one that will entice our victim to click on a malicious link included or entice them surf to a malicious web page.

In actual defense practice this could just be a test webpage that records the IP address of those who were tricked to surf to the page. That way as a security expert we know who in our organization needs to be better educated on the risks of malicious e-mails.

When finished we type "END" in the last line. Just like following screenshot.
Then press "Enter" and SET will send out the e-mail to victim.

The message in above screenshot is obviously a silly fake, but something like this (With a much more believable message ) could be used to test employee's ability to detect, resist and report phishing attempts.

So far we have just sent a fake e-mail that could redirect someone to a bogus site. But if we could make a fake site that offered up a booby script, and if the user allows the script to create shell with the user.

Pat-2 SSL Stripping and ARP Spoofing in Kali Linux

SSL Stripping and ARP Spoofing are two common techniques used in network security attacks. They are often employed by attackers to intercept and manipulate network traffic, particularly in scenarios where Secure Sockets Layer (SSL) encryption is used for secure communication.
SSL Stripping: SSL Stripping is an attack method that aims to downgrade a secure HTTPS connection to an insecure HTTP connection, making the traffic susceptible to interception and manipulation. The attacker typically acts as a Man-in-the-Middle (MitM) by intercepting the communication between the client and the server. The attack involves the following steps:
a. The attacker sets up a rogue access point or performs DNS spoofing to redirect the victim's traffic through their own device.
b. The attacker intercepts the initial HTTPS request from the victim and responds with a modified HTTP response instead of the expected HTTPS response.
c. The attacker then establishes an HTTPS connection with the server on behalf of the victim, making the victim unaware of the downgrade.
d. Throughout the communication, the attacker intercepts and relays the traffic between the client and the server, potentially capturing sensitive information.
Kali Linux, being a powerful penetration testing and security auditing platform, can be used to perform SSL stripping attacks. Tools like "sslstrip" and "Bettercap" are commonly used in Kali Linux for this purpose.

ARP Spoofing: ARP (Address Resolution Protocol) Spoofing, also known as ARP Poisoning, is an attack technique used to manipulate the ARP table in a local network. The attack allows the attacker to redirect network traffic meant for a specific IP address to their own device. The steps involved in an ARP Spoofing attack are as follows:
a. The attacker sends falsified ARP messages to the target network, associating their own MAC address with the IP address of another device on the network, such as the default gateway or a specific target.
b. As a result, the target network starts sending its traffic to the attacker's device, believing it to be the legitimate destination.
c. The attacker can then intercept and manipulate the traffic as desired, potentially capturing sensitive data or launching further attacks.

In Kali Linux, various tools like "Ettercap" and "arpspoof" are available for performing ARP Spoofing attacks. These tools allow the attacker to sniff network traffic, intercept packets, and manipulate them.

There are mainly 4 steps in this type of attack:
Victim requests to the server in HTTPS but by arpspoof attacker spoofed network and the request HTTPS pass through the attacker machine.
After hijacking the HTTPS Request attackers use the same HTTPS Request to the server because many modern servers respond only in HTTPS mode.
When the server responds in HTTPS encrypted format attacker changes it from HTTPS to HTTP, which is a secure connection.

For the victim, the request attacker responds in the form of HTTP and works as a man-in-the-middle.

These types of attacks can be done in public networks. A malicious user can also make their personal WI-FI network and when anyone gets connected to the network they perform credential theft attacks on bank accounts or any other malicious activity.

In this assessment student will use Kali Linux which includes one of the popular social engineering attack toolkit available by following the steps bellow.

SSL Stripping and ARP Spoofing Usage
Following are steps for performing SSL Stripping and ARP Spoofing in Kali Linux:
Step 1: Open the Kali Linux terminal in root mode.

Step 2: Type the following command in the terminal and hit enter to install sslstrip:
$ apt install sslstrip

Installation of sslstrip in our Kali Linux is done successfully.

Step 3: Type the following command in the terminal and hit enter to install dsniff:
$ apt install dsniff

Installation of dsniff in our Kali Linux is done successfully.
Step 4: Type the following command in the terminal and hit enter for finding out the name of the interface of the network.
$ ifconfig

This will show which interface we are using. In our case interface is eth0 and IP is 10.0.2.4
Step 5: Execute the following command in the terminal and hit enter for IP forwarding-

$ echo '1' > /proc/sys/net/ipv4/ip_forward

This will configure our routing table and destination port 80 and it will redirect to port 8080.

Step 7: Type the following command in Terminal and hit enter for finding out the gateway IP of our router.

This will show our gateway IP address. In our case gateway, IP is 10.0.2.1 Step 8: Type the following command in the terminal and hit enter for finding out targets in the network -
$ nmap -sS -O <gateway ip>/24
In our case gateway, IP is 10.0.2.1 so we will use this gateway IP for our task-

This will scan and show all IP of the router and based on the scan result we can identify our target. In our case, we want to attack the second VM machine which is Windows so we will open VM Windows.
Step 9: Open up the command prompt of VM Windows and type ipconfig and hit enter:
$ ipconfig
This will show our VM Windows IP as well as the gateway. Here we can also verify our gateway IP address.
In our case, VM Windows IP is 10.0.2.5

Step 10: Now open up a new terminal with root access in Kali Linux and type the following command and hit enter.
This will start the arpspoof of our target machine.
$ arpspoof -i <interface> -t <target IP> -r <gateway IP>
in our case that is
$ arpspoof -i eth0 -t 10.0.2.5 -r 10.0.2.1

Now the arp spoofing is started.
Step 11: Without closing the arpspoof terminal open up a new terminal with root access and type the following command in the terminal and hit enter:
$ sslstrip -l 8080

This will start SSL stripping on the VM Windows Targeted machine.

Step 12: Now open up the targeted Windows browser and type any web page name. In our case we type https://instagram.com it will go to the login page of Instagram and we are going to enter random data and click the login button.
This data will be captured by the sslstrip.log file in our Kali Linux system.

Step 13: Now open up a new terminal in Kali Linux with root access and type the following command in the terminal and hit enter.

$ cat sslstrip.log

this will show captured data. In this way, we can perform SSL Stripping and ARP Spoofing in our Kali Linux system.

Presentations on Case Study Questions:

Structure of the Report

Title: Case Study Report: Software Development Process and Budget Control System
Introduction
Briefly introduce the Social engineering attacks - Mass Mailer Attack, SSL Stripping and ARP Spoofing in Kali Linux
Provide relevant background information.
Explain the purpose of the report and the importance of addressing the provided questions.
Analysis and Technical Findings

Part-1
Perform practically all the steps mentioned in "Part-1 Social engineering attacks - Mass Mailer Attack" in your systems (laptops), take a screenshot of your Kali results with each step.

Part-2
Perform practically all the steps mentioned in "Part-2 SSL Stripping and ARP Spoofing in Kali Linux" in your systems (laptops), take a screenshot of your Kali results with each step.
Write down your findings if you successfully conducted a Mass Mailer attack, Stripping and Spoofing.
Solutions to prevent from these attacks
What are the potential solutions to prevent spam, mailer attacks or spoofing, how to secure your systems from further attacks.
Conclusion
Summarize the main points and outcomes of this technical report.
Reiterate the significance of the topic and the relevance of the contents.
Offer final thoughts or reflections on the cyber attacks and its implications.
References
Include a list of all the sources cited in the report, following a consistent citation style (IEEE referencing style).

Reference no: EM133697611

Questions Cloud

Project on Cybersecurity Incident Response Planning Tool : MN691 Research Methods and Project Design, Melbourne Institute of Technology - Project on Cybersecurity Incident Response Planning Tool
Caring for ten-year-old client after tonsillectomy : The nurse is caring for a 10-year-old client 6 hours after a tonsillectomy. Which actions by the nurse would indicate to the nurse that further teaching is need
Leading causes of death and disability : Strokes are one of the leading causes of death and disability in the United States. expert opinion anecdotal evidence no evidence facts and statistics.
How can the hr department and line manager collaborate : How can the HR department and line manager collaborate to develop an authentic environment built on trust for a virtual and global workforce?
Generation of mass mailer attacks, striping : NTW 600 Computer Network and Security, Polytechnic Institute Australia - Generation of Mass Mailer Attacks, Striping and Spoofing by Using Kali Linux
How did conducting research and going through each step : What are the benefits of being in that classification? How did conducting research and going through each step of legal analysis help you to reach conclusion?
Provide about etanercept therapy : What teaching do you need to provide about etanercept therapy? Use the same injection site for each dose.
Evaluated for secondary causes of hypertension : An adult patient is being evaluated for secondary causes of hypertension due to resistant blood pressure and an onset of high blood pressure at an earlier age.
Complaining of constant fatigue for couple of months : Paula has been complaining of constant fatigue for a couple of months. In addition, she has become detached and has stopped eating.

Reviews

Write a Review

Computer Network Security Questions & Answers

  Malware introductions to the network

Determine the best practices that should be implemented by the security department to help reduce the risks of malware introductions to the network. Propose what users and systems administrators should do when a potential infection has been suspec..

  Write down a 1400- to 2100-word paper which explains the

write a 1400- to 2100-word paper that describes the security authentication process.discuss how this and other

  Comparison of the digital forensics tools

Comparison of the digital forensics tools that you used in this work and Demonstration of the two digital forensics tools that you used in this work on week 7

  What are the main differences between operating systems

What are the main differences between operating systems for mainframe computers and personal computers?

  Have you personally encountered like farming

Have you personally encountered like farming? Have you reviewed your activity log? Have you ever liked a post that has turned out bad?

  Web-based interface running on another server

Car Rental USA hired you as a consultant. They are building an in-house application system that will pull data from a database located on one server, and display it via a Web-based interface running on another server. What are security issues t..

  Use the stream cipher discused in class

Use ECB mode with block length 3 and the permutation cipher for the following operation.

  What sorts of protection is provided by the bank

What sorts of protection is provided by the bank to ensure secure online banking? Justify why the bank would use these security measures.

  Determination of the legal and ethical issues of seizure

A determination of the legal and ethical issues of seizure, handling, and investigating electronic evidence such as data and information contained on smartphones, flash drives, etc.

  Create a three page policy for business continuity

Create a three page policy for business continuity for the White House security staff. Prepare a plan based on the critical nature of information that is presented within the executive department and military strategies that are reviewed for actio..

  Analyzing images to identify suspicious or modified files

Analyzing Images to Identify Suspicious or Modified Files - Image Analyzer to sort and analyze the images contained within an evidence drive under investigation

  Wireless lan vulnerabilities assessment

LD7008 Wireless networks & Security, Northumbria University - Understand the global nature of WLAN standards and design.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd