User Account

All Pages

What is the ip address of the web server

Assignment Help Computer Engineering
Reference no: EM131260000

Analyzing Wireshark Capture

You ran Wireshark during one of the logins to the site and got the following capture, webadmin.pcap.  Download the pcap file in Kali and open it in Wireshark.  Use the information in it to fill in the blanks of the following:

What is the IP address of the web server? 

What page was accessed to login? 

To prove the lack of security, what was the username   and password used to login?

What HTTP-related protocol would you recommend that the company use to protect the username and password?

Setup for remainder of exam

For this exam you will need Kali installed in VirtualBox as well as Windows installed in VirtualBox. Note: if your host is Windows you could technically use that, but be aware that for this to work you will be doing things such as disabling firewall and installing tools like netcat etc. on Windows, which is why running it in VirtualBox is the suggested method.

To get a Windows 7 image to run in VirtualBox, go to https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ and download IE8 on Win 7 VirtualBox image.  Once you have downloaded the zip, unzip it (preferably with 7zip) to extract the owa file within.  You can them import that owa image into VirtualBox.

Run your Windows virtual machine.  Use the installed browser to download and then install Firefox and/or Chrome.

Turn off the Windows firewall on your Windows virtual machine.  This will ensure that Kali is able to see it.

Shutdown your Windows virtual machine.

Change the network settings of your Windows virtual machine

Select either Host-only (better) or Bridged adapter for the Networking setting of the Windows virtual machine.  Note: If using Host-only make sure that your Kali VM also has at least 1 network adapter set as Host-only network (shown in video from last class).

Then run both Kali and your Windows virtual machines.

Test that Kali can see your Windows machine and vice-versa using the ping command.

Open terminal/command shell in both Kali and Windows.  In Kali, type ifconfig to see its IP address.  On Windows, type ipconfig to see its IP address.  Now that you know the IP address of both machines you can test that each can see the other.

In the Kali terminal type ping IP-address-of-your-Windows-VM.  For example, if your Windows VM has the IP address of 192.168.1.7, you would type ping 192.168.1.7. Then do the opposite. Try pinging your Kali VM from your Windows VM using the cmd prompt in Windows.

Capture All Kali Work Using Script

Finally, like we did in the bandit assignment, you must capture all your Kali work using script.  Your log file must be named midterm.log and the corresponding timing file must be named midterm_timing.txt.  Remember to use the -a flag on script.  Also, if you are not completing everything in one session, use exit when you have finished a session, and re-run the script command again at the beginning of a new session.

Finding Files

You are going to need to transfer a few tools from Kali to Windows.  In the Kali terminal window, use the command shown in class to locate the Windows executables for sbd, netcat, and ncat.

Where is the Windows ncat executable located in Kali?

Transfer necessary files

1. Start the web server on your Kali VM.

2. Copy the Windows executable netcat and ncat files into the web server's root directory.

3. Make sure that the permissions on them are readable for all.

4. Fire up Wireshark on Kali and set a capture filter to only capture data between the IP of your Kali VM and the IP of your Windows VM.

5. Start the capture on the correct interface.

6. In your Windows VM open Firefox/Chrome and put in the IP address of your Kali VM followed by /sbd.exe to download the sbd.exe to your Windows VM. So for instance, if the IP address of my Kali VM was 192.168.1.13, in my Windows VM the address I would type into Firefox/Chrome would be https://192.168.1.13/ncat.exe

7. Now also download the Windows netcat executable in the same way.

8. Stop the Wireshark capture.  Make sure that your Wireshark capture shows the HTTP download of all the tools.

9. Save (as) the capture in the default pcap-ng format in a file named cats-download.pcapng.  Upload that file as a submission to this question.

Use netcat or ncat to transfer sbd

1. Again fire up Wireshark and capture only traffic between your Kali and Windows VM's.

2. Use either netcat or ncat to transfer the Windows executable for sbd from Kali to Windows.

3. Stop your Wireshark capture.

4. Save (as) the file as sbd-transfer.pcapng.

5. Upload sbd-transfer.pcapng here.

Attachment:- Assignment.rar

Reference no: EM131260000

Questions Cloud

Find a sphere with initial temperature a function of r only : a flat circular disk with sides held at 100?C with the flat surfaces insulated
Examine two aspect of teamwork training that change a person : Examine two aspects of teamwork training that change a person into a transformational leader. Justify your response.
What do we mean by change in accounting estimates : What do we mean by a change in accounting estimates? How is a change in accounting estimate different than a change in accounting principle? Why did the accounting profession choose to handle changes in estimates using the prospective approach instea..
What do we mean by a change in accounting principle : What do we mean by a change in accounting principle? Where are changes in accounting principle disclose on a company's annual report? How is the change reflected on a company's financial statements? The most noteworthy item on the income statement is..
What is the ip address of the web server : You ran Wireshark during one of the logins to the site and got the following capture, webadmin.pcap.  Download the pcap file in Kali and open it in Wireshark. Use the information in it to fill in the blanks of the following: What is the IP address..
Could the information in the documents be trade secrets : Wilchcombe was not paid, but was given credit on the album as a producer. After the album had sold 2 million copies, Wilchcombe filed a suit against LJESB, alleging copyright infringe- ment. The defendants claimed that they had a license to use th..
Number of games the fans attends : Suppose the typical Buffalo Bills fan has the following demand curve for Bills football games: P = 100 - 10G where G is the number of games the fans attends.
The president of hill enterprises terri hill projects : Her operations manager is considering a new plan, which begins in January with 200 units on hand. Stockout cost of lost sales is $100 per unit. - Evaluate this plan.
Federal claims on the contested income tax issues : Anna's 2013 individual tax return was examined and the IRS proposed changes resulting in additional tax. Anna wishes to bypass the IRS's appeal system and file a refund suit in the united states court of federal claims on the contested income tax iss..

Reviews

Write a Review

Computer Engineering Questions & Answers

  What type of procedures might a company put into place

What are some common steps and what type of procedures might a company put into place.

  Show the performance improvement over scalar pipeline

Show the performance improvement over scalar pipeline processing and no-pipeline processing, assuming an instruction cycle similar to figure 4.1 in the commentary, i.e.:

  Develop a detailed plan to secure the incident scene

Develop a detailed plan to approach and secure the incident scene based on the information you have from the scenario.

  Question1 add following 16-bit 2s complement numbers

question1 add following 16-bit 2s complement numbers represented in hex assume word size of computer is 16 bits - fe59

  Questionyour microsoft windows 2000-based office network

questionyour microsoft windows 2000-based office network has three domains- alpha beta and omega all in the similar

  How electricity usage file the amount of electricity

make an electricity usage report showing the customer number.

  Utilizing the dss-es-ess or intelligent systems

An American Company announced that it was interested in attaning a company in the health maintenance organization (HMO) field. Two decisions were included in this act: The decision to attain an HMO.

  Develop a charter for the rals rostering project

Analyse these risks, assign a risk to an appropriate member, and describe a strategy for the management of each specific risk - Define Scope and produce a Scope Management Plan - Develop a charter for the RALS Rostering project.

  Assess the impact of the internet on newspaper and book

q1. evaluate the impact of the internet on newspaper and book publishers using the value chain and competitive forces

  Find ability to emphasize the points on a list

PowerPoint gives users the ability to emphasize the points on a list with either numbers or bullets. Study the following statements, give a specific example where each would be more appropriate and justify your answers.

  Consider whether there should be a hard

normally , we use normalization techniques a database. using the bowen et al. (2004) article, discuss the disadvantages of normalizing the database to a high degree of normalization.

  Which is a method for copying a file or folder

Which of the following locations is not a valid place from that to delete a file and send it to the Recycle Bin.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd