User Account

All Pages

What is the ip address of the web server

Assignment Help Computer Engineering
Reference no: EM131260000

Analyzing Wireshark Capture

You ran Wireshark during one of the logins to the site and got the following capture, webadmin.pcap.  Download the pcap file in Kali and open it in Wireshark.  Use the information in it to fill in the blanks of the following:

What is the IP address of the web server? 

What page was accessed to login? 

To prove the lack of security, what was the username   and password used to login?

What HTTP-related protocol would you recommend that the company use to protect the username and password?

Setup for remainder of exam

For this exam you will need Kali installed in VirtualBox as well as Windows installed in VirtualBox. Note: if your host is Windows you could technically use that, but be aware that for this to work you will be doing things such as disabling firewall and installing tools like netcat etc. on Windows, which is why running it in VirtualBox is the suggested method.

To get a Windows 7 image to run in VirtualBox, go to https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ and download IE8 on Win 7 VirtualBox image.  Once you have downloaded the zip, unzip it (preferably with 7zip) to extract the owa file within.  You can them import that owa image into VirtualBox.

Run your Windows virtual machine.  Use the installed browser to download and then install Firefox and/or Chrome.

Turn off the Windows firewall on your Windows virtual machine.  This will ensure that Kali is able to see it.

Shutdown your Windows virtual machine.

Change the network settings of your Windows virtual machine

Select either Host-only (better) or Bridged adapter for the Networking setting of the Windows virtual machine.  Note: If using Host-only make sure that your Kali VM also has at least 1 network adapter set as Host-only network (shown in video from last class).

Then run both Kali and your Windows virtual machines.

Test that Kali can see your Windows machine and vice-versa using the ping command.

Open terminal/command shell in both Kali and Windows.  In Kali, type ifconfig to see its IP address.  On Windows, type ipconfig to see its IP address.  Now that you know the IP address of both machines you can test that each can see the other.

In the Kali terminal type ping IP-address-of-your-Windows-VM.  For example, if your Windows VM has the IP address of 192.168.1.7, you would type ping 192.168.1.7. Then do the opposite. Try pinging your Kali VM from your Windows VM using the cmd prompt in Windows.

Capture All Kali Work Using Script

Finally, like we did in the bandit assignment, you must capture all your Kali work using script.  Your log file must be named midterm.log and the corresponding timing file must be named midterm_timing.txt.  Remember to use the -a flag on script.  Also, if you are not completing everything in one session, use exit when you have finished a session, and re-run the script command again at the beginning of a new session.

Finding Files

You are going to need to transfer a few tools from Kali to Windows.  In the Kali terminal window, use the command shown in class to locate the Windows executables for sbd, netcat, and ncat.

Where is the Windows ncat executable located in Kali?

Transfer necessary files

1. Start the web server on your Kali VM.

2. Copy the Windows executable netcat and ncat files into the web server's root directory.

3. Make sure that the permissions on them are readable for all.

4. Fire up Wireshark on Kali and set a capture filter to only capture data between the IP of your Kali VM and the IP of your Windows VM.

5. Start the capture on the correct interface.

6. In your Windows VM open Firefox/Chrome and put in the IP address of your Kali VM followed by /sbd.exe to download the sbd.exe to your Windows VM. So for instance, if the IP address of my Kali VM was 192.168.1.13, in my Windows VM the address I would type into Firefox/Chrome would be https://192.168.1.13/ncat.exe

7. Now also download the Windows netcat executable in the same way.

8. Stop the Wireshark capture.  Make sure that your Wireshark capture shows the HTTP download of all the tools.

9. Save (as) the capture in the default pcap-ng format in a file named cats-download.pcapng.  Upload that file as a submission to this question.

Use netcat or ncat to transfer sbd

1. Again fire up Wireshark and capture only traffic between your Kali and Windows VM's.

2. Use either netcat or ncat to transfer the Windows executable for sbd from Kali to Windows.

3. Stop your Wireshark capture.

4. Save (as) the file as sbd-transfer.pcapng.

5. Upload sbd-transfer.pcapng here.

Attachment:- Assignment.rar

Reference no: EM131260000

Questions Cloud

Find a sphere with initial temperature a function of r only : a flat circular disk with sides held at 100?C with the flat surfaces insulated
Examine two aspect of teamwork training that change a person : Examine two aspects of teamwork training that change a person into a transformational leader. Justify your response.
What do we mean by change in accounting estimates : What do we mean by a change in accounting estimates? How is a change in accounting estimate different than a change in accounting principle? Why did the accounting profession choose to handle changes in estimates using the prospective approach instea..
What do we mean by a change in accounting principle : What do we mean by a change in accounting principle? Where are changes in accounting principle disclose on a company's annual report? How is the change reflected on a company's financial statements? The most noteworthy item on the income statement is..
What is the ip address of the web server : You ran Wireshark during one of the logins to the site and got the following capture, webadmin.pcap.  Download the pcap file in Kali and open it in Wireshark. Use the information in it to fill in the blanks of the following: What is the IP address..
Could the information in the documents be trade secrets : Wilchcombe was not paid, but was given credit on the album as a producer. After the album had sold 2 million copies, Wilchcombe filed a suit against LJESB, alleging copyright infringe- ment. The defendants claimed that they had a license to use th..
Number of games the fans attends : Suppose the typical Buffalo Bills fan has the following demand curve for Bills football games: P = 100 - 10G where G is the number of games the fans attends.
The president of hill enterprises terri hill projects : Her operations manager is considering a new plan, which begins in January with 200 units on hand. Stockout cost of lost sales is $100 per unit. - Evaluate this plan.
Federal claims on the contested income tax issues : Anna's 2013 individual tax return was examined and the IRS proposed changes resulting in additional tax. Anna wishes to bypass the IRS's appeal system and file a refund suit in the united states court of federal claims on the contested income tax iss..

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd