Академический Документы
Профессиональный Документы
Культура Документы
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 1/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
INDEX
Serial no Topic Remarks
1 What is Hacking?
2 Who is Hacker?
3 Type of Hacker
4 What is an IP Address?
5 Classes of IP
6 Kali Linux
7 List of Project Topic
Denial-of-service attack
(DOS Attack).
Site - Cloning
(Social Engineering Tool)
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 2/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
What is Hacking ?
The gaining of unauthorized access to data in a system or computer.
Who is a Hacker?
A Hacker is a person who finds and exploits the weakness in computer systems
and/or networks to gain access. Hackers are usually skilled computer
programmers with knowledge of computer security.Hackers are classified
according to the intent of their actions. The following list classifies hackers
according to their intent.
Types of Hackers
● Black Hat
Black hat hackers are normally responsible for creating malware, which is
frequently used to infiltrate computerized networks and systems. They’re
usually motivated by personal or financial gain, but can also participate in
espionage, protests, or merely enjoy the thrill. Black hat hackers can be anyone
from amateurs to highly experienced and knowledgeable individuals looking to
spread malware, steal private data, like login credentials, along with financial
and personal information. Upon accessing their targets and depending on their
motives, black hat hackers can either steal, manipulate, or destroy system data.
● White Hat
Also known as “ethical hackers,” they’re often employed or contracted by
companies and governmental entities, working as security specialists looking
for vulnerabilities. While they employ the same methods as black hat hackers,
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 3/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
they always have permission from the system’s owner, making their actions
completely legal. White hat hackers implement strategies like penetration
tests, monitor in-place security systems, along with vulnerability assessments.
Ethical hacking, the term used to describe the nature of a white hat hackers’
actions, can even be learned through independent sources, training,
conferences, and certifications.
● Grey Hat
As the name suggests, these individuals utilize aspects from black and white
hat hackers, but will usually seek out vulnerabilities in a system without an
owner’s permission or knowledge. While they’ll report any issues they
encounter to the owner, they’ll also request some sort of compensation or
incentive. Should the owner not respond or reject their proposition, a grey hat
hacker might exploit the newfound flaws. Grey hat hackers aren’t malicious by
nature, but do seek to have their efforts rewarded. Since grey hat hackers don’t
have permission to access the system by its owner, their actions are ultimately
considered illegal, despite any alarming findings they might reveal.
What is an IP Address ?
An IP address (internet protocol address) is a numerical representation that
uniquely identifies a specific interface on the network.
Addresses in IPv4 are 32-bits long. This allows for a maximum of
4,294,967,296 (232) unique addresses. Addresses in IPv6 are 128-bits, which
allows for 3.4 x 1038 (2128) unique addresses.
The total usable address pool of both versions is reduced by various reserved
addresses and other considerations.
IP addresses are binary numbers but are typically expressed in decimal form
(IPv4) or hexadecimal form (IPv6) to make reading and using them easier for
humans.
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 4/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
Classes of IP?
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 5/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
Class A
In a Class A network, the first eight bits, or the first dotted decimal, is the
network part of the address, with the remaining part of the address being the
host part of the address. There are 128 possible Class A networks.
0.0.0.0 to 127.0.0.0
However, any address that begins with 127. is considered a loopback address.
2.134.213.2
Class B
In a Class B network, the first 16 bits are the network part of the address. All
Class B networks have their first bit set to 1 and the second bit set to 0. In
dotted decimal notation, that makes 128.0.0.0 to 191.255.0.0 as Class B
networks. There are 16,384 possible Class B networks.
135.58.24.17
Class C
In a Class C network, the first two bits are set to 1, and the third bit is set to 0.
That makes the first 24 bits of the address the network address and the
remainder as the host address. Class C network addresses range from
192.0.0.0 to 223.255.255.0. There are over 2 million possible Class C networks.
192.168.178.1
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 6/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
Class D
Class D addresses are used for multicasting applications. Unlike the previous
classes, the Class D is not used for "normal" networking operations. Class D
addresses have their first three bits set to “1” and their fourth bit set to “0”.
Class D addresses are 32-bit network addresses, meaning that all the values
within the range of 224.0.0.0 – 239.255.255.255 are used to uniquely identify
multicast groups. There are no host addresses within the Class D address
space, since all the hosts within a group share the group’s IP address for
receiver purposes.
227.21.6.173
Class E
Class E networks are defined by having the first four network address bits as 1.
That encompasses addresses from 240.0.0.0 to 255.255.255.255. While this
class is reserved, its usage was never defined. As a result, most network
implementations discard these addresses as illegal or undefined. The exception
is 255.255.255.255, which is used as a broadcast address.
243.164.89.28
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 7/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
128. 0. 0. 0 = 10000000.00000000.00000000.00000000
191.255.255.255 = 10111111.11111111.11111111.11111111
10nnnnnn.nnnnnnnn.HHHHHHHH.HHHHHHHH
Class C
192. 0. 0. 0 = 11000000.00000000.00000000.00000000
223.255.255.255 = 11011111.11111111.11111111.11111111
110nnnnn.nnnnnnnn.nnnnnnnn.HHHHHHHH
Class D
224. 0. 0. 0 = 11100000.00000000.00000000.00000000
239.255.255.255 = 11101111.11111111.11111111.11111111
1110XXXX.XXXXXXXX.XXXXXXXX.XXXXXXXX
Class E
240. 0. 0. 0 = 11110000.00000000.00000000.00000000
255.255.255.255 = 11111111.11111111.11111111.11111111
1111XXXX.XXXXXXXX.XXXXXXXX.XXXXXXXX
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 8/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 9/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
4. Search synflood in metasploit by “search synflood”.
5. Once metasploit starts, type “use auxiliary/dos/tcp/synflood” to command
metasploit to prepare a synflood attack interface.
6. Now if we type “show options”, it should list the settings of the synflood
interface. Here, the RHOST and RPORT represents the target’s IP address
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 10/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
7. Now back in metasploit, once we have the IP address and port no. , type “set
RHOST xxx.xxx.xxx.xxx” and “set RPORT yourtarget’sportno”. This should
set the proper IP and port no. for the attack.
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 11/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 12/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 13/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 14/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
Site - Cloning (Social Engineering Tool)
1. At first open Social Engineering Tool(SET) from application menu of
kali.
2. Then select Social Engineering Attacks
3. Then use Credential Harvester Attack Meathod.
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 15/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
4. Then use Site cloner.
5. Paste the IP of the router from ifconfig .
6. After that paste it on browser .
7. Let the victim type its user id and password.
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 16/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 17/18
1/10/2019 NATIONAL INSTITUTE FOR INDUSTRIAL TRAINING FINAL - Google Docs
CONCLUSION
I have arrived at the conclusion of my journey into several penetration
future.
Learning and mastering Kali Linux for penetration testing not only
provides us with a great set of tools to use but, as they are all open
-----------------Thank You-----------------
https://docs.google.com/document/d/1mxu-_QsD0HzTBEcujutGV3P5dKc1e2Lmz4TUqvqfA34/edit 18/18