HSqfNdqh

1Information System Management Final Journal
2Practical 1
3Aim : WORKING WITH SNIFFERS FOR MONITORING NETWORK CONNECTION TOOL:-Wireshark
4
51.  Browse some webpage and note the following
6GET request
7o Host
8o User-Agent
9o Accepts
10o cookie
11
12Scan by ip address
13ip.addr==192.168.3.4
14
15http.request.method==GET
162. Find the TCP UDP Packets information in transmission.Also follow TCP stream.
17
18Tcp.port==80||udp.port==80
193. Use Wireshark Filter Expression to display the following
20A.URL’s containing substring “google”( http.request.uri contains "google")
21
22
23http.host contains “aavtrain”
24D. Requests to the host 
25
26C.Response corresponding to attempt to visit an inexistent page
27
28http.response.code==404
29
30
31
32
33D. Packet with content of gif image and Apache server (Use Logical Operators)
34Start Apache server and browse localhost:8080/index.jsp
35(http.content_type =="image/gif" ||  http.server contains "Apache")
36
37
38
39
40
41
42
43
44http.content_type==”image/gif”||http.server contains “Apache”
45
46
47
48E.Response is OK
49
50http.response.code==200
51
52
534.Try to trace the tcp/ip Packet with incorrect or correct header checksum calculation
54Ip.checksum_bad==1
55
56
57
58
59
60
61
62
63
64
65
66
67
68Make the error go away with following steps
69Disable IP checksum validation as follows:
70 Under the “Edit” menu, click “Preferences”
71 Under “Protocols” look for “IPv4”.
72 Uncheck the box for “Validate the IPv4 checksum if possible”
73ï‚· Apply the settings
74
75
76
77
785. Visit some website and search your machines IP using filter and find the DNS
79requests and responses to the website. Browse the http details of the packets.
80Dns and ip.src==192.168.10.129
81
82
83Practical no. 2
84Zenmap
85Ques 1 - Scan the website "scanme.nmap.org"
86
87
88
89
90Ques 2 - Running 2 scans simultaneously
91 
92Ques 3 - Open Ports
93
94
95Ques 4- Examine Topology Tab and observe the results by bringing hosts to the center
96
97
98Ques 5 - Display only Http services
99
100Ques 6- Compare the scan results of both the scans mentioned above
101
102
103
104
105
106
107
108
109
110
111
112
113Practical 3
114Execute on client and server
115Open cmd and go to the directory where u saved the java file
116set path = “c/progfiles/java/jdk/bin path”;
117javac TcpClient.java
118java TcpClient
119
120
121TcpClient.java
122import java.net.*;
123import java.io.*;
124
125public class TcpClient
126{
127public static void main(String arg[]) throws Exception
128{
129System.out.println("CLIENT");
130byte b[]=new byte[1000];
131Socket s1=new Socket("192.168.2.61",9000);
132System.out.println("Server Found");
133
134InputStream is=s1.getInputStream();
135
136BufferedReader br=new BufferedReader(new InputStreamReader(is));
137System.out.println(br.readLine());
138OutputStream os=s1.getOutputStream();
139System.in.read(b,0,1000);
140os.write(b);
141}
142}
143
144TcpServer.java
145
146import java.net.*;
147import java.io.*;
148
149public class TcpServer
150{
151public static void main(String arg[]) throws Exception
152{
153OutputStream os;
154System.out.println("SERVER");
155ServerSocket ss=new ServerSocket(9000);
156Socket s1=ss.accept();
157os=s1.getOutputStream();
158byte b[]=new byte[1000];
159System.out.println("Client Connected .");
160System.out.println("Enter ur message .");
161System.in.read(b,0,b.length);
162os.write(b);
163InputStream is=s1.getInputStream();
164BufferedReader br=new BufferedReader(new InputStreamReader(is));
165System.out.println(br.readLine());
166}
167
168
169
170
171
172
173Practical 4
174
175UDPClient.java
176import java.io.*;
177import java.net.*;
178
179class UDPClient
180{
181   public static void main(String args[]) throws Exception
182   {
183      BufferedReader inFromUser =
184         new BufferedReader(new InputStreamReader(System.in));
185      DatagramSocket clientSocket = new DatagramSocket();
186      InetAddress IPAddress = InetAddress.getByName("192.168.2.61");
187      byte[] sendData = new byte[64];
188      byte[] receiveData = new byte[64];
189      System.out.print("Enter Your Message:");
190      String sentence = inFromUser.readLine();
191      sendData = sentence.getBytes();
192      DatagramPacket sendPacket = new DatagramPacket(sendData, sendData.length, IPAddress, 9876);
193      clientSocket.send(sendPacket);
194      DatagramPacket receivePacket = new DatagramPacket(receiveData, receiveData.length);
195      clientSocket.receive(receivePacket);
196      String modifiedSentence = new String(receivePacket.getData());
197      System.out.println("FROM SERVER:" + modifiedSentence);
198      clientSocket.close();
199   }
200}
201UDPServer.java
202	import java.io.*;
203import java.net.*;
204
205class UDPServer
206{
207   public static void main(String args[]) throws Exception
208      {
209         DatagramSocket serverSocket = new DatagramSocket(9876);
210        BufferedReader inFromUser =
211         new BufferedReader(new InputStreamReader(System.in));
212         System.out.println("Server Started.......... ");
213            byte[] receiveData = new byte[64];
214            byte[] sendData = new byte[64];
215         while(true)
216               {
217                  
218DatagramPacket receivePacket = new DatagramPacket(receiveData, receiveData.length);
219                  serverSocket.receive(receivePacket);
220                  String sentence = new String( receivePacket.getData());
221                  System.out.println("From client: " + sentence);
222                  InetAddress IPAddress = receivePacket.getAddress();
223                  int port = receivePacket.getPort();
224                 System.out.print("Enter Your message: ");
225 String sentence1 = inFromUser.readLine();
226                 sendData = sentence1.getBytes();               
227                  DatagramPacket sendPacket = new DatagramPacket(sendData, sendData.length, IPAddress, port);
228                  serverSocket.send(sendPacket);
229               }
230      }
231}	
232
233
234
235
236
237Practical 5
238IPTables
239Iptables is a firewall, installed by default on all official Ubuntu distributions (Ubuntu, Kubuntu, Xubuntu). When you install Ubuntu, iptables is there, but it allows all traffic by default. Ubuntu 8.04 Comes with ufw - a program for managing the iptables firewall easily.
240There is a wealth of information available about iptables, but much of it is fairly complex, and if you want to do a few basic things, this How To is for you.
241
242sudo iptables -L
243
244
245Allowing Established Sessions
246We can allow established sessions to receive traffic:
247sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2481.The above rule has no spaces either side of the comma in ESTABLISHED,RELATED
249If the line above doesn't work, you may be on a castrated VPS whose provider has not made available the extension, in which case an inferior version can be used as last resort:
250sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
251Allowing Incoming Traffic on Specific Ports
252You could start by blocking traffic, but you might be working over SSH, where you would need to allow SSH before blocking everything else.
253To allow incoming traffic on the default SSH port (22), you could tell iptables to allow all TCP traffic on that port to come in.
254sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT
255Referring back to the list above, you can see that this tells iptables:
2561.append this rule to the input chain (-A INPUT) so we look at incoming traffic
2572.check to see if it is TCP (-p tcp). 
2583.if so, check to see if the input goes to the SSH port (--dport ssh).
2594.if so, accept the input (-j ACCEPT).
260
261
262sudo iptables -L
263
264
265sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
266
267
268
269
270Blocking Traffic
271Once a decision is made to accept a packet, no more rules affect it. As our rules allowing ssh and web traffic come first, as long as our rule to block all traffic comes after them, we can still accept the traffic we want. All we need to do is put the rule to block all traffic at the end.
272sudo iptables -A INPUT -j DROP
273sudo iptables -L
274
275
276Editing iptables
277The only problem with our setup so far is that even the loopback port is blocked. We could have written the drop rule for just eth0 by specifying -i eth0, but we could also add a rule for the loopback. If we append this rule, it will come too late - after all the traffic has been dropped. We need to insert this rule before that. Since this is a lot of traffic, we'll insert it as the first rule so it's processed first.
278sudo iptables -I INPUT 1 -i lo -j ACCEPT
279sudo iptables -L
280
281sudo iptables -L -v
282
283
284Logging
285In the above examples none of the traffic will be logged. If you would like to log dropped packets to syslog, this would be the quickest way:
286sudo iptables -I INPUT 5 -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
287
288
289
290
291
292
293
294
295
296Practical No.6
2971.Enter your name
298
299
300
301
302
303
304
305
306
307
308
309
310
3112.enter the email
312
313
314
3153.Enter passphrase
316
3174.Reenter  passphrase
318
319
320
321
322
323
324
325
326Key is generated
327
328
329
330
331
332
333
334
3355.Right click on the file and select  more GpgEx options and click on sign and encrypt.
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
3516.Select sign and encrypt
352
3537.Select the key  by clicking on it and  click on the add button so that it gets add in the bottom section
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372Practical 7
373AES DES
374AES
375import java.io.File;
376import java.io.FileInputStream;
377import java.io.FileOutputStream;
378import java.io.IOException;
379import java.security.InvalidKeyException;
380import java.security.Key;
381import java.security.NoSuchAlgorithmException;
382import java.util.Date;
383import javax.crypto.BadPaddingException;
384import javax.crypto.Cipher;
385import javax.crypto.IllegalBlockSizeException;
386import javax.crypto.NoSuchPaddingException;
387import javax.crypto.spec.SecretKeySpec;
388public class AesExample {
389static void fileProcessor(int cipherMode,String key,File inputFile,File outputFile){
390try {
391Key secretKey = new SecretKeySpec(key.getBytes(), "AES");
392Cipher cipher = Cipher.getInstance("AES");
393cipher.init(cipherMode, secretKey);
394FileInputStream inputStream = new FileInputStream(inputFile);
395byte[] inputBytes = new byte[(int) inputFile.length()];
396inputStream.read(inputBytes);
397byte[] outputBytes = cipher.doFinal(inputBytes);
398FileOutputStream outputStream = new FileOutputStream(outputFile);
399outputStream.write(outputBytes);
400
401inputStream.close();
402outputStream.close();
403} catch (NoSuchPaddingException | NoSuchAlgorithmException
404
405| InvalidKeyException | BadPaddingException
406| IllegalBlockSizeException | IOException e) {
407
408e.printStackTrace();
409}
410}
411public static void main(String[] args)
412{
413long beforeUsedMem=Runtime.getRuntime().totalMemory()-
414Runtime.getRuntime().freeMemory();
415long lStartTime = new Date().getTime();
416String key = "This is a secret";
417File inputFile = new File("text.txt");
418File encryptedFile = new File("text.encrypted");
419File decryptedFile = new File("decrypted-text.txt");
420try {
421AesExample.fileProcessor(Cipher.ENCRYPT_MODE,key,inputFile,encryptedFile);
422AesExample.fileProcessor(Cipher.DECRYPT_MODE,key,encryptedFile,decryptedFile);
423System.out.println("Sucess");
424} catch (Exception ex) {
425System.out.println(ex.getMessage());
426ex.printStackTrace();
427}
428long lEndTime = new Date().getTime();
429long difference = lEndTime - lStartTime;
430System.out.println("Elapsed milliseconds: " + difference);
431long afterUsedMem=Runtime.getRuntime().totalMemory()-
432Runtime.getRuntime().freeMemory();
433long actualMemUsed=afterUsedMem-beforeUsedMem;
434System.out.println("Memory used: " + actualMemUsed);
435}
436}
437Output:
438
439DES
440import java.io.FileInputStream;
441import java.io.FileOutputStream;
442import java.io.IOException;
443import java.io.InputStream;
444import java.io.OutputStream;
445import java.util.Date;
446import javax.crypto.Cipher;
447import javax.crypto.CipherInputStream;
448import javax.crypto.CipherOutputStream;
449import javax.crypto.SecretKey;
450import javax.crypto.SecretKeyFactory;
451import javax.crypto.spec.DESKeySpec;
452public class DesExample {
453public static void main(String[] args)
454{
455
456long beforeUsedMem=Runtime.getRuntime().totalMemory()-
457Runtime.getRuntime().freeMemory();
458long lStartTime = new Date().getTime();
459try
460{
461String key = "squirrel123"; // needs to be at least 8 characters for DES
462FileInputStream fis = new FileInputStream("text.txt");
463FileOutputStream fos = new FileOutputStream("encrypted.txt");
464encrypt(key, fis, fos);
465FileInputStream fis2 = new FileInputStream("encrypted.txt");
466FileOutputStream fos2 = new FileOutputStream("decrypted.txt");
467decrypt(key, fis2, fos2);
468System.out.println("Sucess");
469}
470catch (Throwable e)
471{
472e.printStackTrace();
473}
474long lEndTime = new Date().getTime();
475long difference = lEndTime - lStartTime;
476System.out.println("Elapsed milliseconds: " + difference);
477long afterUsedMem=Runtime.getRuntime().totalMemory()-
478Runtime.getRuntime().freeMemory();
479long actualMemUsed=afterUsedMem-beforeUsedMem;
480System.out.println("Memory used: " + actualMemUsed);
481}
482public static void encrypt(String key, InputStream is, OutputStream os) throws Throwable
483{
484encryptOrDecrypt(key, Cipher.ENCRYPT_MODE, is, os);
485}
486public static void decrypt(String key, InputStream is, OutputStream os) throws Throwable
487{
488
489encryptOrDecrypt(key, Cipher.DECRYPT_MODE, is, os);
490}
491public static void encryptOrDecrypt(String key, int mode, InputStream is, OutputStream os)
492throws Throwable
493{
494DESKeySpec dks = new DESKeySpec(key.getBytes());
495SecretKeyFactory skf = SecretKeyFactory.getInstance("DES");
496SecretKey desKey = skf.generateSecret(dks);
497Cipher cipher = Cipher.getInstance("DES"); // DES/ECB/PKCS5Padding for SunJCE
498if (mode == Cipher.ENCRYPT_MODE) {
499cipher.init(Cipher.ENCRYPT_MODE, desKey);
500CipherInputStream cis = new CipherInputStream(is, cipher);
501doCopy(cis, os);
502} else if (mode == Cipher.DECRYPT_MODE) {
503cipher.init(Cipher.DECRYPT_MODE, desKey);
504CipherOutputStream cos = new CipherOutputStream(os, cipher);
505doCopy(is, cos);
506}
507}
508public static void doCopy(InputStream is, OutputStream os) throws IOException
509{
510byte[] bytes = new byte[64];
511int numBytes;
512while ((numBytes = is.read(bytes)) != -1) {
513os.write(bytes, 0, numBytes);
514}
515os.flush();
516os.close();
517is.close();
518}
519}
520Output:
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538Practical 8
539HEAP OVERFLOW
540Memory on the heap is dynamically allocated by the application at run-time and typically contains
541program data.
542Steps
5431. Prepare a text file with following program and save it in home folder of ubuntu with heap.c extension     
544#include <stdio.h>
545#include<stdlib.h>
546#include<string.h>
547int main()
548{
549int diff,size = 3;
550char *buf1;
551char *buf2;
552buf1 = (char *)malloc(size);
553buf2 = (char *)malloc(size);
554buf1[0]='h';
555buf1[1]='i';
556buf1[2]='\0';
557if(buf1 == NULL || buf2 == NULL)
558{
559
560perror("malloc");
561exit(-1);
562
563}
564
565diff = (long)buf2 - (long)buf1;
566printf("buf1 = %p & buf2 = %p & diff %d\n",buf1,buf2,diff);
567memset(buf2,'2',size);
568printf("BEFORE: buf2 = %s\n",buf2);
569memset(buf1,'1',diff+3); /* We overwrite 3 chars */
570printf("AFTER: buf2 = %s\n",buf2);
571puts(buf1);
572return 0;
573}
574Program Explanation
575The heap memory pointers buf1 and buf2 are overwritten with other values using memset
576function. hence the address is changed and points to some other location
577After saving the C file.. open terminal and type
578gcc -oheap heap.c
579./heap