Scribd
Upload
9 views

CSS lab manual printout

The document provides a Java code example for hashing a password using MD5 and demonstrates the use of the traceroute and nslookup utilities for network diagnostics. It also highlights the installation of Nmap for network scanning and discusses SQL injection vulnerabilities in a sample authentication script. The document includes various command-line options and examples for configuring response times, TTL values, and performing OS detection.

Uploaded by

vaishnavlagad912
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
9 views

CSS lab manual printout

The document provides a Java code example for hashing a password using MD5 and demonstrates the use of the traceroute and nslookup utilities for network diagnostics. It also highlights the installation of Nmap for network scanning and discusses SQL injection vulnerabilities in a sample authentication script. The document includes various command-line options and examples for configuring response times, TTL values, and performing OS detection.

Uploaded by

vaishnavlagad912
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

Sourcc Code:

import java.security.MessageDigest;

import
java.security.NoSuchAlgorithmExceptio
n; import java.security.SecureRandom;
public class SimpleMD5Exarnple

public static void main(String[] args)

String passwordToHash =
"password"; String
generatedPassword = null; try
{
// Create MessageDigest instance for MD5
// for hashing using MD5 can be replaced by SHAI in following line
MessageDigest md = MessageDigest.getInstance("MD5");
//Add password bytes to digest
md.update(passwordToHash.getByt
es()); //Get the hash's

byte[] bytes = md.digest();


//This bytes[] has bytes in decimal format;
//Convert it to hexadecimal format
StringBuilder sb = new StringBuilder(); for(int i=O; i< bytes.length ;i++)

sb.append(Integer.toString((bytes[i] & Oxff) + Ox 100, 16).substring(1));


//Get complete hashed password in hex format
generatedPassword = sb.toString();

catch (NoSuchAlgorithmException e)
e.printStackTrace();
System.out.println(generatedPassword);

Output
The message digest produced as output is A, B, C, D. That is, we begin with the low order byte of A, and
End with the highorder byte of D.
1. Configure Response Wait Time
The -w option expects a value which the utility will take as the response time to
wait for.
In this example, the wait time is 0.1 seconds and the traceroute utility was
traceroute unable to waitfor any and it printed all the *'s.
google.com -w 0.1 traceroute to google.com
(74.125.236.101), 30 hops max, 60 byte
***

29 * * *

The traceroute utility sends 3 packets per hop to provide 3 round trip times. This default value of 3 is
configurable using the option _-q'. This option expects an integer which itsets as new value of number of
probes per hop.

S tracerou(e google.com -q 5 traceroute to google.com (173.194.36.46), 30 hops


max, 60 byte packets
1 220.224.141.129 (220.224.141.129) 91.579 ms 91.497 ms 91.458 ms 91.422 ms 91.385 ms
2 1 15.255.239.65 (1 15.255.239.65) 91.356 ms 91.325 ms 98.868 ms 98.848 ms 98.829ms

3 124.124.251.245 (124.124.251.245) 94.581 ms 107.083 ms 107.044 ms 107.017 ms106.981 ms


4 1 15.255.239.45 (1 15.255.239.45) 106.948 ms 106.918 ms 144.432 ms 144.412 ms144.392 ms
5 72.14.212.118 (72.14.212.118) 1 15.565 ms 115.485 ms 115.446 ms 115.408 msl 15.381 ms
6 72.14.232.202 (72.14.232.202) 115.35 ms 87.232 ms 117.157 ms 117.123msl 17.049msConfiguring
Your /etc/hosts File
7 209.85.241.189 (209.85.241.189) 126.998 ms 126.973 ms 126.950 ms 126.929 ms126.912 ms

8 bom04s02-in-fl4.1e100.net (173.194.36.46) 126.889 ms 95.526 ms 95.450 ms95.418 ms


105.392 ms
Configure TTL value to start with
By default its value is I which means it starts off with the first router in the path but usingthe _-r
option (which expects the new value of TTL) a new value of the TTL field

google.com to google.com (74.125.236.132), 30 hops


max, 60 byte
1 220.224.141.129 (220.224.141.129) 89.181 ms 101.540 ms

2 115.255.239.65 (115.255.239.65) 101.468 ms 101.431 ms 101.324 ms


3 124,124.251.245 (124.124.251.245) 121.373 ms 121.350 ms 158.694 ms
4 115.255.239.45 (115.255.239.45) 101.223 ms 141.135 ms 123.932 ms
5 72.14.212.1 18 (72.14.212.1 18) 123.867 ms 123.832 ms 123.802 ms
6 72.14.232.202 (72.14.232.202) 123.773 ms 123.742 ms 587.812 ms
7 216.239.48.179(216.239.48.179) 587.723ms 587.681 ms 587.642 ms
8 bom03s02-in-f4. OO.net (74.125.236.132) 577.548 ms 577.524 ms 587.512 ms
S traceroutc google.com -f 8 traceroute to google.com (74.125.236.129), 30 hops max, 60 byte
packets8 bom03s02-infl. leiOO.net (74.125.236.129) 96.961 ms 96.886 ms 96.849 ms

2. nslookup :
The nslookup command is used to query internet name servers interactively forinformation.
nslookup, which stands for "name server lookup", is a useful tool for finding outinformation about
a named domain.By default, nslookup will translate a domain name to an IP address (or vice versa).
Forinstance, to find out what the IP address of microsoft.com is, you could run the command:

nslookup Inicrosott.com
...and you would receive a response like this:
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name:
microsoft.com Address:
134.170.185.46
Name: microsoft.com Address:
134.170.188.221
Installation ofNmap:

$ sudo apt-get install nmap

tsuool Tor
try arrv. try
Sudoi paas•rd Tar

be state REN tntarættan.•,. eon•be

eed to gee te
Uttei•thli

t.ar» tn (Zee
cuetantiv roe"'tng

nmap -SP 10.0.0.0/24

Ping scans the network, listing machines that respond to ping.

-O (Enable OS detection)
Enables OS detection, as discussed above. Alternatively, you can use -A to enable
OS detection along with other things.
starttnø S.2t at Zøü.02-Ü.i6:zo Nnap sc.n
report for 192.
,Htst Is up (e.eODb16s lateney)J
1660 seamed ports on 'are eloSed
co nany fingerprints natch this host to glye"$peetfié OS details
Otstamce; e bops os detection Frfornede "pore ony tnnap done: i XP
(1 sudo up) scanned •A tn 2.1? seeoås
Starting 5.21 ( http:/lnnap.orø ) at .2DiT-D2;n
'Imp report ton 192.168-4,144 ost ts OD
te.6#917s tatency).•
'±catltæd ports nany fingerprints match thts host to
specific OS details
"*tugrk Discarwev hops
OS and servtee detectton perrorned. Ptea" repen any Incorrect resuLts at tittpt
nnøp oddress (i host up) seanned seconds

-so (IP protocol scan)


IP protocol scan allows you to determine which IP protocols (TCP, ICMP, IGNTP, etc.) are
supported by target machines. This isn't technically a port scan, since it cycles through
IP protocol numbers rather than TCP or UDP port numbers.
The following server-side pseudo-code is used to authenticate users to the web application. # Define POST
variables
uname = request.POST['username'] passwd = request['password'.POST]

# SQL query vulnerable to SQLi

sql = —SELECT id FROM users WEERE username=' Il + uname + AND Il + passwd +

# Execute the SQL statement


database.execute(sql)

The above script is a simple example of authenticating a user with a username and a password against a database
with a table named users, and a username and password column.

The above script is vulnerable to SQL injection because an attacker could submit malicious input in such a way
that would alter the SQL statement being executed by the database server.

A simple example of an SQL injection payload could be something as simple as setting the password field to
password' OR 1=1.

This would result in the following SQL query being run against the database server.

SELECT id FROM users WHERE username='username' AND password='password' OR 1=1 '


An attacker can also comment out the rest of the SQL statement to control the execution of the SQL query further.

MySQL, MSSQL, Oracle, PostgreSQL,


SQLite ' OR '1'='1' --

- MySQL
1=8 1'

#
' OR '1
-- Access (using null characters)
OR '1'='1' 0/000' OR '1'='1' 0/016

You might also like