Complete Lab Programs1

7/27/2019 Complete Lab Programs1

1/51

EXPERIMENT NUMBER 1:

Working with Sniffers for monitoring network communication (Ethereal)

Procedure to show all the captured packets:

Step 1: Click on the icon that is provided the ethereal tool.

Step 2: Go to capture and then click on interface.

Step 3: A dialogue box with capture and prepare options with appear. Click on capture.

Step 4: Another dialogue box with a list of all various types of packets that are to be captured

within duration of time will be shown.

Step 5: Take a required duration say about 1 min to 10 min until some of the packets are

captured and then click on stop.

Step 6: A list of all the different packets that were captured in the required duration will be

obtained.

Step 7: Finally, save the file with same name and with a .cap extension.

Procedure to describe a particular packet in octail:



Step 3: A dialogue box with capture and prepare options with appear. Click on capture.






2/51


obtained.

Step 7: Right click on any of the packets and click on show packet in new window


Procedure to display the flow graph:



Step 3: A dialogue box with capture and prepare options will appear. Click on capture.






obtained.

Step 7: Now click on statistics and then on flow graphs to get the graphical representation of the

captured packets.



3/51

EXERIMENT NUMBER 2:

Understanding cryptographic algorithms and implementation the same in C

or C++

/*CEASER CIPHER */

#include

#include

#include

#include

void main()

{

int i,j,k,l,ct[30],n;

char pt[30],a[26]={ 'a','b','c','d','e','f','g','h','i','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z'};

clrscr();

printf("enter plain text :\n");

scanf("%s",&pt);

l=strlen(pt);

printf("enter the key:\n");

scanf("%d",&k);

for(i=0;i


4/51

{

ct[i]=(j+k)%26;

break;

}

}

}

printf("Encryption:\n");

printf("Cipher text is:\n");

for(i=0;i


5/51

n=ct[i];

printf("%c",a[n]);

}

getch();

}

TEXT DATA:

Example 1:

Enter Plain text :

college

Enter the key

23

Encryption:

Cipher text is:

ZLIIBDB

Decryption:

Plain text is:

college


6/51

/* TRANSPOSITION CIPHER */

# include

#include

#include

#include

#include

char alpha[26]={ 'a','b','c','d','e','f','g','h','i','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z'};

void main()

{

int row,i,j,k,len,l=0,y=0,x=0,n[20],min,count[20]={0};

float col;

char p11[50],p12[50],ci[50],key[20],mat[20][20],matbuf[20][20]={0};

clrscr();

printf("\n enter the plain text :");

scanf("%s",p11);

printf("\n enter the key:");

scanf("%s",key);

col=strlen(key);

row=ceil(strlen(p11/col));

x=strlen(p11)%strlen(key);

y=strlen(p11)-x;

l=strlen(p11);

len=strlen(p11);

for(i=0;i


7/51

{

p11[l]='d';

l++;

}

l=0;

for(i=0;i


8/51

count[j]=0;

for(i=0;in[i])

count[j]++;

}

}

printf("\n\n encryption \n\n \n");

for(i=0;i


9/51

{

for(k=0;k


10/51

for(j=0;j


11/51

Ansfer

Thousa

Hdrupe

Estojo esacco

Untadd

Decryption

Enter the cipher text

Jeantnceulrraeoodptespjedhssprtaafne fuuocdoanhdssn

Johpl

Easetr

Ansfer

Thousahdrupe

Estojo

Untddd

Obtained plaintext is:

John please transfer thousand rupes to joes account.


12/51


Using openssl for web server-browser communication

Write a program to implement tcp/tp client

#include

#include

#include

#include

#include

main()

{

char buf[200];

char *serv_ip=127.0.0.1;

int n;

int soctfd ,ret_val;

struct sockaddr_in servaddr;

sockfd=socket(AF_INET,SOCK_STREAM,0);

bzero(&servaddr,sizeof(servaddr));

servaddr.sin_family=AF_INET;

servaddr.sin_port=htons(8001);

inet_pton(AF_INET,serv_ip,&servaddr.sin_addr);

ret_val=connect(sockfd,(Struct sockaddr *) &servaddr,size of(servaddr));

if(ret_val


13/51

n=read(sockfd,buf,200);

buf[n]=\0;

printf(received %s from server\n,buf);close(sockfd);

}

TEST DATA

Enter data that you want to send the server WELCOME

Received goodbye from server


14/51

Write a program to implement tcp/ip server

#include#include

#include

#include

#include

main()

{

int listfd,connfd,retval;

pid_t childpid;

socklen_t clilen;

struct sockaddr_in.cliaddr,servaddr;

listfd=socket(AF_INET,SOCK_STREAM,0);

if(listfd


15/51

while(1)

{

char buf[200];pid_tp;

int n;

clilen=sizeof(cliaddr);

connfd=accept(listfd,(struct sock addr *) & cliaddr,&clilen);

printf(client conn);

p=fork();

if(p==0)

{

close(listfd);

n=read(connfd,buf,200);

buf[n]=\0;

printf( data read from client =%s \n,buf);

exit(0);

}

close(connfd);

}

}

TEST DATA

Client conn

Data read from client=WELCOME


16/51


Using PGP-GNU

Message sent from the same sender

C:\Program files\GNU\GNUPG>gpgversion

Gpg(GNUPG)1.4.9

Copyright(c) 2008 Free software foundation, Inc

License GPL v3+: GNU GPL version 3 or laterhttp://gnu.org/license/gpl.html

This is free software: you are free to change and redistribute it.

There is no warranty to the extent permitted by law.

Home: C:/Documents and settings/Administrator/Application Data/gnupg

Supported algorithms:

Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA

Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH

Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224

Compression: uncompressed, ZIP, ZLIB, BZIP2

C:\Program files\GNU\GNUPG>

C:\Program files\GNU\GNUPG>gpg- -gen-key

Gpg(GNUPG) 1.4.9



http://gnu.org/license/gpl.htmlhttp://gnu.org/license/gpl.htmlhttp://gnu.org/license/gpl.htmlhttp://gnu.org/license/gpl.htmlhttp://gnu.org/license/gpl.htmlhttp://gnu.org/license/gpl.htmlhttp://gnu.org/license/gpl.htmlhttp://gnu.org/license/gpl.html


17/51


Please select what kind of key you want:

1) DSA and Elgamal(default)2) DSA (sign only)3) RSA (sign only)Your selection?1

DSA keypair will have 1024 bits

ELG-E keys may be between 1024 and 4096 bits long

What keysize do you want?(2048)1024

Requested keysize is 1024 bits

Please specify how long the key should b valid

0 = key doest not expire

= key expires in n days

w = key expires in n weeks

m = key expires in n months

y = key expires in n years

key is valid for ?(0) 9

key expires at 04/10/09 14:37:27

Is this correct ?(Y/N) Y


18/51

Message sent from a sender to receiver


C:\Program files\GNU\GNUPG>gpg- -gen-key

Gpg(GNUPG)1.4.9





Please select what kind of key you want:

1) DSA and Elgamal(default)2) DSA (sign only)3) RSA (sign only)Your selection?1

DSA keypair will have 1024 bits

ELG-E keys may be between 1024 and 4096 bits long

What keysize do you want?(2048)1024

Requested keysize is 1024 bits

Please specify how long the key should b valid

0 = key doest not expire

= key expires in n days

w = key expires in n weeks
http://gnu.org/license/gpl.htmlhttp://gnu.org/license/gpl.htmlhttp://gnu.org/license/gpl.htmlhttp://gnu.org/license/gpl.html


19/51

m = key expires in n months

y = key expires in n years

key is valid for ?(0) 9

key expires at 04/10/09 14:47:36

Is this correct ?(Y/N) Y

You need a user ID to identify your key; the software constructs the user ID from the real Name,

Comment and Email Address in this form:

Heinrick Hein (derDitcher)

Real name: kiran

Email Address:[email protected]

Comment hello world

You selected this user ID: kiran(hello world)

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? 0

You need a passphrase to protect your secret key.

We need to generate a lot of random bytes. It is a good idea to perform some other action during

the prime generation: this gives the random number generator a better chance to gain entropy

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +> + +

+ + + + + + + + +> + + + + + + + +. . . . . . + + + +

We need to generate a lot of random bytes. It is a good idea to perform some other action during

the prime generation: this gives the random number generator a better chance to gain entropy

. + + + + + + + + + + + +.

gpg: key 1D5924EB marked as ultimately trusted public and secret key created and signed.
mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]


20/51

gpg: checking the trustdb.

gpg: depth:0 valid:5 signed:0 trust:0-, 0q, 0n, 0m, 0f, 5u.

gpg: next trustdb ckeckdue at 2009-04-10 pub 1024/1D5924EB 2009-04-01

[Expires: 2009-04-01]

Key fingerprint = D615 12FD C48F 652E CB73 5628 B870 C6C5 1D59 24EB

Uid: Kiran(hello world)[email protected]

Sub 1024/4F1C8D75 2009-04-01 [Expires: 2009-04-01]


Gpg: unchanged: 1


C:\Program files\GNU\GNUPG>gpg- -gen-key kalyani

Gpg(GNUPG)1.4.9





Secret key is available

Pub 1024D/5BC4A08F: created: 2009-04-01 expires:2009-04-10 usage: sc trust: ultimate

validity: ultimate.

Sub 1024g/1C02598B created: 2009-04-01 expires:2009-04-10 usage: E[ultimate]

1) kalyani(hello world)[email protected]
mailto:[email protected]:[email protected]:[email protected]://gnu.org/license/gpl.htmlhttp://gnu.org/license/gpl.htmlhttp://gnu.org/license/gpl.htmlmailto:[email protected]:[email protected]:[email protected]:[email protected]://gnu.org/license/gpl.htmlmailto:[email protected]


21/51

Please decide how far you trust this user to correctly verify other users keys.

1 = I dont know or wont say0

2 = I do not trust

3 = I trust marginally

4 = I trust fully

5 = I trust ultimately

m = back to main menu

Your decision ? 4

Pub 1024D/5BC4A08F: created: 2009-04-01 expires:2009-04-10 usage: sc trust: ultimate

validity: ultimate.

Sub 1024g/1C02598B created: 2009-04-01 expires:2009-04-10 usage: E[ultimate]

2) kalyani(hello world)[email protected] note that the shown key validity is not necessarily correct.

Command> ^c

C:\Program files\GNU\GNUPG>gpg- -recipient kalyani- - output

author.pgp - - encrypt author.txt

gpg: checking the trustdb.

gpg: marginal(s) nded, 1 complete (s) needed, PGP trust model.

gpg: depth:0 valid:5 signed:0 trust:0-, 0q, 0n, 0m, 0f, 5u.

gpg: next trustdb ckeckdue at 2009-04-10

gpg: 1C02598B: There is no assurance this key belongs to the named user
mailto:[email protected]:[email protected]:[email protected]:[email protected]


22/51

Pub 1024g/1C02598B created: 2009-04-01 kalyani(hello world 2)[email protected]

Primary key finger print: C1F1 4B6C 87DB 4464 7253 790F 9F1C 5A8E 5BC4 A08F

Subkey fingerprint : 8674 C498 3928 D581 C72C CF3A 55F1 9E5A 1C02 5928B

Its not certain that the key belongs to the person named in the user id. If you *really* know what

you are doing, you may answer the next question with yes.

Use this key anyway?(Y/N)Y.

gpg: cant open author.text: No such file or directory.

gpg: author.txt encryption failed: file open error.
mailto:[email protected]:[email protected]:[email protected]:[email protected]


23/51


Performance evalution of various cryptographic algorithms

# include

# include

#include

# define max 50

char

a[26]={a,b,c,d,e,f,g,h,i,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z};

void main()

{

int I,j,r1,r2,c1,c2,k,n,flg[26]={0};

char t,tmp,txt[max],pt[max],key[max],mt[5][5],cp[max];

clrscr();

printf(enter the plain text);

gets(txt);

printf(enter the key);

scanf(%s,key);

for(i=0;j=0;i


24/51

pt[j]=txt[i];

j++;

}

}

pt[j]=\0;

for(i=0;i


25/51

{

for(i=0;j=0;k=0;k


26/51

for(k=0;i


27/51

pt[i]=1;

for(j=0;j


28/51

else if(c1==c2)

{

r1++;

if(r1==5)

r1=0;

cp[i]=mt[r1][c1];

r2++;

if(r2==5)

r2=0;

cp[i+1]=mt[r2][c2];

}

else

{

cp[i]=mt[r1][c1];

cp[i+1]=mt[r2][c2];

}

}

cp[i]=\0;

printf(\n encrypted text is:);

for(i=0;i


29/51

TEST DATA

i/p

Enter the plain text: balloon

Enter the key: monarchy

o/p

matrix is : monar

chu bcl

cfgik

iqst

uvwxz

Encryption:

The Encryption cipher text is:ibsupmna


30/51


Performance Evaluation of Various Cryptography Algorithms

#include

#include

#include

#define MAX 50

char a[26] = {a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,

p,q,r,s,t,u,v,w,x,y,z};

void main()

{

int i,j,r1,r2,c1,c2,k,n,flg[26] = {0};

char t, tmp, txt[max], pt[max], key[max], mt[5][5], cp[max];

clrscr();

printf(enter the plain text:);

gets(txt);

printf(enter the key:);

scanf(%s,key);

for(i=0;j=0;i


31/51

}

}

pt[j] = '\0';

for(i=0;i


32/51

{

if(j


33/51

n=key[k];

n=97;

flg[n]=1;

}

}

for(k=0;i


34/51

printf("%c",mt[i][j]);

printf("\n");

}

printf("encryption \n");

for(i=0;i


35/51

if(c1==5)

c1=0;

cp[i]=mt[r1][c1];

c2++;

if(c2==5)

c2=0;

cp[i+1]=mt[r2][c2];

}

elseif(c1==c2)

{

r1++;

if(r1==5)

r1=0;

cp[i]=mt[r1][c1];

r2++;

if(r2==5)

r2=0;

cp[i+1]=mt[r2][c2];

}

else

{

cp[i]=mt[r1][c1];

cp[i+1]=mt[r2][c2];

}


36/51

}

cp[i]='\0';

printf("\n encrypted text is :");

for(I=0;I


37/51


Understanding the buffer overflow and format string attacks

#include

#include

#include

void main()

{

int i=0,j=0,k=0;

char str[100],buf[10]={'\0'},xtra[50]={'\0'};

//clrscr();

printf("\nenter the string less than 10 char\n");

scanf("%s",str);

if(strlen(str)


38/51

k++;

}

printf("overflow data is%s\n",xtra);

}

getch();

}

TEST DATA

Input: enter the string less than 10 char

abcdefgh

Output: the given input doesnot result in overflow

Input: enter the string less than 10 char

abcdefghijklm

Output: data in buffer is abcdefghij

overflow data isk


39/51


String Attacks

#include

#include

void main()

{

int i=20;

int j=40;

int k=60;

clrscr();

printf(top of the stack=%i);

getch();

}

TEST DATA

Top of the stack=60


40/51


Using NMAP for ports Monitoring

NMAP(Network Mapper ) developed by Fyodor is an open source tool for network exploration

and security auditing .was designed to rapidly scan large networks, although it works fine against

single hosts. NMAP uses raw IP packets in novel ways for information gathering, while NMAP

is commonly used for security audits, many systems and networks administrators find it useful

for routine tasks such as network inventory, managing service upgrade schedules and monitoring

hosts.

Scans availability through NMAP

Scan Type Option

TCP connect()

Scan-sT

The most basic form of scanning this opens a

connection to every potentially interesting port

on the target machine.

TCP SYN Scan -sS

The half-open scan .this scan sends a TCP

SYN Packet as through it is trying to open the

Connection. If it receives a SYN-ACK

response, it sends an immediate RST to shut

down the connection.

Stealth FIN -sF

This scan attempts to pass through packet

filters by sending a TCP FIN packet.

X-Mas Tree -sX


filters by sending a packet with out any flags

turned on. Packet with FIN,URG and PUSH

flags etc.

NULL -sN


filters by sending a packet without any flags

turned on.

Ping -sP

This limits the scan to only conducting a ping

sweep to look for connected systems. It doesnot do port scans.

USP scan -sUThis sends 0 byte USP packets to each port on

the target machine(s).

ACK scan sA

This scan used to help check packet filters an

ACK packet with random acknowledgement

and sequence numbers is sent. If nothing is


41/51

returned the port is marked as filtered.

List scan -sL Simply lists targets to scan.

FTP bounce scan -b

This scan relives a historical foible of FTP

servers. Older FTP servers were able to srve

bounced FTP sessions; this is, they connected

to another host to deliver data to you.

By providing a relay host in the format

Username; password @ server: port, you can

use this FTP bounce (mis) feature to scan port

that might otherwise be protected.

In addition to the types of scans that NMAP can run a number of options modify its behavior.

These options include timing, target identification; o/p and others. Some of the more useful

options are shown in following table.

Option Description

-PO Tells NMAP not to ping hosts before scanning

-fCauses NMAP to fragment its scanning packets, making it more

difficult to block the scan with packet filters.

-vputs NMAP into verbose mode causing it to display much more

information about what its doing.

ON Writes o/p into a human readable log file.

OM Writes o/p to a machine-parseable log file.

--resume Resumes an incomplete scan from a log file.

-iLCauses NMAP to read I/P from a log file instead of really scanning

a host.

-g Allows you to define the port NMAP uses as its source port.

-p

Allows you to define the range of ports NMAP will scan. If no

range is given, NMAP will scan all the ports listed in its own

services file. A range of ports can be given in the following format:-

p20-30, 79, 6000-6010.

Operating System Detection:

Allows the user to use TCP/IP finger printing to determine the operating system of the

remote host NMAP command line prompt:


42/51

C:\nmap>nmap-0www.hackingmobilephones.com

Is nmap good or Evil?

A tool as powerful as namp can be a double-edged sword. At least one internet-

related reference to nmap describes it as a hacking tool, and technology purists who dont

consider the word hack to be a four letter word would certainty agree with this description. It is

unformatting that the term hacker has been used incorrectly so often in main stream society.

These uninformed connotations of hacking have overshadowed the original meaning of the word

and altered it in horribly negative ways true hacking is about the pursuit of technology, not about

illegal or inappropriate technology subversions.

The bad guys are already using nmap for reconnaissance, because a single scan tells

you a lot about the open and windows in a computers house. What the bad guys do once they

have this information is why they are called bad guys.

The good guys are using nmap to make their network safer. The network management

team uses nmap to identify unknown IP address that appears in reports or in a network analysis

trace. The security team uses nmap to scan the extent of a spyware infestation.

Typical uses of NMAP:

Auditing the security of a computer by identifying the network connections which can bemade to it.

Identifying open ports on a target computer in preparation for auditing. Network inventory, maintenance and asset management. Auditing the security of a network, by identifying unexpected new servers.
http://www.hackingmobilephones.com/http://www.hackingmobilephones.com/http://www.hackingmobilephones.com/http://www.hackingmobilephones.com/


43/51


RSA Algorithm

#include

#include

#include

void main()

{

int p,q,fi,n,e,o,i,d;

int temp[10],j=0;

long int c,m,t1,t2;

clrscr();

printf(enter any 2 different prime nos);

scanf(%d%d,&p,&q);

n=p*q;

fi=(p-1)*(q-1);

for(i=2;i


44/51

printf(\n select any 1 of below values\n);

for(i=0;i


45/51

printf(%d,n);

printf(});

printf(/n);

printf(/n enter plain text);

scanf(%id,&m);

t1=pow(m,e);

c=t1%n;

printf(/n cipher text:);

printf(%id,c);

t2=pow(c,d);

printf(/n);

m=t2%n;

printf(/n plain text:);

printf(%id,m);

getch();

}

TEST DATA:

Enter any 2 different prime nos: 3 5

Select any one of the below values

3567

1


46/51

Public key ku: {1,15}

Private key kp: {9,15}

Enter plain text: 12

Cipher text 4d

Plain text 4d


47/51

EXPERIMENT NUMBER 11

Diffie Hellman Key Exchange Algorithm

#include

#include

#include

void main()

{

int q,alp,xa,xb,ka,kb;

long int temp,ya,yb;

clrscr();

printf(\n enterthe values of q& alpha);

scanf(%d%d,&q,&alp);

printf(\n enter the private keys for A and B);

scanf(%d%d, &xa,&xb);

temp=pow(alp,xa);

ya=temp%q;

temp=pow(alp,xb);

yb=temp%q;

temp=pow(yb,xa);

ka=temp%q:

temp=pow(ya,xb);

kb=temp%q;

printf(/n the keys ka and kb are %d%d,ka ,kb);

if(ka==kb)


48/51

printf(/n keys are exchanged successfully);

else

printf(/n keys are not exchanged successfully);

getch():

}

TEST DATA

enter the values of q & alpha: 2 2

enter the private keys for A & B: 4 2

the keys ka and kb are 00

keys are exchanged successfully


49/51

EXPERIMENT NUMBER 12

DES Algorithm

#include

#include

main()

{

char p[100];

char

a[26]={a,b,c,d,e,f,g,h,I,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z};

char b[25];

int k,I,j,h,c,flag,l;

clrscr();

printf(enter the no of charcters in the plain text);

scanf(%d,&h);

printf(enter the key value range between 0 and 25);

scanf(%d,&k);

printf(enter the values for plain text);

for(i=0;i


50/51

scanf(%c,&p[i]);

}

i=0;

for(j=k;j


51/51

TEST DATA

enter the no of charcters in the plain text:7

enter the key value range between 0 and 25:3

enter the values for plain text:vignesh

the cipher text is: yliqhvk