CYBR 525 – Week 5 Assignment

Name:

Instructions: Complete one of the exercises below.

PowerShell Exercise

Note: You need to complete this exercise on a Windows system.

Read the Microsoft PowerShell Tutorial found in the weekly assignments.

Run PowerShell console. Review the following commands and run them from the console. If the command scrolls, you can use ‘| more’ to restrict the output to one page at a time. Under each command, include a screenshot and an explanation of what information is provided by the command.

Get-Help

Get-Command

Get-Host

Alias

Get-ChildItem env:

echo Hello $env:username

Redirecting output to a file is a method of saving information provided by a shell command. There are two methods to do this in PowerShell:

Bellevue UniversityCYBR 5251

Use the Out-File cmdlet as in ‘ | Out-File C:filename.txt’

To overwrite a file use ‘ > filename ’. To append to an existing file use ‘ >> filename ’.

Re-run the ‘ Get–ChildItem env: ‘ cmdlet and output to a file. Show the results below and explain the benefit as part of system testing.

Run PowerShell ISE. Create a script that does the following:

Starts with a comment explaining the script. Include your name, class and date.

Print a line greeting the user. To do this, you can use the following command: echo Hello $env:username

Outputs the system information to a file in your home folder.

Get-ChildItem env: > $HOMEsysteminfo.txt

Output all of the users on the PC to a file in your home folder.

Get-WmiObject –Class Win32_UserAccount | Out-File $HOMEUserAccounts.txt

Include one additional PowerShell command of your choice. Include a description of the command in your explanation.

Show the history of all the commands you have typed.

Save your script in your home folder and run it. Confirm it completes successfully.

Include your script with this exercise.

Provide an explanation of your script and the output it provides. Include how it could be used by system testers.

Bellevue UniversityCYBR 5252

PERL Exercise

The instructions are for Windows, but it can be completed on Linux as well.

Complete Activity 7-4, pages 178-179 in your textbook.

You can Kali Linux as presented in the exercise or your chosen Linux distribution and editor of choice.

If you need more information about programming in Perl, refer to the online book by Simon Cozens, Beginning Perl available at http://www.perl.org/books/beginning-perl/.

Once you get the initial program running, copy and paste the output here:

Complete Activity 7-6, pages 190-194. For this exercise you will be using activeperl in Windows. You can either install activeperl on your own system following the directions in the book or use the virtual environment which has activeperl already installed. If you use the virtual environment you can start on step 10. Regardless of the step you start on don’t go past step 18. Once you have the program running, select an additional Win32 API function from the table of page 189.

Copy and paste the output here:

Explain in 2-3 paragraphs how PERL could be used by security penetration testers. Include at least two examples.

Based on your experience with PERL, what would be the minimum functions you’d include to get the most useful information about the system upon which this script would be run?

Bellevue UniversityCYBR 5253

Linux Bash Shell Exercise

Note: You will need to run a Linux Operating System in a virtual environment in order to complete this exercise.

Read the Linux Bash shell scripting Tutorials found in the weekly assignments.

Start a Linux operating system of your choice (Ubuntu, Fedora, CentOS, Linux MINT, etc.). Review the following commands and run them from the terminal. If the command scrolls, you can use ‘| more’ to restrict the output to one page at a time. Under each command, include a screenshot and an explanation of what information is provided by the command.

man man

man -?

uname -a

Alias

env

cat /etc/passwd

ls -la

echo Hello $USER

Bellevue UniversityCYBR 5254

Redirecting output to a file is a method of saving information provided by a shell command. To overwrite a file use ‘ > filename ’. To append to an existing file use ‘ >> filename ’.

Re-run the ‘env‘ command and output to a file. Show the results below and explain the benefit as part of system testing.

Explain the differences between the following methods of viewing / editing files: more, less, cat, gedit, and vi.

Create a shell script that does the following:

Starts with a comment explaining the script. Include your name, class and date.

Print a line greeting the user. To do this, you can use the following command: echo Hello $USER

Outputs the system information to a file in your home folder.

env > $HOME/systeminfo.txt

Output all of the users on the PC to a file in your home folder.

cat /etc/passwd > $HOME/UserAccounts.txt

Include one additional shell command of your choice. Include a description of the command in your explanation.

Save your script in your home folder and run it. [Note1: To run a shell script, you may need to .include the local path (e.g., ./script).] Confirm it completes successfully. [Note2: When you create a shell script in Linux, you need to ensure the permissions are set to be able to execute it. See the chmod command for more information.]

Include your script with this exercise.

Provide an explanation of your script and the output it provides. Include how

Bellevue UniversityCYBR 5255

it could be used by system testers.

Bellevue UniversityCYBR 5256

Python Exercise

Note: Complete this exercise on the Kali system in the virtual environment.

In this exercise you will write a short python script to execute a port scan of a target you select.

Open up a terminal window and type ‘gedit scan.py’ this will start the gedit text editor where you will write this script and create a new file called scan.py. Feel free to use another editor of your choice as desired.

Enter the following code in the editor. Use the tab key for indents, python uses indents for code blocking and code in the same block must be aligned the same.

#!/usr/bin/env python3

from socket import *
import time

startTime = time.time()

target = input (‘Enter the IP of the host to be scanned: ‘)
low_port = int(input (‘Enter the low port to scan: ‘))
high_port = int(input (‘Enter the high port to scan: ‘))
print (‘Scanning ‘, target)

for p in range (low_port, high_port):
s = socket(AF_INET, SOCK_STREAM)
conn = s.connect_ex((target, p))
if(conn == 0):
print (‘Port’, p, ‘OPEN’)

s.close()

print (‘Elapsed time: ‘, time.time() – startTime)

The first line of the code tells the command interpreter what language we will be using in the script. The next two lines import libraries needed for this scanner to run correctly. The socket library contains the data structures and functions necessary for us to make network connections to other computers

The commands in the for loop attempt to make a network connection to the host at the IP address you entered for each port in the range of low_port to high_port. The connection is attempted through the command

Bellevue UniversityCYBR 5257

conn = s.connect_e((target, p))

If the function returns a 0 that means a successful connection was made and the port is open.

This is a very simple script and not optimized for efficient scanning so depending on the host you are scanning it could take several seconds for each port. You may first want to start with a narrow range of ports and expand or adjust the range as needed.

After you enter the code save the file by clicking the save button at the top of the editor. You can leave the editor open in case you need to fix any errors, just remember to save the file before you run it again.

Now you need to make the file executable, do this by opening a new terminal window and entering the following command

chmod +x scan.py

Now you are ready to run your script, in the terminal window enter

./scan.py

Enter the IP and range of ports you wish to scan.

If you receive any errors read the error message closely and go back to the editor and correct the error. Refer back to the code listing provided above. You must be sure to save the file after making any edits.

If the scanner appears stuck or is taking too long (remember to use small ranges) you can type CTRL-C to stop the program

Answer the following questions:

Conduct a scan of ports 1-200 on the host at 192.168.25.10, provide a screen shot of your results

Conduct a nmap scan of your choice on the same host, you don’t need to specify the ports. Do the two scanner results differ? Why do you think they do or don’t differ?

Use your scanner to scan another host in the range 192.168.25.1-100 with a port range of your choosing. Provide a screen shot of your results.

Research the socket connection function provided in the socket library

Bellevue UniversityCYBR 5258

and/or use wireshark to monitor one of your scans. Is the type of scan your scanner does a full-open or half-open scan? Why? Refer back to previous week’s material if you don’t remember what these scans are.

What does the s.close command do in your script and why is it important?

Provide a screen shot of the code you wrote.