Scribd
Upload
20 views

Assignment 3 - Reconnaissance and Footprinting

Uploaded by

01x00x010
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
20 views

Assignment 3 - Reconnaissance and Footprinting

Uploaded by

01x00x010
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

CYSE 450- Ethical Hacking and Penetration Testing

Assignment-3
Task-A: [30 points] Install the following Virtual Machines to complete your lab and submit the
screenshots for the IP address displayed in the terminal after using ifconfig (in Linux
VM)/ipconfig (in Windows VM) command for all these machines:
1. Kali Linux
2. Metasploitable2(Source:https://sourceforge.net/projects/metasploitable/files/Metasploitable2/)
3. Windows XP or Windows 7 (Refer to the class recording to install this)

Task B: [30 points] Perform passive reconnaissance using archive.org and netcraft (For this task,
you can use any browser of your actual computer)

1. Go to we.archive.org and in the search box type www.Microsoft.com and hit Enter
2. Gather and write in brief information about the updated made between January 1 till current
date. Take the screenshot of the result.
3. For this step, open a new tab and go to www.netcraft.com and gather information about network
like, network domain, network registrar, IPV4 address, and nameserver for www.microsoft.com.
write in brief what you analyzed?
For task 3, I cannot find any current information. The information available seems to be from the early
2000s and there isn’t an option to create an account so I can access updated information on this site.

Task C: [40 points] Perform active reconnaissance using attacker Kali Linux and target
Metasploitable VM
1. In the settings, change the network adapter to Bridge mode for all the Three machines.
2. Open the terminals and execute the correct command to print the IP addresses for all the 3 machines
separately (Make sure the IP address should be unique for all the 3 machines.
3. In Kali Linux terminal, execute the command (host/dig) to demonstrate whether the host
(www.odu.edu or www.amazon.com) is live/UP or not. Also provide the reason if the host is live /UP
by using the option - -reason.
Host is live because you can see information about its IP address.
4. Using terminal in Kali Linux, perform DNS enumeration using dnsenum command for
www.odu.edu or www.google.com (Please refer to the slide for using dnsenum)

5. In kali Linux, perform ICMP Sweep scan to gather information about the target machine
(Metasploitable Linux) by sending ICMP echo request to target machine (using its ip address), using nmap
command with correct options. Highlight the line indicating whether the ICMP reply has been received or
not. [Do not forget to disable the arp-ping]
6. In kali Linux, perform ICMP Sweep scan to gather information about the target machine (Windows
Xp/7) by sending ICMP echo request, using nmap command with correct options. (Make sure the
firewall is turned on in windows machine)

You might also like