Task 1
*********
Task 2
*********
Task 3
*********
Task 4
********
script.sh
***********
ip route show default | awk '/default/ {print $3}'
ifconfig -a | grep ether | awk '{print $2}'
netstat -l
tcpdump -# -nn -t -c 100 -i eth0 > dump.pcap
if you have any doubt then please ask me without any hesitation
in the comment section below , if you like my answer then please
thumbs up for the answer , before giving thumbs down please discuss
the question it may possible that we may understand the question
different way and we can edit and change the answers if you argue,
thanks :)
kalinew [Running]- Oracle VM Virtual Box File Machine View Input Devices Help 1 Terminal- Sat 04:43 Applications Places root@kali:- File Edit View Search Terminal Help root@kali:#route -n grep G Destination Gateway Genmask Flags Metric Ref Use Iface ethe 172.16.104.1 0.0.0.0 UG 100 G. kli:-#| mimt.txt secret.bit received secret. txt revtcp.bxt image.jpg wxHexEdito autorun.exe fest, pcapna inew-imane WIF Pumpkin Isof bt diocal extracted hashes.txt txt Right Ctri 2:13 PM ENG U: 1.2 K 15/06/2019
kalinew [Running] - Oracle VM VirtualBax File Machine View Input Devices Help 1 Terminal Applications Places Sat 04:45 root@kali: File Edit View Search Terminal Help root@kali:# route -n Kernel IP routing table ation Flags tric Ref Use ay 172.16.104. 1 0.0.0.9 100 172.16.104.0 root@kali:~# arp 172.16.104.1 Address 255.255.255.0 ethe 0.0.0.0 100 HWaddress f2:56:9c:17 : b7 :70 Flags Mask Iface HWtype ether C ethe gateway root@kali:-# secret t revtcp.txt Image.jpg WxHexEdita autorun.exe inew-imane est, peapna . WIF Pumpkin Isof bt diocal extracted hashes.txt txt Right Ctri Di 2.1 K 2:15 PM 4ENG J:910 15/06/2019
kalinew [Running]- Oracle VM Virtual Box File Machine View Input Devices Help 1 Terminal Applications Places Sat 04:49 root@kali:- File Edit View Search Terminal Help root@kali:#route -n Kernel IP routing table tric Ref ation lags Use ay 172.16.104. 1 0.0.0.9 uC 100 172.16.104. root@kali: ~# nmap 172.16.104.1 starting Nmap 7.70 (https://nmap.org at 2019-06-15 04:47 EDT Nmap scan report for 172.16.104.1 Host 255,255.255.0 ethe 0.0.0.0 100 s up (0.012s latency). 2.16.104.1 are filtered MAC Address: F2:56:9C:17 : B7 : 70 (Unknown ) Nmap done: 1 IP address (1 host up) scanned in 22.43 seconds root@kali:-# autorun.exe new-iman test, peapna pg WIF Pumpkin isof brt dioral extracted hashes.txt txt Right Ctrl 2:19 PM 56/2019E5 I: 1.3 K 4) ENG
kalinew [Running] - Oracle VM VirtualBax File Machine View Input Devices Help 1 Terminal- Applications Places Sat 04:50 root@kali: File Edit View Search Terminal Help All 1000 scanned ports on 172.16.104.1 are filte red MAC Address: F2:56:9C:17: B7 : 70 (Unknown ) Nmap done i IP address (1 host up) scanned in 22.43 seconds root@kali:-# nmap 127 .0.0.1 Starting Nmap 7.70 https : //nmap.org) at 2019-06- 15 04:49 EDT Nmap scan report for localhost (127.0.0.1) Host is up (0.000012s latency) Al 1000 scanned ports on localhost (127.0.0.1) are closed Nmap done: 1 IP address (1 host up) scanned in 0.22 seconds root@kali:~# nmap 172.16.104.124 Starting Nmap 7.70 (https://nmap.org at 2019-06-15 04:49 EDT Nmap scan report for 172.16.104.124 Host is up (0.00068s latency). shown PORT 80/tcp 135/tcp 139/tcp 443/tcp open https ports STATE SERVICE http test, peapna оpen open ms rpc netbios-ssn open 45/tcp open microsoft-ds 186 2103/tcp open zephyr-clt 2105/tcp open eklogin 2107/tcp open msmq- mgmt 5666/tcp open nrpe 7070/tcp open MAC Address: B0:10:41: 18:7B:23 (Hon Hai Precision Ind.) digtal realserver Nmap done: IP address (1 host up) scanned in 4.87 seconds root@kali: ~# Right Ctri Di 24 K 2:20 PM ENG Ji 6.0К 15/06/2019
kalinew [Running]- Oracle VM Virtual Box File Machine View Input Devices Help 1 Terminal- Applications Places Sat 04:51 root@kali: File Edit View Search Terminal Help MAC Address: B0:10:41: 18:7B:23 (Hon Hai Precision Ind.) 4.87 seconds . IP addres Nmap nned in akali# nma - sV -0 172. 16.104.124 Starting Nmap 7.70 https : //nmap.org at 2019-06-15 04:50 EDT Nmap scan report for 172.16.104.124 Host is up (0.00097s latency) Not shown: 989 filtered ports PORT STATE SERVICE VERSIO tod 2.4.33 ((Win32) OpenSSL/1.0.20 PHP/5.6.36) co Microsoft Windows RPC 135/tcp open msrpo 139/tcp 443/tcp Microsoft Windows netbios - ssn Apache httpd 2.4.33 ((Win32) OpensSL/1.0.20 PHP/5.6.36) (workgroup: WORKGROUP ) netbios-ssn open ssl/http microsoft-ds open 445/tcp open 1801/tcp open msmq? dows RPC 2105/tcn onen 2107/tcp open 5666/tcp open 7070/tcp open 1 service un recognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi- bin/s Microsoft Windows RPC me Microsoft Windows RPC msrpc tcpwrapped ssl/realserver? CE-Brt445.TCR:V=7. 70 T= 7%D= 6 / 15%Time=5D04B16B % P = x86 64-pc-linux-gnu%r (SMB SF : ProgNeg, 73, "θ10Υθ0)xffSMB r| ογο)0)0 x88) x0 1@θγο)0γοθ) 0)0) 0θΥ0)0)0)ΘΥ SF : 00/x0610101χ0 1)01x11)x071θΥχ032) 01x0 1)θ1 0Q1 0γθγογθ)χ0 110)010ΛΘ1 0 Υxfcίxε SF:3x0110/\x94\x8dlW#\xd5\x01\xb6\xfe\x08\ *\0\x94\x8c\x1fv\xe@\xdb\xd 7\xc SF : 61001ΘR) 0K1 0610R)00γουγ0Ρ10θγΟM)ΘA)0D) ΘH) ΘΑ)0V) θ) 0 Λθ" ) ; MAC Address: B0:10:41:18:7B:23 (Hon Hai Precision Ind.)) warning: oSScan results may be unreliable because we could not find at least open and 1 closed port evice typ USSTNGMicrosoft Windows 7 | 2008 (89%) os CPE: cpe:/o : mic rosoft : windows 7 cpe:/o: mic rosoft : windows server 2008: : spl cpe:/o : mic rosoft : windows server 2008: r2 Right Ctri Di 1.9 K 2:21 PM 0 ) ENG ^ 15/06/2019
kalinew [Running] - Oracle VM VirtualBax File Machine View Input Devices Help 1 Terminal Applications Places Sat 04:51 root@kali: File Edit View Search Terminal Help PORTutfile STATE SERVICE 80/tcp VERSION http Apache httpd 2.4.33 ((Win32) OpenSSL/1.0.20 PHP/5.6.36) open open Microsoft windows netbios - ssn nethi 139/t 443/tcp open 445/tcp open microsoft -ds 1801/tcp open msmq? 2103/tcp open msrpc os-ssn ssl/http Apache httpd 2.4.33 ((Win32) OpenSsL/1.0.20 PHP/5.6.36) (workgroup: WORKGROUP) Microsoft Windows RPC Microsoft Windows RPC 2105/tcp open msrpc Microsoft Windows RPC 5666/tcp open tcpwrapped 7070/tcp open 1 service un recognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap . org/cgi- bin/s ubmit.cgi?new-service SF- Port445 - TCP : V=7 .70 % I=7%D=6/15%Time=5D04B16B%P=x86_64 - pc - linux- gnu%r (SMB ssl/realserver? SF: 0@X86\91ex@1\©\X11x97\@\x032\\x01\o\®@\@1eve\@\x@1\®1e\®\@\®\xfc\xe SF:3 X0110/\x94\x8dlW#\xd5\x01\xb6\xfe\x08\*\0\x94\x8c\x1fv\xe@\xdb\xd 7\xc SF : 6)001ΘR) 0K1 0610R)00γουγ0P1Θθγ0Μ)ΘΑ)0 D) ΘH) ΘΑ)0V) θ) 0 Λθ" ) ; MAC Address: B0:10:41:18:7B:23 (Hon Hai Precision Ind.) warning: oSScan results may be unreliable because we could not find at least Device ypTUESSTNG). Microsoft Windows 712008 (89 %) open and 1 closed port OS CPE: cpe:/o:microsoft : windows 7 cpe:/o:microsoft : windows server 2008:: spl cpe:/o:microsoft: windows server 2008: r2 Aggressive OS guesses: Microsoft Windows 7 (89%), Microsoft Windows Server 2008 SP1 or Windows Server 2008 R2 (88%) No exact OS matches for host (test conditions non-ideal). Network Distance: 1 hop Service Info: Host: MADHAV OS: Windows; CPE: cpe:/o:microsoft: windows TO peormed. Pleas in 6 T orrect results at https://nmap.org/submit/ IP address and Ser up) scann root@kali: ~# | Right Ctr Di 3.2 M 2:21 PM dENG U 2.5 K 15/06/2019
kalinew [Running]- Oracle VM Virtual Box File Machine View Input Devices Help 1 Terminal Applications Places Sat 05:13 root@kali:- File Edit View Search Terminal Help 8 packets dropped by kernel root@kali:-# tcpdump # -nn - t -c 100 i ethe epaump :ocol decode full si7 ** 1ink.tyne EN10MB (Ethernet) 262144 ht tht ing 1 IP 145.239.1.122.80 > 172.16.104.124.9445: Flags [.], ack 1346637151, win 29578, length 0 145.239.1. 122.80 Flags [.], ack 1, win 64999, length 2 IP 172.16.104.124.9445 3 IP 74.125.200.109.993 172.16.104.124.2520: Flags [], ack 3814050767, Win 62920, length 4 IP 74.125.200.109.993 172.16.104.124.2520: Flags [), ack 1, win 257, length 109.993: Flags T.J, ack 33 ack 3137215837, win 64353, length 168 5, 208.89.12.87 . 443 : Flags [P.], seq 168 : 214, ack 1, win 64353, length 46 IP 172.16.104.124.2500 8 IP 208.89.12.87.443 172.16.104.124.2500: Flags [.1, ack 168, win 9914, length 0 9 IP 208.89.12.87.443 172.16.104.124.2500: Flags [.], ack 214, win 9960, length 0 10 IP 208.89.12.87.443 172.16.104.124.2500: Flags [P.], seq 1:47, ack 214, win 9960, length 46 11 IP 172.16.104.124, 2500 208.89.12.87.443 : Flags [.], ack 47, win 64307, length 0 13 TP 172. 16.104. 124.2504 106.10.231.25.993: El 1. ack 1. win 268 1enath length 0 14 IP 208.89.12.87.443 172.16.104.124.2500: Flags [P. ] , seq 47:876, ack 214, win 9960, length 829 15 IP 172.16.104.124.2500 208.89.12.87.443: Flags [.1, ack 876, win 65228, length e 16 IP 106.10.231.25.993 172.16.104.124.2504: Flags [], ack 1, win 31, length 17 IP 151. 101.193.69.443 172.16. 104.124.2506: Flags .], ack 32487858 19 , win 29200, length IP 172.16. 104. 124 2506 51010 : gs , ack , Win 66, Length 20 IP 192.0.73.2.443 172 . 16.104.124.2507: Flags [.], ack 3262013348, win 29200, length 21 IP 104.16 . 27 . 34 . 443 > 172.16.104. 124.2509 : Flags [.], ack 24355643 14 , win 29200, length 22 IP 192.0.73.2.443 172.16.104.124.2507: Flags [.], ack 1, win 62, length 0 18 23 IP 74. 125.200.109.993 172. 16.104.124.2519: Flags [.], ack 205266864, Win 62920, length e IP 104.16.27.34.443 172.16.104..124.2509 Flags [.], ack 1, win 31, length IP 74.125.130.108.993 172.16.104.124.9543: Flags [.], ack 1602435539, win 62920, length 24 25 ir 74 125 20e0 199 903 gs ack 1552 E 19, length TP 172.16. 104. 124.2519 28 IP 172.16.104.124..9543 74.125.130.108.993: Flags [.], ack 1, win 256, length 0 E Right Ctri 2:43 PM U 2.1 K ENG 15/06/2019
kalinew [Running] - Oracle VM VirtualBax File Machine View Input Devices Help Terminal 1 Applications Places Sat 05:13 root@kali: - File Edit View Search Terminal Help 73tf IP 172.16.104.124.2252 54.213.74.162.443: Flags [.], ack 33, win 256, length 0 74 IP 40.90.189.152.443 > 172.16.104.124.9444: Flags 1, ack 28786767, win 8192, length 0 win 6975 lenath 6 IP 40.90.189, 152.443 > 172 . 16 . 104. 124.9444; Flag 77 IP 162.247.242.20.443 172.16. 104.124.2481: Flags [.], ack 708268114, win 4254, length e L1. ack 1 76 78 IP 172.16.104.124.2481 162.247.242.20.443: Flags [.], ack 1, win 63095, length e IP 145.239.1.122.80 172.16.104.124.9445: Flags [.1, ack 1, win 29578, length 0 80 IP 74.125.130.108.993 172.16.104.124.9546: Flags [.], ack 534083313, win 62920, length 0 79 81 To .1 124.9540 Flags . ack 1, win 262, length 0 . IP 172.16.104.124.9546 74.125.130. 108.993: Flags [.], ack 1, win 257, length 0 83 IP 198.252.206.25 . 443 > 172 . 16.104.124. 25 16: Flags [.], ack 483506069, win 29200, length e 84 198.252.206.25.443: Flags [.], ack 1, win 257, length length 0 85 IP 172.16.104.124.2516 IP 198.252.206.25.443 172.16.104.124.2516: Flags [.], ack 1, win 60, 87 IP 74.125.200.109,993 172.16. 104.124.2523: Flags [.], ack 138382389, win 62920, length 0 86 IP 106.10.231.25.993 172.16.104.124 .2517 : Flags [.], ack 3163102177 , win 14600, length 0 90 IP 106.10 . 231.25.993 > 172.16.104.124.2517: : Flags [ . ], ack 1, win 31, length IP 74.125.200.109.993> 172.16.104.124.2525: Flags [.], ack 2434113737, win 62920, length e 91 IP 74.125.200.109.993 172.16.104.124.2525: Flags [.], ack 1, win 262, length 0 92 74.125.200.109.993: Flags [.], ack 1, win 255, length 0 93 IP 172.16.104.124.2523 TR 172 16 104 124 9445 IP 145.239.1.122.80 172 . 16. 104.124.9445 Flags [.], ack 1, win 29578, length 145 239 122 80 E1 length 1: HTTP 96 208.89.12.87 . 443 : Flags [P.], seq 427 : 594, ack 1750, win 64354, length 167 208.89.12.87.443: Flags [P.], seq 594:640, ack 1750, win 64354, length 46 97 IP 172.16.104.124.2500 98 IP 172.16.104.124.2500 IP 208.89.12.87.443 172.16.104.124.2500: Flags [.1, ack 594, win 10340, length e 99 IP 208.89.12.87.443> 172.16.104. 124.2500: Flaqs [.], ack 640, win 10386, length 100 100 packets captured Pac eceived b nel Iropped by er root@kali:-# Right Ctri 2:43 PM U 1.4 K ) ENG 15/06/2019
kalinew [Running] - Oracle VM VirtualBax File Machine View Input Devices Help Terminal 1 Applications Places Sat 05:38 root@kali:- File Edit View Search Terminal Help root@kali:#bash script.sh root@kali:# bash script.sh e8:00:27:5f:cd:0a Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address udp Foreign Address State 0 0.0.0.0: bootpc 0 0.0.0.0: 0 :ipv6-icmp raw6 0 Active UNIX domain sockets (only servers) RefCnt I-Node Path unix unix unix ACC 1 [ ACC 1 / run/lvm/lvmpolld . socket /run/user/0/keyring/cont rol STREAM LISTENING 10247 STREAM LISTENING 19483 ACC 1 @/tmp/.ICE-unix/1066 @/tmp/.X11- unix/Xe @/tmp/.X11- unix/X1 STREAM LISTENING 20031 unix [ACC LISTENING 15424 STREAM unix T ACC STREAM LISTENING 19621 ACC 1 /t mp/ . ICE - unix/732 @/tmp/. ICE- unix/732 /run/uuidd/ request /var/run/dbus/system STREAM LISTENING 15978 unix [ACC ACC IACC 1 STREAM LISTENING 15977 STREAM LISTENING 12381 unix unix LISTENING 12385 bus socket STREAM [ACC ] /var/run/pcscd/pcscd . comm /run/udev/control STREAM LISTENING 12389 unix CKET ENTNC [ ACC [ ACC 1 @/tmp/dbus- ghJTJTOy run/systemd/fsck.progress /run/user/0/systemd/private @/tmp/dbus- HybmuJ bn /run/user/0/gnupg/S.gpg-agent run/use r/0/gnupg/S . di rmngr /run/user/0/gnupg/S.gpg-agent.browser STREAM LISTENING 19503 STREAM LISTENING 10399 IACC STREAM LISTENING 19365 ACC [ACC STREAM LISTENING 19502 unix 2 STREAM LISTENING 19372 unix [ACC 1 2 STREAM LISTENING 19375 unix STREAM ACC 19379 ACC 1 2 STREAM LISTENING 19381 / run/use r/0/gnupg/S . gpg - agent . ext ra unix Right Ctri 3:08 PM ) ENG U: 1.1 K 15/06/2019