Programming is an essential skill for an ethical hacker or a pentester; therefore, having an understanding of this skill is considered an advantage. This activity, along with the relevant lecture/reading materials, will provide you with the skills to be able to understand different programs and find vulnerabilities in order to rectify them before an unethical hacker can take advantage of them. Students are free to use programming language and a platform of their choice; however, Python is recommended for those who are new to programming. In addition to pseudocodes, related readings and lecture materials should be sufficient for students to complete this portfolio assessment.
You are required to write two simple program codes: one for a ‘Port Scanner’ and the other for a custom-built ‘Password Cracker’. To undertake this task, you will be provided with pseudocodes for both programs at the start of the semester. You must provide instructions for compiling and executing your port scanner for your language and platform selection. Support from your tutor will be available on the Kali platform and coding in Python programming language.
a. The port scanner must be written for and run against the Case Study machine. The output of your port scanner can be compared to the output of ‘map’.
b. The password cracker must be written and executed against the provided ‘shadow’ file. This file, along with pseudocodes, will be made available. You will receive a separate announcement to this effect. You will be required to understand the concept of wordlists, such as ‘RockYou’ and ‘darkc0de’. However, while executing the program, you should create a subset of the wordlist file containing a maximum of 200 entries.
The entirety of the Port Scanner can be written in less than 15 lines, and the Password Cracker in less than 25 lines (although implementing optional additions may result in a program longer than this).
You are required to provide the following for this portfolio assessment:
a. A PDF document that includes the following sections:
i. Title Page
ii. Introduction to the assignment stating the requirements, platform and language chosen.
iii. Source Code including comments. Please note that the comments should be in a different colour to the actual source code, preferably green.
iv. Instructions for source code compilation and execution. You must provide exact commands to execute the code. Clearly state commands line parameters/prompts/arguments and be very specific about the dependencies if any.
v. Output (screenshots) of the program after the execution (when tested against the Case Study virtual machine and shadow file).
vi. Reference lists – you must acknowledge the sources used to develop both the programs.
b. Separate Source Code files: one for the port scanner and the other for password cracker, as well as the wordlist used for the password cracker.
c. Overall, you are required to submit separately (non-adherence to this may result in zero marks):
i. One PDF file
ii. One .zip file containing port scanner source code, password cracker source code, wordlist used for executing/testing the password cracker.
d. ECU Assignment Cover Sheet must not be included with the PDF document. You must include your name and student number on top of both the source codes using comments.
a. Port Scanner will be marked out of 10.
b. Password Cracker will be marked out of 15.
c. The PDF document will be marked out of 5.
d. The marks obtained will be averaged out of 20% of the total marks of the unit.
Referencing, Plagiarism and Collusion:
The entirety of your assignment must be your own work (unless the ideas are taken from sources, in which case you must reference) and produced for the current instance of the unit. Any use of unreferenced content you did not create constitutes plagiarism and is deemed an act of academic misconduct. All assignments will be submitted to Turnitin which will match your assignment to sources including previous copies of the assignment, and the work submitted by all other students in the unit.
Remember that this is an individual assignment. Never give anyone any part of your assignment – even after the due date or after results have been released. Do not work together with other students on individual assignments – helping someone by explaining a concept or directing them to the relevant resources is fine, but doing the assignment for them or alongside them, or showing them your code is not appropriate. An unacceptable level of cooperation between students on an assignment is collusion and is deemed an act of academic misconduct. If you are uncertain about plagiarism, collusion or referencing, simply contact your learning adviser and ask.