Security Lab Manual
Security Lab Manual
ODD SEMSTER
NAME: ----------------------------------------------------------------------------
2023-2024
Name : ……………………………………………………..
Department : ………………………………………………………
b. Playfair cipher
c. Hill Cipher
d. Vigenere cipher
2. Perform encryption and decryption
using following transposition
techniques
a. Rail fence
b. Row & Column Transformation
3.
Apply DES algorithm for practical applications
4.
Apply AES algorithm for practical applications
5. Implement RSA Algorithm using HTML
and JavaScript
7.
Calculate the message digest of a text using
the SHA-1 algorithm
9.
Demonstrate intrusion detection system (ids)
using any tool eg. Snort or any other s/w
Automated Attack and Penetration Tools
10. Exploring N-Stalker, a Vulnerability Assessment
Tool
Defeating Malware
a. Building Trojans
11.
b. Rootkit Hunter
Ex. No : 1(a) Encryption and Decryption Using Ceaser Cipher
Date:
AIM:
To encrypt and decrypt the given message by using Ceaser Cipher
encryption algorithm.
ALGORITHMS:
PROGRAM:
CaesarCipher.java
class caesarCipher
{
public static String encode(String enc, int offset)
{
offset = offset % 26 + 26;
StringBuilder encoded = new StringBuilder();
for (char i : enc.toCharArray()) {
if (Character.isLetter(i)) {
if (Character.isUpperCase(i)) {
encoded.append((char) ('A' + (i - 'A' + offset) % 26));
}
else {
encoded.append((char) ('a' + (i - 'a' + offset) % 26));
}
}
else {
encoded.append(i);
}
}
1
return encoded.toString();
}
OUTPUT:
Simulating Caesar Cipher
Input : Anna University
Encrypted Message : Dqqd Xqlyhuvlwb
Decrypted Message : Anna University
RESULT:
Thus the program for ceaser cipher encryption and decryption algorithm
has been implemented and the output verified successfully.
2
Ex. No : 1(b) Date: Playfair Cipher
AIM:
To implement a program to encrypt a plain text and decrypt a cipher text
using play fair Cipher substitution technique.
ALGORITHM:
1. To encrypt a message, one would break the message into digrams (groups
of 2 letters)
2. For example, "HelloWorld" becomes "HE LL OW OR LD".
3. These digrams will be substituted using the key table.
4. Since encryption requires pairs of letters, messages with an odd number of
characters usually append an uncommon letter, such as "X", to complete
the final digram.
5. The two letters of the digram are considered opposite corners of a rectangle
in the key table. To perform the substitution, apply the following 4 rules, in
order, to each pair of letters in the plaintext:
PROGRAM:
playfairCipher.java
import java.awt.Point;
class playfairCipher
{
private static char[][] charTable;
private static Point[] positions;
3
if (positions[c - 'A'] == null)
{ charTable[k / 5][k % 5] =
c;
positions[c - 'A'] = new Point(k % 5, k /
5); k++;
}
}
}
4
sb.length(); i += 2) {
if (i == sb.length() - 1) {
5
sb.append(sb.length() % 2 == 1 ? 'X' : "");
} else if (sb.charAt(i) == sb.charAt(i + 1)) {
sb.insert(i + 1, 'X');
}
}
return codec(sb, 1);
}
OUTPUT:
Simulating Playfair Cipher
Input Message : Security Lab
Encrypted Message :
EABPUGYANSEZ
Decrypted Message : SECURITYLABX
RESULT:
Thus the program for playfair cipher encryption and decryption algorithm
has been implemented and the output verified successfully.
6
Ex. No : 1(c) Hill Cipher
Date:
AIM:
To implement a program to encrypt and decrypt using the Hill cipher
substitution technique
ALGORITHM:
1. In the Hill cipher Each letter is represented by a number modulo 26.
2. To encrypt a message, each block of n letters is multiplied by an invertible
n x n matrix, again modulus 26.
3. To decrypt the message, each block is multiplied by the inverse of the
matrix used for encryption.
4. The matrix used for encryption is the cipher key, and it should be
chosen randomly from the set of invertible n × n matrices (modulo
26).
5. The cipher can, be adapted to an alphabet with any number of letters.
6. All arithmetic just needs to be done modulo the number of letters instead
of modulo 26.
PROGRAM:
HillCipher.java
import java.util.*;
class Basic{
String allChar="ABCDEFGHIJKLMNOPQRSTUVWXYZ";
int indexOfChar(char c)
{
for(int i=0;i < allChar.length();i++)
{
if(allChar.charAt(i)==c)
return i;
}
return -1;
}
char charAtIndex(int pos)
{
return allChar.charAt(pos);
}
}
class Hill{
Hill(int block)
{
this.block=block;
7
}
Basic b1=new
Basic(); int block=2;
int key[][]=new int[block][block];
8
for(int i=0;i < block;i++)
{
for(int j=0;j < 1;j++)
{
for(int k=0;k < block;k++)
{
sum=sum+key[i][k]*a[k][j];
}
cipherMatrix[i][j] = sum
%26; sum = 0;
}
}
for(int i=0;i < block;i++)
{
cipher+=b1.charAtIndex(cipherMatrix[i][0]);
}
return cipher;
}
class HillCipher{
10
public static void main(String args[])throws Exception
{
String plainText,cipherText;
int block;
Scanner scn=new Scanner(System.in);
System.out.println("Enter plain-text:");
plainText=scn.nextLine();
}
}
OUTPUT:
Enter plain-text:
meet
Enter block size of matrix:
2
Enter key Matrix
31
52
Encrypted Text is:
OQ FG
Enter key Inverse Matrix:
2 -1
-5 3
Decrypted Text is:
ME ET
RESULT:
Thus the program for hill cipher encryption and decryption algorithm has
been implemented and the output verified successfully.
11
Ex. No : 1(d) Date: Vigenere Cipher
AIM:
To implement a program for encryption and decryption using vigenere
cipher substitution technique
ALGORITHM:
1. The Vigenere cipher is a method of encrypting alphabetic text by using
a series of different Caesar ciphers based on the letters of a keyword.
2. It is a simple form of polyalphabetic substitution.
3. To encrypt, a table of alphabets can be used, termed a Vigenere square,
or Vigenere table.
4. It consists of the alphabet written out 26 times in different rows, each
alphabet shifted cyclically to the left compared to the previous
alphabet, corresponding to the 26 possible Caesar ciphers.
5. At different points in the encryption process, the cipher uses a
different alphabet from one of the rows used.
6. The alphabet at each point depends on a repeating keyword.
PROGRAM:
vigenereCipher.java
public class vigenereCipher
{
static String encode(String text, final String key) {
String res = "";
text = text.toUpperCase();
for (int i = 0, j = 0; i < text.length(); i++)
{ char c = text.charAt(i);
if (c < 'A' || c > 'Z') {
continue;
}
res += (char) ((c + key.charAt(j) - 2 * 'A') % 26 +
'A'); j = ++j % key.length();
}
return res;
}
12
for (int i = 0, j = 0; i < text.length(); i++)
{ char c = text.charAt(i);
if (c < 'A' || c > 'Z') {
continue;
}
res += (char) ((c - key.charAt(j) + 26) % 26 +
'A'); j = ++j % key.length();
}
return res;
}
OUTPUT:
Simulating Vigenere Cipher
Input Message : SecurityLaboratory
Encrypted Message : NMIYEMKCNIQVVROWXC
Decrypted Message : SECURITYLABORATORY
RESULT:
Thus the program for vigenere cipher encryption and decryption algorithm
has been implemented and the output verified successfully.
13
Ex. No : 2(a) Date: Rail Fence Cipher Transposition Technique
AIM:
To implement a program for encryption and decryption using rail fence
transposition technique.
ALGORITHM:
1. In the rail fence cipher, the plaintext is written downwards and diagonally on
successive "rails" of an imaginary fence, then moving up when we reach the
bottom rail.
2. When we reach the top rail, the message is written downwards again until
the whole plaintext is written out.
3. The message is then read off in rows.
PROGRAM:
railFenceCipher.java
class railfenceCipherHelper
{
int depth;
15
}
return enc;
}
16
OUTPUT:
Simulating Railfence Cipher
RESULT:
Thus the java program for Rail Fence Transposition Technique has been
implemented and the output verified successfully
17
Ex. No : 2(b)
Date:
AIM:
To implement a program for encryption and decryption by using row and column
transformation
technique.
ALGORITHM:
1. Consider the plain text hello world, and let us apply the simple
columnar transposition technique as
shown below
H e l l
O w o r
L d
2. The plain text characters are placed horizontally and the cipher text is created
with vertical format as:
holewdlolr.
Now, the receiver has to use the same table to decrypt the cipher text to plaintext
PROGRAM:
import java.util.*;
class TransCipher
{
public static void main(String args[]) {
Scanner sc = new Scanner(System.in);
System.out.println("Enter the plain text");
String pl =
sc.nextLine(); sc.close();
String s =""; int start =
0;
for (int i = 0; i<pl.length(); i++)
{ if (pl.charAt(i) == ' ')
{
s = s + pl.substring(start, i); start = i + 1;
}
}
s = s + pl.substring(start);
System.out.print(s); System.out.println()
;
int k = s.length(); int l = 0
18
int col = 4;
int row = s.length() / col;
char ch[][] = new char[row][col];
OUTPUT:
RESULT:
Thus the java program for Row and Column Transposition Technique has
been implemented and the output verified successfully.
19
Ex. No : 3 DES ALGORITHM
Date:
AIM:
To use Data Encryption Standard (DES) Algorithm for a practical
application like User Message Encryption.
ALGORITHM:
1. Create a DES Key.
2. Create a Cipher instance from Cipher class, specify the
following information and separated by a slash (/).
a. Algorithm name
b. Mode (optional)
c. Padding scheme (optional)
3. Convert String into Byte[] array format.
4. Make Cipher in encrypt mode, and encrypt it with Cipher.doFinal() method.
5. Make Cipher in decrypt mode, and decrypt it with Cipher.doFinal() method.
PROGRAM:
DES.java
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import java.util.Base64;
class DESExample
{
Cipher ecipher;
Cipher dcipher;
// Encrypt
byte[] enc = ecipher.doFinal(utf8);
20
// Encode bytes to base64 to get a string
return Base64.getEncoder().encodeToString(enc);
}
}
OUTPUT:
Message Encryption Using DES Algorithm
Message [Byte Format] :
[B@4dcbadb4 Message : Secret
Information Encrypted Message:
[B@504bae78 Decrypted Message:
Secret Information
RESULT:
Thus the java program for DES Algorithm has been implemented and the
21
output verified successfully.
22
Ex. No : 4 Advanced Encryption Standard (AES) Algorithm ( URL Encryption )
Date:
AIM:
To use Advanced Encryption Standard (AES) Algorithm for a practical
application like URL Encryption.
ALGORITHM:
1. AES is based on a design principle known as a substitution–permutation.
2. AES does not use a Feistel network like DES, it uses variant of Rijndael.
3. It has a fixed block size of 128 bits, and a key size of 128, 192, or 256 bits.
4. AES operates on a 4 × 4 column-major order array of bytes, termed the state
PROGRAM:
AES.java
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.Base64;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
public class AESExample
{
/* Private variable declaration */
private static final String SECRET_KEY = "123456789";
23
private static final String SALTVALUE = "abcdefg";
/* Encryption Method */
public static String encrypt(String strToEncrypt)
{
try
{
/* Declare a byte array. */
byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
IvParameterSpec ivspec = new IvParameterSpec(iv);
/* Create factory for secret keys.
*/ SecretKeyFactory factory =
SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
/* PBEKeySpec class implements KeySpec interface. */
KeySpec spec = new PBEKeySpec(SECRET_KEY.toCharArray(),
SALTVALUE.getBytes(), 65536, 256);
SecretKey tmp = factory.generateSecret(spec);
SecretKeySpec secretKey = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secretKey, ivspec);
/* Retruns encrypted value.
*/ return
Base64.getEncoder()
.encodeToString(cipher.doFinal(strToEncrypt.getBytes(StandardCharsets.UTF_8)));
}
catch (InvalidAlgorithmParameterException | InvalidKeyException |
NoSuchAlgorithmException | InvalidKeySpecException | BadPaddingException |
IllegalBlockSizeException | NoSuchPaddingException e)
{
System.out.println("Error occured during encryption: " + e.toString());
}
return null;
}
/* Decryption Method */
24
public static String decrypt(String strToDecrypt)
25
{
try
{
/* Declare a byte array. */
byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
IvParameterSpec ivspec = new IvParameterSpec(iv);
/* Create factory for secret keys.
*/ SecretKeyFactory factory =
SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
/* PBEKeySpec class implements KeySpec interface. */
KeySpec spec = new PBEKeySpec(SECRET_KEY.toCharArray(),
SALTVALUE.getBytes(), 65536, 256);
SecretKey tmp = factory.generateSecret(spec);
SecretKeySpec secretKey = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, secretKey, ivspec);
/* Retruns decrypted value. */
return new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));
}
catch (InvalidAlgorithmParameterException | InvalidKeyException |
NoSuchAlgorithmException | InvalidKeySpecException | BadPaddingException |
IllegalBlockSizeException | NoSuchPaddingException e)
{
System.out.println("Error occured during decryption: " + e.toString());
}
return null;
}
/* Driver Code */
public static void main(String[] args)
{
/* Message to be encrypted. */
String originalval = "AES Encryption";
/* Call the encrypt() method and store result of encryption. */
String encryptedval = encrypt(originalval);
/* Call the decrypt() method and store result of decryption. */
26
String decryptedval = decrypt(encryptedval);
/* Display the original message, encrypted message and decrypted message
on the console. */
System.out.println("Original value: " + originalval);
System.out.println("Encrypted value: " + encryptedval);
System.out.println("Decrypted value: " + decryptedval);
}
}
OUTPUT:
URL Encryption Using AES Algorithm
Original URL : www.annauniv.edu
Encrypted URL : vibpFJW6Cvs5Y+L7t4N6YWWe07+JzS1d3CU2h3mEvEg=
Decrypted URL : www.annauniv.edu
RESULT:
Thus the java program for AES Algorithm has been implemented for URL
Encryption and the output verified successfully.
27
Ex. No : 5 RSA Algorithm
Date:
AIM:
To implement RSA (Rivest–Shamir–Adleman) algorithm by using HTML
and Javascript.
ALGORITHM:
1. Choose two prime number p and q
2. Compute the value of n and p
3. Find the value of e (public key)
4. Compute the value of d (private key) using gcd()
5. Do the encryption and decryption
a. Encryption is given as,
c = temod n
b. Decryption is given as,
t = cd mod n
PROGRAM:
RSA.java
import java.math.*;
import java.util.*;
class RSA {
public static void main(String args[])
{
int p, q, n, z, d = 0, e, i;
29
OUTPUT:
RESULT:
Thus the RSA algorithm has been implemented using HTML & CSS and theoutput has been verified
successfully
30
Ex. No : 6 Diffie-Hellman key exchange algorithm
Date:
AIM:
To implement the Diffie-Hellman Key Exchange algorithm for a given
problem .
ALGORITHM:
PROGRAM:
DiffieHellman.java
class DiffieHellman {
public static void main(String args[]) {
int p = 23; /* publicly known (prime number)
*/ int g = 5; /* publicly known (primitive root)
*/ int x = 4; /* only Alice knows this secret */
int y = 3; /* only Bob knows this secret */
double aliceSends = (Math.pow(g, x)) % p;
double bobComputes = (Math.pow(aliceSends, y)) % p;
double bobSends = (Math.pow(g, y)) % p;
double aliceComputes = (Math.pow(bobSends, x)) % p;
double sharedSecret = (Math.pow(g, (x * y))) % p;
System.out.println("simulation of Diffie-Hellman key exchange
algorithm\n ");
System.out.println("Alice Sends : " + aliceSends);
System.out.println("Bob Computes : " + bobComputes);
System.out.println("Bob Sends : " + bobSends);
System.out.println("Alice Computes : " + aliceComputes);
System.out.println("Shared Secret : " + sharedSecret);
31
/* shared secrets should match and equality is transitive */
if ((aliceComputes == sharedSecret) && (aliceComputes == bobComputes))
System.out.println("Success: Shared Secrets Matches! " + sharedSecret);
else
System.out.println("Error: Shared Secrets does not Match");
}
}
OUTPUT:
simulation of Diffie-Hellman key exchange algorithm
Alice Sends : 4.0
Bob Computes :
18.0 Bob Sends :
10.0
Alice Computes :
18.0 Shared Secret :
18.0
Success: Shared Secrets Matches! 18.0
RESULT:
Thus the Diffie-Hellman key exchange algorithm has been implemented
using Java Program and the output has been verified successfully.
32
Ex. No : 7 SHA-1 Algorithm
Date:
AIM:
To Calculate the message digest of a text using the SHA-1 algorithm.
ALGORITHM:
1. Append Padding Bits
2. Append Length - 64 bits are appended to the end
3. Prepare Processing Functions
4. Prepare Processing Constants
5. Initialize Buffers
6. Processing Message in 512-bit blocks (L blocks in total message)
PROGRAM:
sha1.java
import java.security.*;
33
System.out.println("SHA1(\"" + input + "\")=" + bytesToHex(output));
System.out.println();
} catch (Exception e) {
System.out.println("Exception:" + e);
}
}
for (byte aB : b) {
buf.append(hexDigit[(aB >> 4) &
0x0f]); buf.append(hexDigit[aB &
0x0f]);
}
return buf.toString();
}
}
OUTPUT:
Message digest object info:
Algorithm=SHA1
Provider=SUN version
12
ToString=SHA1 Message Digest from SUN, <initialized>
SHA1("")=DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
SHA1("abc")=A9993E364706816ABA3E25717850C26C9CD0D89D
SHA1("abcdefghijklmnopqrstuvwxyz")=32D10C7B8CF96570CA04CE37F2A19
D84240D3A89
RESULT:
Thus the Secure Hash Algorithm (SHA-1) has been implemented and the
output has been verified successfully.
34
Ex. No : 8 Digital Signature Standard
Date:
AIM:
To implement the SIGNATURE SCHEME - Digital Signature Standard.
ALGORITHM:
1. Create a KeyPairGenerator object.
2. Initialize the KeyPairGenerator object.
3. Generate the KeyPairGenerator. ...
4. Get the private key from the pair.
5. Create a signature object.
6. Initialize the Signature object.
7. Add data to the Signature object
8. Calculate the Signature
PROGRAM:
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Signature;
import java.util.Scanner;
35
Signature sign = Signature.
getInstance("SHA256withDSA"); sign.initSign(privKey);
byte[] bytes =
"msg".getBytes(); sign.update(bytes);
OUTPUT:
Enter some text
Hi how are you
Digital signature for given text: 0=@gRD???-?.???? /yGL?i??a!?
RESULT:
Thus the Digital Signature Standard Signature Scheme has
been implemented and the output has been verified successfully.
36
Ex. No : 9 Demonstration of Intrusion Detection System(IDS)
Date:
AIM:
To demonstrate Intrusion Detection System (IDS) using Snort software tool.
37
Finding an interface
You can tell which interface to use by looking at the Index number and finding
Microsoft. As you can see in the above example, the other interfaces are for
VMWare. My interface is 3.
9. To run snort in IDS mode, you will need to configure the file
“snort.conf” according to your network environment.
10. To specify the network address that you want to protect in snort.conf file,
look for the following line.
var HOME_NET 192.168.1.0/24 (You will normally see any here)
11. You may also want to set the addresses of DNS_SERVERS, if you have
some on your network.
Example:
example snort
12. Change the RULE_PATH variable to the path of rules
folder. var RULE_PATH c:\snort\rules
path to rules
38
13. Change the path of all library files with the name and path on your system.
and you must change the path of snort_dynamicpreprocessorvariable. C:\Snort\
lib\snort_dynamiccpreprocessor
You need to do this to all library files in the “C:\Snort\lib” folder. The old path
might be: “/usr/local/lib/…”. you will need to replace that path with your
system path. Using C:\Snort\lib
14. Change the path of the “dynamicengine” variable value in the
“snort.conf” file..
Example:
dynamicengine C:\Snort\lib\snort_dynamicengine\sf_engine.dll
39
21. Save the “snort.conf” file.
22. To start snort in IDS mode, run the following command:
If a log is created, select the appropriate program to open it. You can use
WordPard or NotePad++ to read the file.
To generate Log files in ASCII mode, you can use following command while
running snort in IDS mode:
snort -A console -i3 -c c:\Snort\etc\snort.conf -l c:\Snort\log -K ascii
23. Scan the computer that is running snort from another computer by using
PING or NMap (ZenMap).
After scanning or during the scan you can check the snort-alerts.ids file in the log
folder to insure it is logging properly. You will see IP address folders appear.
40
Snort monitoring traffic –
RESULT:
Thus the Intrusion Detection System(IDS) has been demonstrated by using
the Open Source Snort Intrusion Detection Tool.
41
Ex. No : 10 Exploring N-Stalker, a Vulnerability Assessment Tool
Date:
AIM:
To download the N-Stalker Vulnerability Assessment Tool and exploring the
features.
EXPLORING N-STALKER:
42
Now goto “Scan Session”, enter the target URL.
In review option, you can get all the information like host information,
technologies used, policy name, etc.
43
44
Once done, start the session and start the scan.
The scanner will crawl the whole website and will show the scripts, broken
pages, hidden fields, information leakage, web forms related information which
helps to analyze further.
Once the scan is completed, the NStalker scanner will show details like severity
level, vulnerability class, why is it an issue, the fix for the issue and the URL
which is vulnerable to the particular vulnerability?
45
RESULT:
Thus the N-Stalker Vulnerability Assessment tool has been downloaded,
installed and the features has been explored by using a vulnerable website.
46
Ex. No : 11(a) Defeating Malware - Building Trojans
Date:
AIM:
PROCEDURE:
1. Create a simple trojan by using Windows Batch File (.bat)
2. Type these below code in notepad and save it as Trojan.bat
3. Double click on Trojan.bat file.
4. When the trojan code executes, it will open MS-Paint, Notepad,
Command Prompt, Explorer, etc., infinitely.
5. Restart the computer to stop the execution of this trojan.
TROJAN:
47
CODE:
Trojan.bat
@echo off
:x
start mspaint
start notepad
start cmd
start explorer
start control
start calc
goto x
OUTPUT
(MS-Paint, Notepad, Command Prompt, Explorer will open infinitely)
RESULT:
Thus a trojan has been built and the harmness of the trojan viruses has been
explored.
48
Ex. No : 11(b) Defeating Malware - Rootkit hunter
Date:
AIM:
To install a rootkit hunter and find the malwares in a computer.
ROOTKIT HUNTER:
• rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits,
backdoors and possible local exploits.
• It does this by comparing SHA-1 hashes of important files with known
good ones in online databases, searching for default directories (of
rootkits), wrong permissions, hidden files, suspicious strings in kernel
modules, and
special tests for Linux and FreeBSD.
• rkhunter is notable due to its inclusion in popular operating systems (Fedora,
Debian, etc.)
• The tool has been written in Bourne shell, to allow for portability. It can
run on almost all UNIX-derived systems.
Step 1
49
Visit GMER's website (see Resources) and download the GMER executable.
Click the "Download EXE" button to download the program with a random file
name, as some rootkits will close “gmer.exe” before you can open it.
Step 2
Click the "Scan" button in the lower-right corner of the dialog box. Allow the
program to scan your entire hard drive.
50
Step 3
When the program completes its scan, select any program or file listed in
red. Right-click it and select "Delete."
If the red item is a service, it may be protected. Right-click the service and select
"Disable." Reboot your computer and run the scan again, this time selecting
"Delete" when that service is detected.
When your computer is free of Rootkits, close the program and restart your PC.
RESULT:
In this experiment a rootkit hunter software tool has been installed and the
rootkits have been detected.
51