A Project Report on:

WEBSITE PENETRATION TESTING

A Course Project report Submitted in partial fulfillment of the Academic requirements for
the award of the degree of Bachelor of Technology

In

Electronics and Communication Engineering

Submitted by

Kalwala Siddhartha Reddy (18H51A04K0)

Under the esteemed guidance of

Mr. Abdul Subhani Shaik

Associate Professor Department of ECE

DEPARTMENT OF ELECTRONICS & COMMUNICATION

ENGINEERING

CMR COLLEGE OF ENGINEERING & TECHNOLOGY

(Autonomous)

(NAAC Accredited with ‘A’ Grade & NBA Accredited)

(Approved by AICTE, Permanently Affiliated to JNTU Hyderabad)

KANDLAKOYA, MEDCHAL ROAD, HYDERABAD-501401

2020-2021
Website Penetration Testing

CMR COLLEGE OF ENGINEERING & TECHNOLOGY

(AUTONOMOUS)

(NAAC Accredited with ‘A’ Grade & NBA Accredited)

(Approved by AICTE, Permanently Affiliated to JNTU Hyderabad)

KANDLAKOYA, MEDCHAL ROAD, HYDERABAD-501401

DEPARTMENT OF ELECTRONICS & COMMUNICATION ENGINEERING

CERTIFICATE

This is to certify that the course project report entitled “Website Penetration Testing” is a
bonafide work done by, KALWALA SIDDHARTHA REDDY (18H51A04K0) of III B.
Tech, V semester in partial fulfillment of the requirements for the award of the degree of
Bachelor of Technology, submitted to Department of Electronics and Communication
Engineering, CMR College of Engineering & Technology, Hyderabad during the Academic
Year 2020-21.

Mr. ABDUL SUBHANI SHAIK Mr. E.N.V PURNA CHANDRA RAO

Assoc. Professor, ECE Department HOD, ECE Department

Project Guide

CMR College of Engineering & Technology 1 ECE

Website Penetration Testing

ACKNOWLEDGEMENT

We are highly indebted and grateful to our guide Mr. Abdul Subhani Shaik,
Associate Professor, Department of ECE, CMRCET for his excellent guidance and
constant encouragement throughout for the successful completion of the Project.

We are obliged and grateful to thank, Mr. E.N.V. PURNA CHANDRA RAO
HOD, Department of ECE, CMRCET, for his cooperation in all respects.

We are obliged and grateful to thank, Dr. B. LOKESHWAR RAO, Dean

(Academics), CMRCET, for his cooperation in all aspects.

We would like to thank Major Dr.VA NARAYANA, Principal, CMRCET, for

his support in the course of this project work.

We would like to thank Sri Ch. GOPAL REDDY garu, Secretary&

Correspondent of CMRCET, for his cooperation in all respects during the
course.

It gives immense pleasure in expressing our deep sense of gratitude to project In

charge, Mr. P. RAVEENDRABABU, Associate Professor, Department of ECE,
& project Coordinator Mr. C. Veeranjaneyulu, Associate Professor, Department
of ECE CMRCET for their valuable suggestions in each and every review during
the course of myproject.

Finally, we would like to thank all teaching & non- teaching staff members of
the department, for their cooperation and support throughout the duration of our
course.

Ultimately, we own all our success to our beloved parents, whose vision, love
and inspiration has made us to reach out for these glories.

SIGNATURE

Kalwala Siddhartha Reddy 18H51A04K0

CMR College of Engineering & Technology 2 ECE

Website Penetration Testing

DECLARATION

We hereby declare that results embodied in this Report of Project on “WEBSITE

PENETRATION TESTING” are from work carried out by using partial
fulfillment of the requirements for the award of B. Tech degree. We have not
submitted this report to any other university/institute for the award of any other
degree.

Name Roll Number

Kalwala Siddhartha Reddy (18H51A04K0)

CMR College of Engineering & Technology 3 ECE

Website Penetration Testing

ABSTRACT

Now a days we see many cyberattacks happening at our surroundings. We hear or

read some news articles that there was a security breach and we also listen that
some familiar people’s social media account got hacked. The main aim of this
project is to alert the people about the cyberattacks going on in this world by
conducting a penetration test. In this test we have three main stages namely
information gathering, search for vulnerabilities, and exploit those vulnerabilities.
Actually, there are five stages in ethical hacking they are, information gathering,
scanning, gaining access, maintaining access and clearing tracks. We perform these
kinds of tests to test the security of the application and update the security
measures of the application. This kind of tests helps the ethical hackers to improve
their cyber-defense capability. We can create awareness among the people by
showing this kind of tests so that people will come to know about the basic security
measures and they will be cautious all the time regarding their information
security.

CMR College of Engineering & Technology 4 ECE

Website Penetration Testing

Index:

CHAPTERS DESCRIPTION PAGE No.

Abstract 4
1 Introduction

1.1 Introduction 6
1.2 Objective 7
1.3 Future Scope 7
1.4 Requirements 7
2 Implementation
2.1 Introduction 8
2.2 Methodology 9-18
2.3 Flow Chart 19
3 Results and Conclusion 19

3.1 Result 19
3.2 Conclusion 19
4 Reference 20
Appendix 20

CMR College of Engineering & Technology 5 ECE

Website Penetration Testing

CHAPTER 1:

INTRODUCTION

Hacking is an attempt to exploit a computer system or a private network inside a

computer. Simply put, it is the unauthorized access to or control over computer
network security systems for some illicit purpose.

There are three types of hackers. They are:

1. White Hat Hackers.

2. Black Hat Hackers.
3. Grey Hat Hackers.

White hat hackers are also known as ethical hackers. They are employed by some
private organizations or under the government as security specialists. The main job
of these white hat hackers is to test the applications, search for the vulnerabilities,
report to the organization and update the security of the application. They always
have permission from the system’s owner, making their actions completely legal.

Black Hat Hackers are completely opposite of white hat hackers. They frequently
develop a malware which will infiltrate the computer networks. They follow the
same methods of white hat hackers but they don’t have permission of the system
owner hence, their actions are completely illegal. Black hat hackers can either steal
manipulate or can destroy the data.

As the name suggests, these individuals utilize aspects from black and white hat
hackers, but will usually seek out vulnerabilities in a system without an owner’s
permission or knowledge. While they’ll report any issues, they encounter to the
owner, they’ll also request some sort of compensation or incentive. If the owner
refuses to give them incentives then these hackers might exploit the newfound
flaws.

CMR College of Engineering & Technology 6 ECE

Website Penetration Testing

OBJECTIVE

The main objectives of performing penetration testing are:

1. Information Gathering.
2. Identifying Vulnerabilities.
3. Exploiting those vulnerabilities.
4. Updating the Security.
5. Improving the cyber-defense capability.

FUTURE SCOPE

Ethical hacking is a key component of risk evaluation, auditing, and counter-

frauds. The scope for the Ethical Hackers is high and it is one of the rapidly
growing careers at present as many malicious attackers cause a threat to the
business and its networks. Industries like Information Technology and Banking
Sectors hire several Ethical hackers to protect their data and infrastructure. Also, in
the upcoming days, the demand for this profile is going to be high compared to
other profiles due to an increased threat of vulnerabilities.

We also know that the number of cyberattacks is increasing drastically day by day
so, there will be lot of scope for the ethical hackers in future. Employment of
cybersecurity analysis projected to grow 32% from 2018-2028. In USA the
average advertised salary for a cybersecurity job is now $93,560, which is 16%
higher than the average salary of all IT jobs.

REQUIREMENTS

The basic requirements to perform a penetration test are:

1. Personnel Computer. (High configuration is preferable)

2. Windows and Linux Operating System.

3. Strong Internet Connectivity.

4. Virtual Private Network. (VPN)

CMR College of Engineering & Technology 7 ECE

Website Penetration Testing

CHAPTER 2:

IMPLEMENTATION:

INTODUCTION:

Penetration testing is a type of security testing that is used to test the insecurity of
an application. It is conducted to find the security risk which might be present in
the system.

If a system is not secured, then any attacker can disrupt or take authorized access
to that system. Security risk is normally an accidental error that occurs while
developing and implementing the software. For example, configuration errors,
design errors, and software bugs, etc.

There are three main stages in a penetration test. They are:

1. Planning and Reconnaissance.

2. Identifying Vulnerabilities.
3. Exploitation.

Planning and Reconnaissance

Before starting a test, we need to have complete knowledge of the website

i.e. both the front-end and back-end part. We should have clear idea what you
intend to achieve through this penetration test. We should also be aware of what
might crash the server or what might crash the website. We should be very careful
at each and every moment. Carelessness leads you to a big trouble.

Reconnaissance also known as Open-Source Intelligence Gathering

(OSINT). This is the first step of penetration testing. Here, we use some tools and
gather the necessary information of the website owner. This process is commonly
called information gathering. We use some OSINT tools to gather the information.

CMR College of Engineering & Technology 8 ECE

Website Penetration Testing

Identifying Vulnerabilities

In this stage, we have to find out the vulnerabilities of the website.

Vulnerabilities are nothing but the weak points which an attacker can take the
advantage of it. There are some characters if we type it on the website it shows
some weird actions on the website. The tools used for analyzing the weird actions
of a website are Burp suite, OWASP, Wireshark etc.

Exploiting

This is the final stage of a penetration test. The information that we have
gathered, the vulnerabilities that we identified, will help us in this stage.
Exploitation is the process of taking advantage of the vulnerabilities to do some
serious damage or to find out the extent to which a vulnerability can be misused.
Exploitation might not be that much easy. Sometimes, multiple vulnerabilities need
to be chained together to perform an exploitation. Perfect execution of these
attacks might require some good amount of experience.

METHODOLOGY:

The website which was given to us to conduct a penetration test is mentioned

below.

URL: https://csclub-cmrcet.github.io/startupCTF/index.html

When we click on the above URL you can see the website and as you observe
keenly at the about us page you will be able to find the owner of this website. The
owner of this website is Fred Krueger.

We used some Open-Source Intelligence (OSINT) tools to gather the owner

information. We came to know the id of the owner and the id is “kruegster1990”.
We started digging out the information about the owner using some of OSINT
tools. Finally, we came to know that he has some social media accounts such as
Instagram and twitter. The look of the website and the owner’s social media
handles are shown below.

CMR College of Engineering & Technology 9 ECE

Website Penetration Testing

Fig.No.1: Website

Fig. No. 2: Instagram Profile

CMR College of Engineering & Technology 10 ECE

Website Penetration Testing

Fig. No. 3. Twitter Profile

If we observe his twitter profile clearly, we can find a lot of information about the
owner. The owner lives in a place called Silver Spring, Maryland. The owner was
born on 1990. This was the basic information about the owner.

http://www.cornerstoneairlines.co/
This was the website mentioned in his twitter profile. But the website isn’t
working. The name suggests that he used to run an airlines company which was
found in the year 2018 in U.S. This website worked for a year and 8 months.

When we observe his Instagram handle, we found a flight ticket he was travelling
from Baltimore to San-Francisco and it’s a first-class ticket.

We have gathered the owner’s information successfully with the help of Open-
Source Intelligence (OSINT) tools.

CMR College of Engineering & Technology 11 ECE

Website Penetration Testing

There were 6 flags hidden in this website. Let’s find out those hidden flags.

Walk through in finding flags:

In a website, the whole code will be available in source code option. I

thought I can take the help of source code to find the flags. To view the source
code, right click anywhere on the website you can find a list of options, then click
on view page source and you will be redirected to a new tab where you can find the
source code.

Fig.No.4. Source code path

When you observe the source code you can find the first flag of this website. The
flag was:

Flag.1: FLAG_CMRCET_1{ S0URC3_C0d3_FL4GS }

CMR College of Engineering & Technology 12 ECE

Website Penetration Testing

Fig.No.5: Flag-1

I thought the second code will be in JavaScript files. So, to find the javascript files
we have to go to the inspect element tab. Right click anywhere on the website and
click on inspect element option. In the right side you will find a tab. Go to the
networks tab and it asks us to refresh the page. Do as it said and you will find
many files of the website. In the top, click on JS then, you will find all the
JavaScript files. I’ve checked the files one by one thoroughly and I was successful
in finding the second flag. It was hidden in plugins.js file.

Flag 2: FLAG_CMRCET_2{3ASY_P3SY_J4V4SCR1PT}

CMR College of Engineering & Technology 13 ECE

Website Penetration Testing

Fig.No.6: Inspect Element path

Fig.No.7: Flag-2

CMR College of Engineering & Technology 14 ECE

Website Penetration Testing

There is a login option at the top of the website. I thought if I login to the website I
can find the third flag. We don’t know the credentials of the login page. There is a
way to bypass this login page. We need to go inspect element tab then go to
networks tab and find the login.html file. The login page looks like this.

Fig.No.8: Login Page

After entering the login.html file in the inspect element tab. You will find some
details about the file such as request URL, request method, remote address etc.

CMR College of Engineering & Technology 15 ECE

Website Penetration Testing

I thought if I edit this then I can login to this website as an administrator. I’ve
added an extra cookie which to this file and click on send button.

Cookie:password=;username=admin;admin=True

Fig.No.9: Cookie Adding

Now again visit the login page and type the default credentials say
username=admin and password=admin. Once you login to the website it pops up
the third flag.

CMR College of Engineering & Technology 16 ECE

Website Penetration Testing

Flag3: FLAG_CMRCET_3{W3AK_P4SSW0RDS_AR3_D4NG3R }

I found flags in source code and JavaScript file. So, I thought I can find a flag in a
CSS file. I again visited the inspect element and this time I checked all the CSS
files thoroughly. I was successful in finding the fourth flag.

Flag4: FLAG_CMRCET_4{M4ST3R_1NSP3CT_3L3M3NT }

Fig.No.11: Flag-4
For the fifth flag I have sent a phishing mail to the mail id which was provided in
the about us page.

CMR College of Engineering & Technology 17 ECE

Website Penetration Testing

This was the mail which I sent to the mail id given in the website. I found the flag.

Fig.No.12: Flag-5

Flag 5: FLAG_CMRCET_5{PH1SH1NG_1S_D4NG3R}
For every website there is a place where all the important files of the website are
hidden. It depends on the developer whether he has allowed access to the public to
view those files or not. This hidden place is a vulnerability if its exposed to public.
To go to that hidden place we have type /robots.txt at the end of the
URL./robots.txt is a place where all the files are hidden.

Type this to view that hidden place

https://csclub-cmrcet.github.io/startupCTF/robots.txt

I found this when I typed the above URL.

CMR College of Engineering & Technology 18 ECE

Website Penetration Testing

Here they given a path if we type this path in the URL, we can find the last flag.

https://csclub-cmrcet.github.io/startupCTF/secret/loot.txt

Fig.No.13: Flag-6

Flag 6: FLAG_CMRCET_6{R0b0t5_4R3_G00D}

In this way I found all the flags and successfully conducted the test.

FLOW CHART

CHAPTER-3

RESULTS AND CONCLUSION

RESULTS:

By performing this test, we were able to:

CMR College of Engineering & Technology 19 ECE

Website Penetration Testing

1. Gather all the required information regarding web-application.

2. Identified all the vulnerabilities of the web-application.
3. Successfully exploit those vulnerabilities.

CONCLUSION:

This is a skill which cannot be acquired overnight. Lot of dedication and hard work
is required. Patience is the most important skill to acquire this. Penetration testing
help to mitigate the threats of all the risks that an application can face. However,
good practices should be adopted in order it secure any type of application.
Carelessness leads you into big troubles.

REFERENCES

 https://osintframework.com/
 https://medium.com/@shibinbshaji007/introduction-to-web-application-
penetration-testing-9ebb058b8b03
 https://www.synopsys.com/glossary/what-is-ethical-hacking.html
 https://ciso.economictimes.indiatimes.com/news/37-increase-in-
cyberattacks-in-india-in-q1-2020-report/75962696
 https://www.edureka.co/blog/ethical-hacking-career/

APPENDIX

Ethical Hacking is a vast subject and it requires lot of dedication and hard work to
acquire this skill. According to a firm, India has seen 37% increase in cyberattacks
in first quarter of 2020 compared to the last quarter of 2019. The Kaspersky
Security Network (KSN) report showed that its products detected and blocked
52,820,874 local cyber threats in India between January to March this year.

CMR College of Engineering & Technology 20 ECE

Website Penetration Testing

The data also shows that India now ranks 27th globally in the number of web-
threats detected by the company in Q1 2020 as compared to when it ranked on the
32nd position globally in Q4 2019.

JOBS: Growing at a rate that is outpacing all other areas of IT, cybersecurity has
emerged as a high-growth-field of 2017, and possibly of the entire decade. During
the 5 years between 2012 and 2017, listings for cybersecurity jobs increased by a
whopping 75% according to the analysis made by the Bureau of Labor Statistics.
This has led to a lot of unfilled positions so jobs are plenty and they pay well
too. Certified ethical hackers make an average annual income of $80,074,
according to PayScale. The average starting salary for a certified ethical hacker is
$95,000, according to EC-Council senior director Steven Graham.

CMR College of Engineering & Technology 21 ECE