A Project Report on:

WEBSITE PENETRATION TESTING

A Course Project report Submitted in partial fulfillment of the Academic requirements for
the award of the degree of Bachelor of Technology

In

Electronics and Communication Engineering

Submitted by

Sreehari Yermal (18H51A04M0)

Under the esteemed guidance of

Mr. Abdul Subhani Shaik

Associate Professor Department of ECE

DEPARTMENT OF ELECTRONICS & COMMUNICATION

ENGINEERING

CMR COLLEGE OF ENGINEERING & TECHNOLOGY

(Autonomous)

(NAAC Accredited with ‘A’ Grade & NBA Accredited)

(Approved by AICTE, Permanently Affiliated to JNTU Hyderabad)

KANDLAKOYA, MEDCHAL ROAD, HYDERABAD-501401

2020-2021
Website Penetration Testing

CMR COLLEGE OF ENGINEERING & TECHNOLOGY

(AUTONOMOUS)

(NAAC Accredited with ‘A’ Grade & NBA Accredited)

(Approved by AICTE, Permanently Affiliated to JNTU Hyderabad)

KANDLAKOYA, MEDCHAL ROAD, HYDERABAD-501401

DEPARTMENT OF ELECTRONICS & COMMUNICATION ENGINEERING

CERTIFICATE

This is to certify that the course project report entitled “Website Penetration Testing” is a
bonafide work done by SREEHARI YERMAL (18H51A04M0) of III B. Tech, V semester
in partial fulfillment of the requirements for the award of the degree of Bachelor of
Technology, submitted to Department of Electronics and Communication Engineering,
CMR College of Engineering & Technology, Hyderabad during the Academic Year 2020-
21.

Mr. ABDUL SUBHANI SHAIK Mr. E.N.V PURNA CHANDRA RAO

Assoc. Professor, ECE Department HOD, ECE Department

Project Guide

CMR College of Engineering & Technology 1 ECE

Website Penetration Testing

ACKNOWLEDGEMENT

We are highly indebted and grateful to our guide Mr. Abdul Subhani Shaik, Associate Professor,
Department of ECE, CMRCET for his excellent guidance and constant encouragement
throughout for the successful completion of the Project.

We are obliged and grateful to thank, Mr. E.N.V. PURNA CHANDRA RAO HOD, Department
of ECE, CMRCET, for his cooperation in all respects.

We are obliged and grateful to thank, Dr. B. LOKESHWAR RAO, Dean (Academics),
CMRCET, for his cooperation in all aspects.

We would like to thank Major Dr.VA NARAYANA, Principal, CMRCET, for his support in the
course of this project work.

We would like to thank Sri Ch. GOPAL REDDY garu, Secretary& Correspondent of CMRCET,
for his cooperation in all respects during the course.

It gives immense pleasure in expressing our deep sense of gratitude to project In charge, Mr. P.
RAVEENDRABABU, Associate Professor, Department of ECE, & project Coordinator Mr. C.
Veeranjaneyulu, Associate Professor, Department of ECE CMRCET for their valuable
suggestions in each and every review during the course of my project.

Finally, we would like to thank all teaching & non- teaching staff members of the department,
for their cooperation and support throughout the duration of our course.

Ultimately, we own all our success to our beloved parents, whose vision, love and inspiration has
made us to reach out for these glories.

SIGNATURE

CMR College of Engineering & Technology 2 ECE

Website Penetration Testing

Sreehari Yermal 18H51A04M0

DECLARATION

We hereby declare that results embodied in this Report of Project on “WEBSITE

PENETRATION TESTING” are from work carried out by using partial fulfillment of the
requirements for the award of B. Tech degree. We have not submitted this report to any other
university/institute for the award of any other degree.

Name Roll Number

Sreehari Yermal (18H51A04M0)

CMR College of Engineering & Technology 3 ECE

Website Penetration Testing

ABSTRACT

Now a days we see many cyberattacks happening at our surroundings. We hear or read
some news articles that there was a security breach and we also listen that some familiar
people’s social media account got hacked. The main aim of this project is to alert the
people about the cyberattacks going on in this world by conducting a penetration test. In
this test we have three main stages namely information gathering, search for
vulnerabilities, and exploit those vulnerabilities.

Actually, there are five stages in ethical hacking which are,

1. Information Gathering
2. Scanning
3. Gaining Access
4. Maintaining Access
5. Cleaning tracks

We perform these kinds of tests to test the security of the application and update the
security measures of the application. This kind of tests helps the ethical hackers to
improve their cyber-defense capability. We can create awareness among the people by
showing this kind of tests so that people will come to know about the basic security
measures and they will be cautious all the time regarding their information security.

CMR College of Engineering & Technology 4 ECE

Website Penetration Testing

Index:

CHAPTERS DESCRIPTION PAGE No.

Abstract 4
1 1.1 Introduction 6
1.2 Objective 7
1.3 Future Scope 7
1.4 Requirements 7
2 Implementation
2.1 Introduction 8
2.2 Methodology 9-18
2.3 Flow Chart 19
3 Results and Conclusion 19

3.1 Result 19
3.2 Conclusion 19
4 Reference 20
Appendix 20

CMR College of Engineering & Technology 5 ECE

Website Penetration Testing

CHAPTER 1:
INTRODUCTION:

Hacking is an attempt to exploit a computer system or a private network inside a

computer. Simply put, it is the unauthorized access to or control over computer network
security systems for some illicit purpose.
There are three types of hackers. They are:
1.White Hat Hackers.
2.Black Hat Hackers.
3.Grey Hat Hackers.
White hat hackers are also known as ethical hackers. They are employed by some private
organizations or under the government as security specialists. The main job of these
white hat hackers is to test the applications, search for the vulnerabilities, report to the
organization and update the security of the application. They always have permission
from the system’s owner, making their actions completely legal.
Black Hat Hackers are completely opposite of white hat hackers. They frequently
develop a malware which will infiltrate the computer networks. They follow the same
methods of white hat hackers but they don’t have permission of the system owner hence,
their actions are completely illegal. Black hat hackers can either steal manipulate or can
destroy the data.
As the name suggests, these individuals utilize aspects from black and white hat hackers,
but will usually seek out vulnerabilities in a system without an owner’s permission or
knowledge. While they’ll report any issues, they encounter to the owner, they’ll also
request some sort of compensation or incentive. If the owner refuses to give them
incentives then these hackers might exploit the newfound flaws.

CMR College of Engineering & Technology 6 ECE

Website Penetration Testing

OBJECTIVE:

The main objectives of performing penetration testing are:

1. Information Gathering.
2. Identifying Vulnerabilities.
3. Exploiting those vulnerabilities.
4. Updating the Security.
5. Improving the cyber-defense capability.
FUTURE SCOPE:

Ethical hacking is a key component of risk evaluation, auditing, and counter-frauds. The
scope for the Ethical Hackers is high and it is one of the rapidly growing careers at
present as many malicious attackers cause a threat to the business and its networks.
Industries like Information Technology and Banking Sectors hire several Ethical hackers
to protect their data and infrastructure. Also, in the upcoming days, the demand for this
profile is going to be high compared to other profiles due to an increased threat of
vulnerabilities.
We also know that the number of cyberattacks is increasing drastically day by day so,
there will be lot of scope for the ethical hackers in future. Employment of cybersecurity
analysis projected to grow 32% from 2018-2028. In USA the average advertised salary
for a cybersecurity job is now $93,560, which is 16% higher than the average salary of all
IT jobs.
REQUIREMENTS:

The basic requirements to perform a penetration test are:

1. Personnel Computer. (High configuration is preferable)
2. Windows and Linux Operating System.
3. Strong Internet Connectivity.

CMR College of Engineering & Technology 7 ECE

Website Penetration Testing

4. Virtual Private Network. (VPN)

CHAPTER 2:

IMPLEMENTATION:

INTRODUCTION:

Penetration testing is a type of security testing that is used to test the insecurity of an
application. It is conducted to find the security risk which might be present in the system.
If a system is not secured, then any attacker can disrupt or take authorized access to that
system. Security risk is normally an accidental error that occurs while developing and
implementing the software. For example, configuration errors, design errors, and
software bugs, etc.
There are three main stages in a penetration test. They are:

1. Planning and Reconnaissance.

2. Identifying Vulnerabilities.
3. Exploitation.

Planning and Reconnaissance

Before starting a test, we need to have complete knowledge of the website i.e. both
the front-end and back-end part. We should have clear idea what you intend to achieve
through this penetration test. We should also be aware of what might crash the server or
what might crash the website. We should be very careful at each and every moment.
Carelessness leads you to a big trouble.
Reconnaissance also known as Open-Source Intelligence Gathering (OSINT). This
is the first step of penetration testing. Here, we use some tools and gather the necessary
information of the website owner. This process is commonly called information
gathering. We use some OSINT tools to gather the information.

CMR College of Engineering & Technology 8 ECE

Website Penetration Testing

Identifying Vulnerabilities
In this stage, we have to find out the vulnerabilities of the website. Vulnerabilities
are nothing but the weak points which an attacker can take the advantage of it. There are
some characters if we type it on the website it shows some weird actions on the website.
The tools used for analyzing the weird actions of a website are Burp suite, OWASP,
Wireshark etc.
Exploiting
This is the final stage of a penetration test. The information that we have gathered,
the vulnerabilities that we identified, will help us in this stage. Exploitation is the process
of taking advantage of the vulnerabilities to do some serious damage or to find out the
extent to which a vulnerability can be misused. Exploitation might not be that much easy.
Sometimes, multiple vulnerabilities need to be chained together to perform an
exploitation. Perfect execution of these attacks might require some good amount of
experience.

METHODOLOGY:

The website which was given to us to conduct a penetration test is mentioned below.
URL: https://csclub-cmrcet.github.io/startupCTF/index.html

When we click on the above URL you can see the website and as you observe keenly at
the about us page you will be able to find the owner of this website. The owner of this
website is Fred Krueger.
We used some Open-Source Intelligence (OSINT) tools to gather the owner information.
We came to know the id of the owner and the id is “kruegster1990”. We started digging
out the information about the owner using some of OSINT tools. Finally, we came to

CMR College of Engineering & Technology 9 ECE

Website Penetration Testing

know that he has some social media accounts such as Instagram and twitter. The look of
the website and the owner’s social media handles are shown below.

Fig.No.1: Website

CMR College of Engineering & Technology 10 ECE

Website Penetration Testing

Fig. No. 2: Instagram Profile

Fig. No. 3. Twitter Profile

If we observe his twitter profile clearly, we can find a lot of information about the owner.
The owner lives in a place called Silver Spring, Maryland. The owner was born on 1990.
This was the basic information about the owner.
http://www.cornerstoneairlines.co/

This was the website mentioned in his twitter profile. But the website isn’t working. The
name suggests that he used to run an airlines company which was found in the year 2018
in U.S. This website worked for a year and 8 months.
When we observe his Instagram handle, we found a flight ticket he was travelling from
Baltimore to San-Francisco and it’s a first-class ticket.
We have gathered the owner’s information successfully with the help of Open-Source
Intelligence (OSINT) tools.

CMR College of Engineering & Technology 11 ECE

Website Penetration Testing

There were 6 flags hidden in this website. Let’s find out those hidden flags.

Walk through in finding flags:

In a website, the whole code will be available in source code option. I thought I
can take the help of source code to find the flags. To view the source code, right click
anywhere on the website you can find a list of options, then click on view page source
and you will be redirected to a new tab where you can find the source code.

Fig.No.4. Source code path

When you observe the source code you can find the first flag of this website. The flag
was:

Flag.1: FLAG_CMRCET_1{ S0URC3_C0d3_FL4GS }

CMR College of Engineering & Technology 12 ECE

Website Penetration Testing

Fig.No.5: Flag-1
I thought the second code will be in JavaScript files. So, to find the JavaScript files we
have to go to the inspect element tab. Right click anywhere on the website and click on
inspect element option. In the right side you will find a tab. Go to the networks tab and it
asks us to refresh the page. Do as it said and you will find many files of the website. In
the top, click on JS then, you will find all the JavaScript files. I’ve checked the files one
by one thoroughly and I was successful in finding the second flag. It was hidden in
plugins.js file.

Flag 2: FLAG_CMRCET_2{3ASY_P3SY_J4V4SCR1PT}

CMR College of Engineering & Technology 13 ECE

Website Penetration Testing

Fig.No.6: Inspect Element path

Fig.No.7: Flag-2

CMR College of Engineering & Technology 14 ECE

Website Penetration Testing

There is a login option at the top of the website. I thought if I login to the website I can
find the third flag. We don’t know the credentials of the login page. There is a way to
bypass this login page. We need to go inspect element tab then go to networks tab and
find the login.html file. The login page looks like this.

Fig.No.8: Login Page

After entering the login.html file in the inspect element tab. You will find some details
about the file such as request URL, request method, remote address etc.

CMR College of Engineering & Technology 15 ECE

Website Penetration Testing

I thought if I edit this then I can login to this website as an administrator. I’ve added an
extra cookie which to this file and click on send button.
Cookie:password=;username=admin;admin=True

Fig.No.9: Cookie Adding

Now again visit the login page and type the default credentials say username=admin and
password=admin. Once you login to the website it pops up the third flag.
Flag3: FLAG_CMRCET_3{W3AK_P4SSW0RDS_AR3_D4NG3R }

CMR College of Engineering & Technology 16 ECE

Website Penetration Testing

I found flags in source code and JavaScript file. So, I thought I can find a flag in a CSS
file. I again visited the inspect element and this time I checked all the CSS files
thoroughly. I was successful in finding the fourth flag.
Flag4: FLAG_CMRCET_4{M4ST3R_1NSP3CT_3L3M3NT }

Fig.No.11: Flag-4
For the fifth flag I have sent a phishing mail to the mail id which was provided in the
about us page.

This was the mail which I sent to the mail id given in the website. I found the flag.

CMR College of Engineering & Technology 17 ECE

Website Penetration Testing

Fig.No.12: Flag-5

Flag 5: FLAG_CMRCET_5{PH1SH1NG_1S_D4NG3R}
For every website there is a place where all the important files of the website are hidden.
It depends on the developer whether he has allowed access to the public to view those
files or not. This hidden place is a vulnerability if its exposed to public. To go to that
hidden place we have type /robots.txt at the end of the URL./robots.txt is a place where
all the files are hidden.

Type this to view that hidden place

https://csclub-cmrcet.github.io/startupCTF/robots.txt

I found this when I typed the above URL.

Here they given a path if we type this path in the URL, we can find the last flag.

https://csclub-cmrcet.github.io/startupCTF/secret/loot.txt

CMR College of Engineering & Technology 18 ECE

Website Penetration Testing

Fig.No.13: Flag-6

Flag 6: FLAG_CMRCET_6{R0b0t5_4R3_G00D}

In this way I found all the flags and successfully conducted the test.

FLOW CHART

CMR College of Engineering & Technology 19 ECE

Website Penetration Testing

CHAPTER-3

RESULTS AND CONCLUSION

RESULTS:

By performing this test, we were able to:

1. Gather all the required information regarding web-application.
2. Identified all the vulnerabilities of the web-application.
3. Successfully exploit those vulnerabilities.

CONCLUSION:

This is a skill which cannot be acquired overnight. Lot of dedication and hard work is
required. Patience is the most important skill to acquire this. Penetration testing help to
mitigate the threats of all the risks that an application can face. However, good practices
should be adopted in order it secure any type of application. Carelessness leads you into
big troubles.

CMR College of Engineering & Technology 20 ECE

Website Penetration Testing

REFERENCES

 https://osintframework.com/
 https://medium.com/@shibinbshaji007/introduction-to-web-application-
penetration-testing-9ebb058b8b03
 https://www.synopsys.com/glossary/what-is-ethical-hacking.html
 https://ciso.economictimes.indiatimes.com/news/37-increase-in-
cyberattacks-in-india-in-q1-2020-report/75962696
 https://www.edureka.co/blog/ethical-hacking-career/
APPENDIX

Ethical Hacking is a vast subject and it requires lot of dedication and hard work to
acquire this skill. According to a firm, India has seen 37% increase in cyberattacks in first
quarter of 2020 compared to the last quarter of 2019. The Kaspersky Security Network
(KSN) report showed that its products detected and blocked 52,820,874 local cyber
threats in India
Between January to March this year.
The data also shows that India now ranks 27th globally in the number of web-threats
detected by the company in Q1 2020 as compared to when it ranked on the 32nd position
globally in Q4 2019.

JOBS: Growing at a rate that is outpacing all other areas of IT, cybersecurity has emerged
as a high-growth-field of 2017, and possibly of the entire decade. During the 5 years
between 2012 and 2017, listings for cybersecurity jobs increased by a whopping 75%
according to the analysis made by the Bureau of Labor Statistics. This has led to a lot of
unfilled positions so jobs are plenty and they pay well too. Certified ethical hackers make
an average annual income of $80,074, according to PayScale. The average starting salary
for a certified ethical hacker is $95,000, according to EC-Council senior director Steven
Graham.

CMR College of Engineering & Technology 21 ECE