LentzS_CST640_Week8Lab

.docx

School

University of Maryland, University College *

*We aren’t endorsed by this school

Course

640

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

14

Uploaded by SuperHumanBook10401

Report
Name: Sheila Lentz Semester: Fall Year: 2023 Section Number: 9040 Lab 8 Worksheet Digital Forensics Technology and Practices Table of Contents Introduction ............................................................................................................................................................... 2 Screenshot 1 – Creation of Yourname.TXT file ........................................................................................................... 3 Screenshot 2 – Finding the File Type of the Yourname.TXT file ................................................................................. 4 Screenshot 3 – Finding the File Type of the Yourname file ........................................................................................ 5 Screenshot 4 – Creation of Yourname.exe file ........................................................................................................... 6 Screenshot 5 – Get the Hash of the Yourname.exe File ............................................................................................. 7 Screenshot 6 – Identify the File Type of Yourname.exe ............................................................................................. 8 Screenshot 7 – Getting the strings of the Yourname.exe File .................................................................................... 9 Screenshot 8 – Creating Yourname.exe Malware .................................................................................................... 10 Screenshot 9– Finding the File Type of the Yourname file with .Doc Extension ...................................................... 11 Screenshot 10– Use Virustotal to Analyze Yourname file with .Doc Extension ........................................................ 12 Conclusion ............................................................................................................................................................... 13 APA References ........................................................................................................................................................ 14 1
Introduction Students: In the box below, please explain the purpose of doing this lab below and explain how it is relevant to Computer Forensics. Introduction In the realm of computer forensics and cybersecurity, the `ls -la` command in Linux is indispensable. It provides a comprehensive listing of all files within a directory, crucial for revealing potential indicators of compromise or unauthorized activity (Kamathe, 2020). This command is particularly potent when inspecting directories like “/usr/share/windows-binaries”, where executables such as “whoami.exe” and “nc.exe” reside (Zivanov, 2023). These files can be telling; their permissions and ownership may point to unauthorized system access (Linuxize, 2020). The `whoami.exe` utility, pivotal in ascertaining the identity of the user operating a system, becomes an essential piece in the puzzle of tracing actions back to their source (Zivanov, 2023). Similarly, “nc.exe”, better known as Netcat, is a multifaceted tool used by administrators and attackers alike for network diagnostics and potentially as a vector for illicit access (V, 2023). The adept use of Netcat in network testing and data transfer can either uphold security or betray its breach, thereby forming a crucial element of forensic investigations (Buckbee, 2022). Understanding the output of `ls -la` transcends mere file listing; it's about dissecting the system's integrity at any moment, where each executable's history may contribute to unraveling a cyber event's narrative (Kamathe, 2020). Mastery of interpreting these details is a critical skill for any cybersecurity professional or forensic analyst, serving as the foundation for incident analysis and response. 2
Screenshot 1 – Creation of Yourname.TXT file 1. Create a file at the terminal that says hello world and send the output of the file to yourname.txt, where yourname is your first name. Take a screenshot of sending hello world to your file. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit. Take a screenshot of the Your Name Text File being Created 3
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Screenshot 2 – Finding the File Type of the Yourname.TXT file 2. Use the file command in Linux to identify the file type of the yourname.txt file, where yourname is your first name. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit. Take a screenshot of using the File Command on the Your Name Text File 4
Screenshot 3 – Finding the File Type of the Yourname file (no Extension) 3. Use the file command in Linux to identify the file type of the yourname file, where yourname is your first name. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit. Take a screenshot of using the File Command on the Your Name Text File 5
Screenshot 4 – Creation of Yourname.exe file 4. Copy nc.exe to yourname.exe, where yourname is your first name. Take a screenshot of listing the files and folders, including yourname.exe. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit. Take a screenshot of the Your Name. EXE File being Listed 6
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Screenshot 5 – Get the Hash of the Yourname.exe File 5. Use the md5sum command at the terminal to get the hash of the yourname.exe file. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit. Take a screenshot of using the md5sum command to get the hash of the Yourname. EXE File 7
Screenshot 6 – Identify the File Type of Yourname.exe 6. Use the file command at the terminal to identify the file type of the yourname.exe file. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit. Take a screenshot of using the File Command to Identify the Your Name. EXE File 8
Screenshot 7 – Getting the strings of the Yourname.exe File 7. Use the strings command at the terminal to get information about the contents of the yourname.exe file. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit. Take a screenshot of using the Strings Command to get information about the Your Name. EXE File 9
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Screenshot 8 – Creating Yourname.exe Malware 8. Use the msfvenom command at the terminal to create malware called yourname.exe. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit. Take a screenshot of using the msfvenom Command to get create the Your Name. EXE File 10
Screenshot 9– Finding the File Type of the Yourname file with .Doc Extension 9. Use the file command in Linux to identify the file type of the yourname file with a .doc extension, where yourname is your first name. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit. Take a screenshot of using the File Command on the Your Name File with the .Doc Extension 11
Screenshot 10– Use Virustotal to Analyze Yourname file with .Doc Extension 10. Use the virustotal website to analyze the yourname file with a .doc extension, where yourname is your first name. The use of anyone else’s name may result in an academic integrity review by your professor. Please label your screenshot to receive full credit. Take a screenshot of the using virus total on the Your Name File with the .Doc Extension 12
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Conclusion Students: In the box below, please explain the purpose of doing this lab below and explain how in is relevant to Digital Forensics Technology and Practices. Highlight any new learning that occurred while doing this lab. Hint: Discuss tools and commands used in the lab. Conclusion Computer Forensics is an extensive field with much to offer. Every lab exercise has proven to be fascinating, showcasing the variety of tools available for monitoring our systems and keeping security threats at bay. My initial experience with Linux was challenging due to the necessity of typing commands accurately in the MATE terminal, where small mistakes can lead to errors. However, exploring the Windows binaries has been illuminating; the multitude of directories and the unique role each program plays is impressive. For instance, I was unfamiliar with the "nc.exe" command, also known as Netcat, which I learned is a versatile tool used for network diagnostics and could also be misused for unauthorized access (V, 2023). The shared knowledge from other students in our Week 8 discussion has been invaluable, enhancing my understanding of these programs. This collective insight is an asset to Digital Forensics Technology and Practices, aiding us in the fight against cyber threats and protecting our systems. APA References Buckbee, M. (2022, June 9). How to Use Netcat Commands: Examples and Cheat Sheets. Varonis . https://www.varonis.com/blog/netcat-commands 13
Dancuk, M. (2022, November 28). nc Command (Netcat) with Examples . Knowledge Base by phoenixNAP. https://phoenixnap.com/kb/nc-command Kamathe, G. (2020, April 30). 10 ways to analyze binary files on Linux . Opensource.com. https://opensource.com/article/20/4/linux-binary-analysis Linuxize. (2020, December 10). Whoami Command in linux . https://linuxize.com/post/whoami-command-in- linux/ V, G. (2023, September 27). What Is Nc.exe? Is It A Virus Or Malware? Uninstall? HowToDoNinja . https://howtodoninja.com/files/exe/nc-exe/safe-virus-malware-uninstall-fix-nc-exe/ Zivanov, S. (2023, June 12). Whoami Linux Command With Examples and Alternatives . Knowledge Base by phoenixNAP. https://phoenixnap.com/kb/whoami-linux 14