LAB REPORT INFORMATION SECURITY

LABORATORY
MANUAL
Computer Science Department

Information Security
Submitted by

Idress Ibrahim (64165)

Syed Abdullah (63168)
[Link] (68934)
Zia-ul-llah (65603)

Course Instructor

Ms. Attiya Shoaib

Assistant professor, Department of Computer Science,
Faculty of Information & Communication Technology,
BUITEMS, Quetta.

Session Fall – 2024

BALUCHISTAN UNIVERSITY OF INFORMATION TECHNOLOGY,

ENGINEERING AND MANAGEMENT SCIENCES, QUETTA.
 LAB REPORT INFORMATION SECURITY

Overview:

A botnet is a network of compromised devices (bots) controlled by an attacker (botmaster) to

execute coordinated malicious activities. These networks can launch large-scale Distributed
Denial of Service (DDoS) attacks, steal data, send spam, or spread malware. Botnets typically
exploit vulnerabilities such as weak passwords, unpatched systems, insecure configurations, and
unmonitored devices. Understanding botnet behavior and implementing security measures is
critical for mitigating their impact.

Types of Botnet Attacks:

1. Distributed Denial of Service (DDoS):

Botnets overwhelm a target system or network with excessive traffic, causing service
outages.

2. Spam and Phishing:

Bots are used to send mass spam emails or phishing attempts to steal sensitive
information.

3. Credential Stuffing:
Attackers use stolen credentials to attempt unauthorized access to user accounts across
multiple platforms.

4. Data Theft:
Botnets infiltrate systems to steal sensitive data, including personal, financial, and
corporate information.

5. Click Fraud:
Bots simulate human behavior to click on ads, defrauding advertisers by generating false
revenue.

Techniques of Botnet Attacks:

1. Distributed Denial of Service (DDoS):

o Description:
A botnet is used to flood a target system or network with excessive traffic, causing
it to crash or become unavailable.

BALUCHISTAN UNIVERSITY OF INFORMATION TECHNOLOGY,

ENGINEERING AND MANAGEMENT SCIENCES, QUETTA.
LAB REPORT INFORMATION SECURITY

o Common Targets:
Websites, servers, and online services.

o Impact:
Disrupts business operations, damages reputation, and can cause financial losses.

2. Spam and Phishing:

o Description:
Botnets send mass spam emails or phishing messages to deceive recipients into
revealing sensitive information or downloading malware.

o How It Works:
Bots use email accounts or social media platforms to spread malicious links or
attachments.

o Example:
A botnet sends millions of emails pretending to be from a bank, directing users to
fake login pages to steal credentials.

3. Data Exfiltration:

o Description:
Bots infiltrate systems to steal sensitive information such as personal data, intellectual property, or
financial records.

o How It Works:
Data is collected and transmitted to the botmaster without the victim's knowledge.

o Impact:
Compromises privacy and leads to potential legal and financial repercussions.

4. Credential Stuffing:

o Description:
Botnets use stolen username-password combinations from previous breaches to
attempt unauthorized access to other accounts.

o Why It Works:
Many users reuse the same credentials across multiple platforms.

BALUCHISTAN UNIVERSITY OF INFORMATION TECHNOLOGY,

ENGINEERING AND MANAGEMENT SCIENCES, QUETTA.
 LAB REPORT INFORMATION SECURITY
o Example:
A botnet tests leaked credentials from a retail website on social media or banking
platforms.

Connection Between These Methods:

These botnet attack techniques are versatile and often combined to maximize the impact of
malicious activities. For instance, a botnet might simultaneously send phishing emails (spam)
while launching a DDoS attack to divert attention from a data exfiltration operation.

Botnet Attack Tools

Botnet attacks rely on various tools and frameworks that allow attackers to create, manage, and
deploy botnets effectively. These tools facilitate compromising devices, controlling infected
systems, and executing coordinated malicious activities. Commonly used botnet tools include
Mirai, Ufonet, and Botnets-as-a-Service platforms. These tools enable attackers to carry out large-
scale Distributed Denial of Service (DDoS) attacks, steal data, and conduct other malicious
activities across a wide range of targets.
Demonstration of a Botnet Attack Through Ufonet
Ufonet is a tool used for launching Distributed Denial of Service (DDoS) attacks, leveraging a
network of compromised devices, also known as a botnet. In this demonstration, we will show
how Ufonet can be used to initiate a DDoS attack against a target, simulating a botnet attack.

Steps to Demonstrate a Botnet Attack Using Ufonet:

1. Install Ufonet
First, ensure that you have Ufonet installed on your system. You can download it
use git to clone it by command
git clone [Link]

BALUCHISTAN UNIVERSITY OF INFORMATION TECHNOLOGY,

ENGINEERING AND MANAGEMENT SCIENCES, QUETTA.
 LAB REPORT INFORMATION SECURITY

2. Open Ufonet
After installation, navigate to the directory where Ufonet is installed.
Run the command ./ufonet --gui to start the Ufonet application. This will launch
the user interface in your terminal.

3. Start mothership and enter botnet Tab

After entering the Gui then enter the mothership by clicking in the mothership then click on the
botnet tab for the further steps.

BALUCHISTAN UNIVERSITY OF INFORMATION TECHNOLOGY,

ENGINEERING AND MANAGEMENT SCIENCES, QUETTA.
LAB REPORT INFORMATION SECURITY

4. Download Bots for the Attack from Blackhole Server

Once Ufonet is running, Firstly go to the botnet tab then,you will be prompted to select a the
black hole server for downloading the bots for your DDoS attack. The download can be from a
given server or from your dedicated server.

BALUCHISTAN UNIVERSITY OF INFORMATION TECHNOLOGY,

ENGINEERING AND MANAGEMENT SCIENCES, QUETTA.
 LAB REPORT INFORMATION SECURITY

5. Select the Target:

Ufonet will present you with a list of available options. To launch a DDoS attack, you need to
specify the target URL (the website you intend to test) ,for this firstly enter the Attack tab
then give the url for the attack,we give the number of rounds for the DDos and we can also
generate it on the map and select dork(php file of webserver).

6. Launch the Attack

After Launching the attack then we will start getting the number of bytes that increase to load
the webserver as the bots are continuously attacking the websites and it shows the byte Ratio.

7. Stop the Attack

To stop the botnet attack, simply press CTRL+C in the terminal. The attack will stop, and the
system will return to the command prompt.
Preventions
Preventing botnet attacks involves a combination of good cybersecurity practices and tools. Here
are some effective strategies:

BALUCHISTAN UNIVERSITY OF INFORMATION TECHNOLOGY,

ENGINEERING AND MANAGEMENT SCIENCES, QUETTA.
 LAB REPORT INFORMATION SECURITY
1. Install Cybersecurity Solutions: Use firewalls, intrusion detection
systems (IDS), and antivirus software to protect your network.
2. Monitor Network Traffic: Keep an eye on network traffic for any suspicious activity or
unexpected surges in requests.

3. Use DDoS Protection Tools: Implement DNS filtering and other DDoS protection tools
to block malicious traffic.
4. Keep Software Updated: Regularly update all software, including operating systems and
applications, to patch vulnerabilities.
5. Strong Passwords: Use hard-to-crack passwords and change them regularly.
6. Employee Awareness Training: Educate employees about the risks of phishing attacks
and the importance of not clicking on suspicious links.
7. Secure Devices: Ensure that all devices entering the network have strong security settings.

Rubrics:
Student is Student can Student has Student has Student
unable to understand followed constructed perfectly
follow the the provided instructions the implemented
provided laboratory to construct functional/ a working
instructions instructions the working model/ logic/
properly. and familiar fundamental schematic/ circuit/ block
The student with the lab schematic/ model/ block diagram/ code
can name the environment block diagram/ and
hardware or (Trainer/ diagram/ code, and successfully
Demonstration Absent
simulation software/ code/ model have executed the
platform, but IDE), but on the successfully lab objective
unable to cannot protoboard/ executed the in Realtime or
implement implement trainer/ program/ in a
anything on the simulation run circuit simulation
practically or platform software. on software environment
on the practically platform and produced
software or on the the desired
software results
Category Ungraded Very Poor Poor Fair Good Excellent
Percentage [0] [1-20] [21-40] [41-60] [61-80] [81-100]
Marks 0.0 0.01 - 0.20 0.21 - 0.40 0.41 - 0.60 0.61 - 0.80 0.81 - 1.0
Date Total Marks Instructor’s Signature

BALUCHISTAN UNIVERSITY OF INFORMATION TECHNOLOGY,

ENGINEERING AND MANAGEMENT SCIENCES, QUETTA.
LAB REPORT INFORMATION SECURITY

Correctly
drawn
Plagiarized Requirements Observations Appropriate
conclusion
content are listed and are recorded computations
Laboratory Report not with
presented or experimental along with or numerical
Reports submitted exact results
incomplete procedure is detailed analysis is
and complete
submission presented procedure performed
report in all
respects
Category Ungraded Very Poor Poor Fair Good Excellent
Percentage [0] [1-20] [21-40] [41-60] [61-80] [81-100]
Marks 0.0 0.01 - 0.20 0.21 - 0.40 0.41 - 0.60 0.61 - 0.80 0.81 - 1.0
Date Total Marks Instructor’s Signature

BALUCHISTAN UNIVERSITY OF INFORMATION TECHNOLOGY,

ENGINEERING AND MANAGEMENT SCIENCES, QUETTA.