CLCY Level 2 Report - Part 2

TASK : NMAP

Nmap is a free and open-source tool for network discovery and security auditing.

• It works by sending packets and analyzing responses to find live hosts, open ports, running - services, and operating systems.
• Security professionals and system administrators use Nmap for vulnerability assessments, network mapping, and firewall testing.

Test Server: scanme.nmap.org
Manual & Help: man nmap, nmap --help

Essential Nmap Commands:

# Basic Scanning
nmap   # Default scan (checks common ports)
nmap -p    # Scan specific ports (e.g., -p 22,80,443 for SSH, HTTP, HTTPS)
nmap -p-   # Scan all 65,535 ports

# Scan Techniques
nmap -sS   # Stealthy SYN scan (fast, less detectable)
nmap -sT   # Full TCP connect scan (easier to detect)

# OS & Service Detection
nmap -O   # Detect OS (requires sudo)
nmap -sV   # Detect service versions

# Output & Logging
nmap -oN output.txt   # Save output in normal text format
nmap -oG output.txt   # Save output in grepable format (for easy parsing)

Nmap Scripting Engine (NSE)

Nmap comes with powerful scripts for automation, vulnerability scanning, and information gathering.

nmap --script=vuln   # Scan for known vulnerabilities
nmap --script=http-title,http-methods   # Get HTTP title & methods
nmap --script=smb-os-discovery   # Detect OS via SMB

Example:

sudo nmap -O -oN scan.txt scanme.nmap.org

This command scans the test server and for OS (It requires root privileges hence "sudo") and sends output to scan.txt file

Results in scan.txt:

TASK : HASHING

Hashing is the process of converting data of variable size into a fixed-size output using mathematical functions called hash functions, such as MD5 and SHA-256. The beauty of hashing is that for the same input, it always produces the same output.

• Why is Hashing Used for Passwords?

If passwords are stored directly in a database, an attacker who gains access can hack anyone's account, making it unsafe. Hashing provides a solution by storing only the hashed version of a password, ensuring that the original password cannot be easily retrieved.

• Is Hashing Reversible?

Hashing is an irreversible process. However, since the same input always produces the same output, attackers have developed "rainbow tables." These tables contain precomputed hashes and their possible corresponding passwords, allowing hackers to guess weak passwords easily.

• What is Salting?

Salt is a random value added to a password before hashing, ensuring unique hashes even for identical passwords.

• What are Salt Rounds?

Salt rounds refer to the number of times the hashing algorithm processes the combined password and salt. This increases computational effort and enhances security against brute-force attacks.

How Hashing Works in Authentication

1. User with username "user" and password "password" is created
   

2. Password is stored as a hash in the database
   

3. Login is successful with the correct password
   

4. Unauthorized access when an incorrect password is entered
   

TASK : CI/CD - INTRO TO JENKINS

Continuous Integration (CI) and Continuous Deployment (CD) automate the building, testing, and deployment of code. CI integrates frequent changes into a shared repository, while CD automates production deployment, improving efficiency and reducing errors.

Jenkins Overview

Jenkins is an open-source automation server that facilitates CI/CD pipelines. It automates tasks like building, testing, and deploying applications, integrating with tools like Git and deployment platforms.

• Jenkins job is a task, like building or testing code. Jobs can be triggered automatically by version control systems like Git. A Jenkins pipeline automates the CI/CD process, using a Jenkinsfile to define stages for tasks like checking out code, building, testing, and deploying.

• Jennkins integrates with Git repositories, triggering pipelines automatically when changes are pushed, streamlining development and reducing manual work.

Implementation:

Here is an example of a Jenkins pipeline script (Jenkinsfile) for a project that involves HTML, CSS, and JavaScript.

Output:

[Pipeline] Start of Pipeline
[Pipeline] node
[Pipeline] {
[Pipeline] Checkout
Cloning the repository...
[Pipeline] git
Commit ID: abc1234
Cloning into 'project-repo'...
[Pipeline] Build
Building the project...
[Pipeline] Test
Running tests...
> npm install
added 50 packages in 5.2s
> npm run lint
Linting JavaScript files...
> npm run test
Running JavaScript tests...
Test passed: all tests are successful
[Pipeline] Deploy
Deploying the project...
+ ./deploy.sh
Deploying project to production server...
[Pipeline] post
[Pipeline] always
Cleaning up...
[Pipeline] success
Pipeline executed successfully!
[Pipeline] End of Pipeline