Module 03: Open Source Intelligence (OSINT) Methodology 2

Exercise 2: Network Route Trace Using Path Analyzer Pro

Scenario

Gaining access to an organization's network allows a penetration tester to thoroughly learn about the organization's network environment for possible vulnerabilities. Taking all the information gathered into account, penetration testers study the systems to find the best routes of attack. The same tasks can be performed by an attacker and the results possibly will prove to be very fatal for an organization. In such cases, as a penetration tester, one you should be competent to trace network route, determine network path, and troubleshoot network issues. Here you will be guided to trace the network route using the tool Path Analyzer Pro.

Lab Objectives

The objective of this lab is to help students research email addresses, network paths, and IP addresses. This lab helps to determine what ISP, router, or servers are responsible for a network problem.

Lab Duration: 15 Minutes

1. Click Windows Server 2012 (External Network). Click Ctrl+Alt+Delete.
   

   If you are already logged in to the Windows Server 2012 Subnet A machine, skip to the Step no. 3 of this lab.

   
2. In the password field click Pa$$w0rd and press Enter
   

   You can use the Type Password option from the Commands menu to enter the password.

   
3. To install Path Analyzer Pro, navigate to E:\ECSAv10 Module 03 Open Source Intelligence (OSINT) Methodology\Path Analyzer Pro, and double-click on PAPro27.msi.
   Follow the steps to install Path Analyzer Pro.
   

   If an Open File - Security Warning pop-up appears, click Run.

   
4. 
   
   1. To launch Path Analyzer Pro, click Windows icon at the lower left corner of the screen.
   2. Start screen appears, type Path Analyzer Pro 2.7.
   3. Click Path Analyzer Pro 2.7 to launch the application.
   
5. Since this is a trial version, Registration Formpop-up appears. Click Evaluate button.
   
6. The main window of Path Analyzer Pro appears as shown in the screenshot.
   
7. Select the ICMP protocol in the Standard Options section from the left pane of the window.
   
8. Under Advanced Probe Details, check the Smartoption in the Length of packet section and leave the rest of the options in this section at their default settings.
   
9. In the Advanced Tracing Details, the options are set by default.
   Ensure that Stop on control messages (ICMP)option in the Advance Tracing Details section is checked.
   
10. To perform the tracerouting, enter the IP address of Web Server Subnet C machine i.e., 172.19.19.11 in the Target field and ensure that Smart option is checked.
    

    If a hostname is entered and Smart destination port selection is enabled, Path Analyzer will try to determine the kind of server processes the hostname you provided, may be running. For example, a server beginning with www would be identified as a web server, and Path Analyzer would set the destination port to 80 automatically. If you do not want Path Analyzer to automatically set the destination port, simple uncheck the Smart checkbox and set the destination port manually or accept the default.

    more...
    
11. By clicking on the duration selector, the Path Analyzer can be configured to perform a One-time Trace, a Timed Trace, or a Continuous Trace. Just as their names suggest, a One-time Trace will perform the trace just once, a Timed Trace will ask to select a duration in Hours:Minutes:Seconds format, and a Continuous Trace will continue forever until it is interrupted by pressing the Stop button.
    In this lab, select Timed Trace from the drop-down menu as shown in the screenshot.
    
12. Now click on Trace. Once the Trace button is clicked, Type time of trace pop-up appears.
    Enter the Type time of trace in the mentioned format as HH: MM: SS. Then click on Acceptbutton.
    

    In this lab, trace time entered is 15seconds.

    
13. While Path Analyzer Pro performs this trace, the Trace button automatically changes to Stop.
    
14. Click the Report tab, to view a linear chart depicting the number of hops between the host machine and the target.
    
15. Click the Synopsis tab, which displays a one-page summary of the trace results.
    
16. Click the Charts tab to view the result of the trace on a chart.
    
17. The Log tab provides the logs recorded in the target machine.
    
18. Click the Stats tab, which features the Vital Statistics of the current trace.
    
19. To export the report, choose the Synopsis tab, and click Export button in menu bar.
    
20. Save Synopsis As window appears, choose a location where you want to save the file (here Desktop), specify a File name(172.19.19.11_Synopsis), and click Save.
    Minimize the Path Analyzer Pro window and navigate to the location where the file has been saved.
    

    In the same way, you can generate reports for other domains.

    
21. Navigate to Desktop and double-click 172.19.19.11_Synopsis.html.
    
22. The Synopsis, report for the Web Server Subnet C machine appears, in the default web browser as shown in the screenshot.
    
23. Close the browser and all the opened windows

In this lab, you have learned how to trace network paths and IP addresses. This lab helped to determine what ISP, router, or servers are responsible for a network problem