Ethical Hacking: Research into OS vulnerabilities and Vulnerabilities Test Rational
VerifiedAdded on 2023/04/25
|14
|2305
|257
AI Summary
This report discusses vulnerability testing for evaluating security risks in the operating system. It includes research into the top five vulnerabilities in Windows OS, vulnerability test rational, methodology, and detail findings. The report concludes with recommendations for dealing with vulnerabilities in Windows OS.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: ETHICAL HACKING
Ethical Hacking
Name of the Student
Name of the University
Author Note:
Ethical Hacking
Name of the Student
Name of the University
Author Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1ETHICAL HACKING
Table of Contents
Introduction..........................................................................................................................3
Research into OS vulnerabilities.........................................................................................3
Vulnerabilities Test Rational...............................................................................................5
Methodology........................................................................................................................6
Detail Finding......................................................................................................................7
Conclusion.........................................................................................................................10
Recommendation...............................................................................................................10
References..........................................................................................................................12
Table of Contents
Introduction..........................................................................................................................3
Research into OS vulnerabilities.........................................................................................3
Vulnerabilities Test Rational...............................................................................................5
Methodology........................................................................................................................6
Detail Finding......................................................................................................................7
Conclusion.........................................................................................................................10
Recommendation...............................................................................................................10
References..........................................................................................................................12
2ETHICAL HACKING
Introduction
Vulnerability testing also known as Vulnerability Assessment is a kind of software
testing for evaluating any kind of security risk in the operating system. The test is carried out to
reduce any kind of threat in the operating system (Nourian and Madnick 2018). Vulnerability is
any kind of mistake in the procedure of operating system which is in the design and
implementation phase. Any kind of internal control may result in violation of the policy of
system security. There are some possibilities for hackers to easily get unauthorized access
(Waltermire and Harrington 2015). Vulnerability analysis mainly depends on two kinds of
mechanism that is penetration testing and vulnerability assessment.
The coming pages of the report is all about research in OS (Operating System)
vulnerabilities. After that, a list of vulnerability test has been provided along with justification of
conducted test. A list of methods has been discussed how the penetration test is conducted. For
the analyzed vulnerability, a list of parameters has been discussed in details like source, impact,
likelihood, and risk assessment. The last section of the report is all about a list of
recommendation by which the found vulnerabilities can be overcome.
Research into OS vulnerabilities
There are top five vulnerabilities in Windows Operating System like
Win32K evaluation of Privilege Vulnerability
Windows 10 Wi-Fi Sense Contract sharing.
Microsoft Font Driver Vulnerability
Vulnerabilities in Internet Explorer.
Vulnerabilities in Microsoft Edge.
Introduction
Vulnerability testing also known as Vulnerability Assessment is a kind of software
testing for evaluating any kind of security risk in the operating system. The test is carried out to
reduce any kind of threat in the operating system (Nourian and Madnick 2018). Vulnerability is
any kind of mistake in the procedure of operating system which is in the design and
implementation phase. Any kind of internal control may result in violation of the policy of
system security. There are some possibilities for hackers to easily get unauthorized access
(Waltermire and Harrington 2015). Vulnerability analysis mainly depends on two kinds of
mechanism that is penetration testing and vulnerability assessment.
The coming pages of the report is all about research in OS (Operating System)
vulnerabilities. After that, a list of vulnerability test has been provided along with justification of
conducted test. A list of methods has been discussed how the penetration test is conducted. For
the analyzed vulnerability, a list of parameters has been discussed in details like source, impact,
likelihood, and risk assessment. The last section of the report is all about a list of
recommendation by which the found vulnerabilities can be overcome.
Research into OS vulnerabilities
There are top five vulnerabilities in Windows Operating System like
Win32K evaluation of Privilege Vulnerability
Windows 10 Wi-Fi Sense Contract sharing.
Microsoft Font Driver Vulnerability
Vulnerabilities in Internet Explorer.
Vulnerabilities in Microsoft Edge.
3ETHICAL HACKING
Vulnerability in Win32k elevation: It is one of the common flaws in the window 10
component which is known as scrollbar element (DiMase et al. 2015). Through this
vulnerability, hacker can easily gain control on windows machine through any escalation mode.
Microsoft has come up with release patch for overcoming flaw.
Windows 10 Wi-Fi contact sharing: Windows 10 has been designed in such a way that
it will share the Wi-Fi credential to majority of the contacts (Morrison et al. 2015). It will
ultimately make both Wi-Fi and hotspot sharing much easier. So this sharing makes the
vulnerability in the contact without any authorization from user.
Vulnerability in Microsoft Font Driver: Another kind of Manager which is seen in
Windows is that they are unable to handle any kind of OpenType fonts. It will ultimately result
in remote code execution and its vulnerability (Younis, Malaiya and Ray 2016). So, this gives
the hacker a room to easily access to the system and programs that are installed. At present,
Microsoft has come up with patch for this flaw but it cannot be manually downloaded and
installed.
Vulnerability of Internet Explorer: Microsoft browser also aims to share its
vulnerabilities that come up windows 10 (Schwarz et al. 2017). The biggest flaw in this
operating system is that hacker can easily gain access to system by the help of browser. All the
required details of patch are available on security bulletin page.
Vulnerabilities in Microsoft Edge: Microsoft Edge is considered to be an unsecured
browser (Singhal and Ou 2017). There are some available codes of execution and bypass of
security exploit that allows the hacker to easily gain access to the system. The patch is available
under the security bulletin page.
Vulnerability in Win32k elevation: It is one of the common flaws in the window 10
component which is known as scrollbar element (DiMase et al. 2015). Through this
vulnerability, hacker can easily gain control on windows machine through any escalation mode.
Microsoft has come up with release patch for overcoming flaw.
Windows 10 Wi-Fi contact sharing: Windows 10 has been designed in such a way that
it will share the Wi-Fi credential to majority of the contacts (Morrison et al. 2015). It will
ultimately make both Wi-Fi and hotspot sharing much easier. So this sharing makes the
vulnerability in the contact without any authorization from user.
Vulnerability in Microsoft Font Driver: Another kind of Manager which is seen in
Windows is that they are unable to handle any kind of OpenType fonts. It will ultimately result
in remote code execution and its vulnerability (Younis, Malaiya and Ray 2016). So, this gives
the hacker a room to easily access to the system and programs that are installed. At present,
Microsoft has come up with patch for this flaw but it cannot be manually downloaded and
installed.
Vulnerability of Internet Explorer: Microsoft browser also aims to share its
vulnerabilities that come up windows 10 (Schwarz et al. 2017). The biggest flaw in this
operating system is that hacker can easily gain access to system by the help of browser. All the
required details of patch are available on security bulletin page.
Vulnerabilities in Microsoft Edge: Microsoft Edge is considered to be an unsecured
browser (Singhal and Ou 2017). There are some available codes of execution and bypass of
security exploit that allows the hacker to easily gain access to the system. The patch is available
under the security bulletin page.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4ETHICAL HACKING
Vulnerabilities Test Rational
Penetration testing also known as pen-testing is nothing but a roll which is used in test
circles which are used in current scenario. Security comes in into picture due to changes in the
way in which computer system are built (Johnson et al. 2016). It is a way of testing in which
weak areas of software system in terms of security is evaluated. A list of vulnerability test about
the system will be performed like
Metasploit: It is considered to be as the most advanced and popular framework which is
needed for penetration testing (Goel and Mehtre 2015). This works on the principle of code
exploitation which can surpass the given security measures. If it gets an entry into the system,
then it runs a payload on which the operations are performed on target machine. Thus it will
create a proper framework for penetration testing.
Kali Linux: It is known to be open source project which is totally handled by offensive
security. There are some special features of Kali Linux like accessibility, live USB that comes up
with penetration stores, encryption and lastly disk encryption (Gruss, Maurice and Mangard,
2016). It comes up with certain number of tools which has metapackages and tracking of some
penetration tools which is there in Kali Linux.
Nessus: It is also scanner which is found in most of the environments. It needs to be
properly taken care for large number of things. Nessus is considered to be robust vulnerability
tool which is available in the market (Genge and Enăchescu 2016). It is specialized in various
kind of function like sensitive data breach, IP scan and lastly website scanning. The main focus
is to find the weak point in the operating system.
Vulnerabilities Test Rational
Penetration testing also known as pen-testing is nothing but a roll which is used in test
circles which are used in current scenario. Security comes in into picture due to changes in the
way in which computer system are built (Johnson et al. 2016). It is a way of testing in which
weak areas of software system in terms of security is evaluated. A list of vulnerability test about
the system will be performed like
Metasploit: It is considered to be as the most advanced and popular framework which is
needed for penetration testing (Goel and Mehtre 2015). This works on the principle of code
exploitation which can surpass the given security measures. If it gets an entry into the system,
then it runs a payload on which the operations are performed on target machine. Thus it will
create a proper framework for penetration testing.
Kali Linux: It is known to be open source project which is totally handled by offensive
security. There are some special features of Kali Linux like accessibility, live USB that comes up
with penetration stores, encryption and lastly disk encryption (Gruss, Maurice and Mangard,
2016). It comes up with certain number of tools which has metapackages and tracking of some
penetration tools which is there in Kali Linux.
Nessus: It is also scanner which is found in most of the environments. It needs to be
properly taken care for large number of things. Nessus is considered to be robust vulnerability
tool which is available in the market (Genge and Enăchescu 2016). It is specialized in various
kind of function like sensitive data breach, IP scan and lastly website scanning. The main focus
is to find the weak point in the operating system.
5ETHICAL HACKING
Methodology
Penetration testing is known to be an area of weakness of operating system in terms of
security is put underdetermination (Keliris et al. 2016). There are four steps of performing the
penetration test like
Step 1: In the beginning step a list of vulnerabilities and issues are analyzed which can
result in security breach of the system.
Step 2: After that, a list of items is ranked properly in the given order which is as per
priority.
Step 3: By the help of devise penetration test, the system can be attacked from both the
sides that are within and outside the network. It is mainly done so that user can get access to data
which is unauthorized.
Step 4: If there are any chances of unauthorized access then the given system needs to be
corrected by the help of series of steps. It need to be re-run until and unless the issues in that
particular area are fixed.
Methodology
Penetration testing is known to be an area of weakness of operating system in terms of
security is put underdetermination (Keliris et al. 2016). There are four steps of performing the
penetration test like
Step 1: In the beginning step a list of vulnerabilities and issues are analyzed which can
result in security breach of the system.
Step 2: After that, a list of items is ranked properly in the given order which is as per
priority.
Step 3: By the help of devise penetration test, the system can be attacked from both the
sides that are within and outside the network. It is mainly done so that user can get access to data
which is unauthorized.
Step 4: If there are any chances of unauthorized access then the given system needs to be
corrected by the help of series of steps. It need to be re-run until and unless the issues in that
particular area are fixed.
6ETHICAL HACKING
Fig 1: Screenshot of Penetration Testing
(Source : Created By Author )
Fig 2: Screenshot of Penetration Testing
(Source : Created by Author )
Fig 1: Screenshot of Penetration Testing
(Source : Created By Author )
Fig 2: Screenshot of Penetration Testing
(Source : Created by Author )
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7ETHICAL HACKING
Detail Finding
Source of
Vulnerability
Impact of
Vulnerability
Likelihood of
Vulnerabilit
y
Overall Risk
Assessment
Vulnerability in
Win32k
elevation
The main
source of
vulnerability is
windows 10
GUI component
which is also
known as
scrollbar
element
(Nourian and
Madnick 2018).
If the given
vulnerability is
exploited, then
the hacker can
gain control
over the
windows
machine
High Through this
vulnerability, hackers
can gain full control of
the machine through
privilege escalation
(Morrison et al. 2015).
Windows 10
Wi-Fi contact
sharing
Windows by
default of
mechanism
have been
designed in
If the
vulnerability is
exploited, then
the hacker can
snoop into Wi-
Medium Through this
vulnerability hacker
can snoop into Wi-Fi
network without any
Detail Finding
Source of
Vulnerability
Impact of
Vulnerability
Likelihood of
Vulnerabilit
y
Overall Risk
Assessment
Vulnerability in
Win32k
elevation
The main
source of
vulnerability is
windows 10
GUI component
which is also
known as
scrollbar
element
(Nourian and
Madnick 2018).
If the given
vulnerability is
exploited, then
the hacker can
gain control
over the
windows
machine
High Through this
vulnerability, hackers
can gain full control of
the machine through
privilege escalation
(Morrison et al. 2015).
Windows 10
Wi-Fi contact
sharing
Windows by
default of
mechanism
have been
designed in
If the
vulnerability is
exploited, then
the hacker can
snoop into Wi-
Medium Through this
vulnerability hacker
can snoop into Wi-Fi
network without any
8ETHICAL HACKING
such a way that
it can make
sharing of
hotspot in much
easy way. The
main cause of
vulnerability is
due to sharing
of Wi-Fi.
Fi without any
kind of
authorization.
kind of authorization.
Vulnerability in
Microsoft Font
Driver
The main cause
of vulnerability
is due to open
type fonts
which is due to
open type
manager.
If this particular
vulnerability
comes into
action, then
hacker easily
gain access to
system and
install
programs
(Waltermire
and Harrington
2015). Apart
from this, the
Medium Due to vulnerability,
hacker can easily gain
access to system and
install programs.
such a way that
it can make
sharing of
hotspot in much
easy way. The
main cause of
vulnerability is
due to sharing
of Wi-Fi.
Fi without any
kind of
authorization.
kind of authorization.
Vulnerability in
Microsoft Font
Driver
The main cause
of vulnerability
is due to open
type fonts
which is due to
open type
manager.
If this particular
vulnerability
comes into
action, then
hacker easily
gain access to
system and
install
programs
(Waltermire
and Harrington
2015). Apart
from this, the
Medium Due to vulnerability,
hacker can easily gain
access to system and
install programs.
9ETHICAL HACKING
hacker can
view and make
changes in the
data.
Vulnerability of
Internet
Explorer
The main cause
of this
particular
vulnerability is
Microsoft
browser. It also
aims to share
the
vulnerabilities
that come from
windows 10.
If the
vulnerability
takes place,
then the hacker
can gain access
to the system
by the help of
browser
(DiMase et al.
2015).
High By the help of this
vulnerability, system
can gain access to
system by the help of
browser.
Vulnerabilities
in Microsoft
Edge
The main cause
of this
vulnerability is
due to this
unsecured
Microsoft edge
If this particular
vulnerability
takes place,
then the hacker
can gain full
access over the
Low As a result of this
vulnerability, hacker
can gain easily control
over the whole
system.
hacker can
view and make
changes in the
data.
Vulnerability of
Internet
Explorer
The main cause
of this
particular
vulnerability is
Microsoft
browser. It also
aims to share
the
vulnerabilities
that come from
windows 10.
If the
vulnerability
takes place,
then the hacker
can gain access
to the system
by the help of
browser
(DiMase et al.
2015).
High By the help of this
vulnerability, system
can gain access to
system by the help of
browser.
Vulnerabilities
in Microsoft
Edge
The main cause
of this
vulnerability is
due to this
unsecured
Microsoft edge
If this particular
vulnerability
takes place,
then the hacker
can gain full
access over the
Low As a result of this
vulnerability, hacker
can gain easily control
over the whole
system.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10ETHICAL HACKING
browser. system.
Conclusion
The fact can be concluded that this report is all about vulnerability test which is
conducted on Operating System (Windows) on a given virtual machine. Operating System is the
environment where various kind of application run. Any kind of vulnerability in the operating
system can result in security issues of the application. By providing security to the operating
system, the overall environment can become stable and can gain control access on available
resources. The physical security of the system is considered to be an important factor. Threats
mainly come into action due to physical terminals. If the hackers are successful in gaining
physical access to server, then they can break into the system in much easy way.
Recommendation
There are large number of ways for dealing and removing vulnerabilities in Windows
Operating System like
System Patches
User needs to run latest and most recommended patches in the OS (operating
system). The patches may be core OS patches or even patches which are found
due to additional application.
Regular schedule maintenance is seen due to security patches.
browser. system.
Conclusion
The fact can be concluded that this report is all about vulnerability test which is
conducted on Operating System (Windows) on a given virtual machine. Operating System is the
environment where various kind of application run. Any kind of vulnerability in the operating
system can result in security issues of the application. By providing security to the operating
system, the overall environment can become stable and can gain control access on available
resources. The physical security of the system is considered to be an important factor. Threats
mainly come into action due to physical terminals. If the hackers are successful in gaining
physical access to server, then they can break into the system in much easy way.
Recommendation
There are large number of ways for dealing and removing vulnerabilities in Windows
Operating System like
System Patches
User needs to run latest and most recommended patches in the OS (operating
system). The patches may be core OS patches or even patches which are found
due to additional application.
Regular schedule maintenance is seen due to security patches.
11ETHICAL HACKING
System Integrity
User needs to create production system which is from known and repeatable
method. It is mainly needed for ensuring the overall integrity.
User should make use of third-party auditing software which helps in checking
the overall system integrity.
System Integrity
User needs to create production system which is from known and repeatable
method. It is mainly needed for ensuring the overall integrity.
User should make use of third-party auditing software which helps in checking
the overall system integrity.
12ETHICAL HACKING
References
DiMase, D., Collier, Z.A., Heffner, K. and Linkov, I., 2015. Systems engineering framework for
cyber physical security and resilience. Environment Systems and Decisions, 35(2), pp.291-300.
Genge, B. and Enăchescu, C., 2016. ShoVAT: Shodan‐based vulnerability assessment tool for
Internet‐facing services. Security and communication networks, 9(15), pp.2696-2714.
Goel, J.N. and Mehtre, B.M., 2015. Vulnerability assessment & penetration testing as a cyber
defence technology. Procedia Computer Science, 57, pp.710-715.
Gruss, D., Maurice, C. and Mangard, S., 2016, July. Rowhammer. js: A remote software-induced
fault attack in javascript. In International Conference on Detection of Intrusions and Malware,
and Vulnerability Assessment (pp. 300-321). Springer, Cham.
Johnson, P., Gorton, D., Lagerström, R. and Ekstedt, M., 2016. Time between vulnerability
disclosures: A measure of software product vulnerability. Computers & Security, 62, pp.278-295.
Keliris, A., Salehghaffari, H., Cairl, B., Krishnamurthy, P., Maniatakos, M. and Khorrami, F.,
2016, November. Machine learning-based defense against process-aware attacks on industrial
control systems. In 2016 IEEE International Test Conference (ITC) (pp. 1-10). IEEE.
Morrison, P., Herzig, K., Murphy, B. and Williams, L., 2015, April. Challenges with applying
vulnerability prediction models. In Proceedings of the 2015 Symposium and Bootcamp on the
Science of Security (p. 4). ACM.
References
DiMase, D., Collier, Z.A., Heffner, K. and Linkov, I., 2015. Systems engineering framework for
cyber physical security and resilience. Environment Systems and Decisions, 35(2), pp.291-300.
Genge, B. and Enăchescu, C., 2016. ShoVAT: Shodan‐based vulnerability assessment tool for
Internet‐facing services. Security and communication networks, 9(15), pp.2696-2714.
Goel, J.N. and Mehtre, B.M., 2015. Vulnerability assessment & penetration testing as a cyber
defence technology. Procedia Computer Science, 57, pp.710-715.
Gruss, D., Maurice, C. and Mangard, S., 2016, July. Rowhammer. js: A remote software-induced
fault attack in javascript. In International Conference on Detection of Intrusions and Malware,
and Vulnerability Assessment (pp. 300-321). Springer, Cham.
Johnson, P., Gorton, D., Lagerström, R. and Ekstedt, M., 2016. Time between vulnerability
disclosures: A measure of software product vulnerability. Computers & Security, 62, pp.278-295.
Keliris, A., Salehghaffari, H., Cairl, B., Krishnamurthy, P., Maniatakos, M. and Khorrami, F.,
2016, November. Machine learning-based defense against process-aware attacks on industrial
control systems. In 2016 IEEE International Test Conference (ITC) (pp. 1-10). IEEE.
Morrison, P., Herzig, K., Murphy, B. and Williams, L., 2015, April. Challenges with applying
vulnerability prediction models. In Proceedings of the 2015 Symposium and Bootcamp on the
Science of Security (p. 4). ACM.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
13ETHICAL HACKING
Nourian, A. and Madnick, S., 2018. A systems theoretic approach to the security threats in cyber
physical systems applied to stuxnet. IEEE Transactions on Dependable and Secure
Computing, 15(1), pp.2-13.
Schwarz, M., Weiser, S., Gruss, D., Maurice, C. and Mangard, S., 2017, July. Malware guard
extension: Using SGX to conceal cache attacks. In International Conference on Detection of
Intrusions and Malware, and Vulnerability Assessment (pp. 3-24). Springer, Cham.
Singhal, A. and Ou, X., 2017. Security risk analysis of enterprise networks using probabilistic
attack graphs. In Network Security Metrics (pp. 53-73). Springer, Cham.
Waltermire, D. and Harrington, D., 2015. Endpoint Security Posture Assessment: Enterprise Use
Cases (No. RFC 7632).
Younis, A., Malaiya, Y.K. and Ray, I., 2016. Assessing vulnerability exploitability risk using
software properties. Software Quality Journal, 24(1), pp.159-202.
Nourian, A. and Madnick, S., 2018. A systems theoretic approach to the security threats in cyber
physical systems applied to stuxnet. IEEE Transactions on Dependable and Secure
Computing, 15(1), pp.2-13.
Schwarz, M., Weiser, S., Gruss, D., Maurice, C. and Mangard, S., 2017, July. Malware guard
extension: Using SGX to conceal cache attacks. In International Conference on Detection of
Intrusions and Malware, and Vulnerability Assessment (pp. 3-24). Springer, Cham.
Singhal, A. and Ou, X., 2017. Security risk analysis of enterprise networks using probabilistic
attack graphs. In Network Security Metrics (pp. 53-73). Springer, Cham.
Waltermire, D. and Harrington, D., 2015. Endpoint Security Posture Assessment: Enterprise Use
Cases (No. RFC 7632).
Younis, A., Malaiya, Y.K. and Ray, I., 2016. Assessing vulnerability exploitability risk using
software properties. Software Quality Journal, 24(1), pp.159-202.
1 out of 14
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.