logo

This vulnerability allows the attackers

Simulate a MITM attack (ARP Poisoning) using Kali Linux and another VM. Include a detailed description complete with screenshots of how you achieved the task. A working presentation of your solution is also required.

21 Pages1135 Words15 Views
   

Added on  2022-08-24

This vulnerability allows the attackers

Simulate a MITM attack (ARP Poisoning) using Kali Linux and another VM. Include a detailed description complete with screenshots of how you achieved the task. A working presentation of your solution is also required.

   Added on 2022-08-24

ShareRelated Documents
Running head: COMPUTER SECURITY
Computer security
Name of the Student
Name of the University
Authors note
This vulnerability allows the attackers_1
COMPUTER SECURITY
1
Introduction
For this project a Windows 7 and Kali Linux system is used. The EternalBlue exploit is
used to exploit the windows 7 machine from the Kali linux using the samba server vulnerability
in order to ARP poison the Windows 7 system. This vulnerability allows the attackers to
remotely run arbitrary malicious code on the system in order to gain access to the system or a
network through the use of the specially crafted data packets. The exploit allows the attackers to
compromise and intrude inside an entire network as well as all the devices connected to the
network. Furthermore, if any device is infected by this malware using EternalBlue, each device
inside it becomes at risk. Due to this reason the recovery from this ind of attacks is considered
as difficult. The main reason behind this can be stated as all the devices inside the compromised
network needs to be taken offline for recovering and protecting the data inside it.
Experiment and analysis of attack
Used tool for the exploit
For attacking the windows 7 victim machine, the Metasploit framework in the Kali
Linux OS is used. Using this tool, the EternalBlue exploit is used for exploiting the windows
operating system is exploited. This vulnerability is apparently stolen from NSA (National
Security Agency) in the year 2016. At the later time this vulnerability is leaked on internet in
the year 2017 by the Shadow Brokers groups. The Eternalblue exploits vulnerability in the
Server Message Block (SMB) protocol by the Microsoft’s that mainly uses the port 445.
This Eternal blue and the related exploitation family are capable of exploiting the serious
vulnerabilities in the Microsoft SMBv1 server on the victim machine. This can be done on the
wide variety of systems such as Windows XP, Windows Server 2008, Windows 10 running on
port 445 as well as Windows 7.
The exploits have high impact on the Confidentiality of the victim machine. Through
the use of this tool the attacker can disclose complete information stored in the system by
revealing all the system files. Similarly in case of the Integrity of the system after the attack is
completely in the hands of the attacker as the attacker gets the access by breaking the system
protection, that results in the entirely compromised system by the attacker.
This vulnerability allows the attackers_2
COMPUTER SECURITY
2
Availability Impact on the victim machine is also very high as total shutdown can be
achieved by the attacker over the affected victim. In this way the attacker can make the victim
operating system unavailable to the intended user.
Contextually it can stated that the malwares that uses the EternalBlue exploit is capable
of self-propagation inside a network which can help in the drastic increase in the adverse impact
on the workstations or servers residing inside the network. One of the recent examples is the
WannaCry which is a crypto-ransomware. This malware is the first malware that had a drastic
impact throughout the world. WannaCry used the exploit in order to spread across inside a
network while infecting all the available devices and dropping cryptro-ransomware payload on
the connected devices.
This exploit is mainly successful due to the poor security practices of the users as well as
lack of patching of the used operating system by them. This are the reasons due to which
malicious use of Eternal Blue exploit is increasing by leaps and bounds after it was leaked
online in the year 2017.
Following is the attack simulation using two virtual machines by using the exploit.
Setting up the windows 7 victim machine
This vulnerability allows the attackers_3
COMPUTER SECURITY
3
IP address of the Victim machine
This vulnerability allows the attackers_4
COMPUTER SECURITY
4
Setting up the kali virtual machine
This vulnerability allows the attackers_5
COMPUTER SECURITY
5
Checking if both virtual machines are connected
This vulnerability allows the attackers_6

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Conducting Vulnerability on Windows XP-SP2 System using Nessus and Metasploit
|42
|2354
|77

CVE-2017-0144 Vulnerability and EternalBlue Exploit: Risk Assessment and Preventative Measures
|10
|1104
|258

EternalBlue Exploit: Demonstration and Risk Assessment
|15
|2257
|268

Network Vulnerability And Cyber Security
|15
|1453
|15

Analysis of Security Vulnerability of WidgetsInc Virtual Machine Image
|23
|3636
|97

Kali Linux Exploit using Metasploit for Windows OS
|4
|820
|500