Threat Protection & Testing Lab 3 – Running Tenable Nessus Scan Against Windows 7 VM
⦁
Review the CVEs associated with EternalBlue and provide the following information for each CVE
in the detected EternalBlue vulnerability findings.
1.
Attack Vector
: Network-based. Exploited through SMB protocol.
2.
Attack Complexity
: Low to Moderate. Exploiting this vulnerability doesn't require advanced skills but may depend on specific conditions.
3.
Privileges Required
: The attacker typically needs only unauthenticated access to the targeted system.
4.
User Interaction
: None. The vulnerability can be exploited without user interaction.
5.
Scope
: Remote exploitation, potentially affecting a wide range of systems.
6.
Confidentiality
: High. Successful exploitation can lead to unauthorized access and potential data exposure.
7.
Integrity
: High. The vulnerability can allow attackers to execute arbitrary code on the target system.
8.
Availability
: High. Exploitation can lead to a denial of service (DoS) or compromise the availability of the targeted system.
Threat Protection & Testing Lab 4 – Exploit EternalBlue on Windows 7 VM and run Keylogger to capture keystrokes.
