Eksploitasi Kerentanan dan Remote Access pada Windows 10
DOI:
https://doi.org/10.61132/neptunus.v3i2.753Keywords:
Exploits, Remote Access, VulnerabilitiesAbstract
Exploitation is an activity carried out to gain benefits by harming others arbitrarily without responsibility. Exploitation is a threat in the field of Cyber Security that not only poses risks but also jeopardizes an individual's security and privacy. According to data from the Institute of Internal Auditors, financial losses due to cybercrime exploitation worldwide reached 8 trillion US dollars in 2023. In Cyber Security, one exploitation technique involves using Remote Access methods to take over access rights and enable remote system control. Based on this issue, the author conducts research on Remote Access using three different target models based on the Windows operating system. These three targets will demonstrate how vulnerabilities in an operating system can be exploited to gain Remote Access. The method for testing Remote Access involves identifying the vulnerabilities available in the target system. The study employs three techniques: exploiting the ms17-010 vulnerability, utilizing the SmbGhost vulnerability, and using a backdoor. The results show that all three approaches successfully penetrated the target system and made modifications.
References
Andhika, D. A. (2021). TA: Pengujian penetrasi pada Windows 10 menggunakan model Penetration Testing Execution Standard (PTES) (PhD thesis). Universitas Dinamika.
Arifin, A. K. (2020). Analisis aktivitas dan pola serangan EternalBlue dan WannaCry ransomware yang beraksi pada jaringan. Jurnal Teknik Informatika dan Desain Komunikasi Visual Universitas Telkom, 2(2), 1–10.
Bishop, M. (2018). Computer security: Art and science. Addison-Wesley Professional.
Bustami, A., & Bahri, S. (2020). Ancaman, serangan dan tindakan perlindungan pada keamanan jaringan atau sistem informasi: Systematic review. Jurnal Pendidikan dan Aplikasi Industri (UNISTEK), 7(2), 12–25.
Fikri, M. N., Zen, B. P., Adhitama, R., & Firdaus, E. A. (2023). Analisis keamanan sistem informasi website SMA Negeri 1 Sokaraja menggunakan metode Penetration Testing Execution Standard (PTES). Jurnal Informatika, 2(2), 19–27.
Hafizh, M. N., & Rasal, I. (2025). Implementasi pengujian kerentanan Windows 10 menggunakan EternalBlue dan phishing. Jurnal Penelitian Teknologi Informasi dan Sains, 3(1), 82–91. https://jurnal.tibsemarang.ac.id/index.php/JPTIS
Kennedy, D., O’Gorman, J., Kearns, D., & Aharoni, M. (2011). Metasploit: The penetration tester’s guide. No Starch Press.
Kumar, K. S., & Kumar, S. S. (2019). Impact of SMB MS17-010 vulnerability on enterprise network infrastructure. International Journal of Network Security, 21(3), 456–465.
Kumar, R., & Kumar, S. (2019). The stages of penetration testing: An overview. Journal of Cyber Security Technology, 3(2), 91–104.
Mursalim. (2023). Analisis ancaman phishing backdoor remote access trojan (BRAT). Jurnal Teknik Informatika dan Desain Komunikasi Visual Universitas Selamat Sri, 2(2), 1–10.
Perrin, G. (2020). Penetration testing: A hands-on introduction to hacking. No Starch Press.
Rapid7. (2024). 2024 attack intelligence report: Insights from four years of vulnerability and exploit data (Technical Report). Rapid7 Labs.
Stallings, W. (2018). Computer organization and architecture. Pearson.
Tanenbaum, A. S., & Bos, H. (2015). Modern operating systems. Pearson.
Wang, L., & Zhang, Y. (2021). Forensic analysis of WannaCry ransomware exploiting SMB MS17-010 vulnerability. Digital Investigation, 28, S45–S53.
Widharma, I. G. S. (2020). Pengamanan sistem jaringan komputer dengan teknologi firewall. ResearchGate. https://www.researchgate.net/
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Neptunus: Jurnal Ilmu Komputer Dan Teknologi Informasi
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
