Biblio
The use of a very wide windows operating system is undeniably also followed by increasing attacks on the operating system. Universal Serial Bus (USB) is one of the mechanisms used by many people with plug and play functionality that is very easy to use, making data transfers fast and easy compared to other hardware. Some research shows that the Windows operating system has weaknesses so that it is often exploited by using various attacks and malware. There are various methods used to exploit the Windows operating system, one of them by using a USB device. By using a USB device, a criminal can plant a backdoor reverse shell to exploit the victim's computer just by connecting the USB device to the victim's computer without being noticed. This research was conducted by planting a reverse shell backdoor through a USB device to exploit the victim's device, especially the webcam and microphone device on the target computer. From 35 experiments that have been carried out, it was found that 83% of spying attacks using USB devices on the Windows operating system were successfully carried out.
Because the Internet makes human lives easier, many devices are connected to the Internet daily. The private data of individuals and large companies, including health-related data, user bank accounts, and military and manufacturing data, are increasingly accessible via the Internet. Because almost all data is now accessible through the Internet, protecting these valuable assets has become a major concern. The goal of cyber security is to protect such assets from unauthorized use. Attackers use automated tools and manual techniques to penetrate systems by exploiting existing vulnerabilities and software bugs. To provide good enough security; attack methodologies, vulnerability concepts and defence strategies should be thoroughly investigated. The main purpose of this study is to show that the patches released for existing vulnerabilities at the operating system (OS) level and in software programs does not completely prevent cyber-attack. Instead, producing specific patches for each company and fixing software bugs by being aware of the software running on each specific system can provide a better result. This study also demonstrates that firewalls, antivirus software, Windows Defender and other prevention techniques are not sufficient to prevent attacks. Instead, this study examines different aspects of penetration testing to determine vulnerable applications and hosts using the Nmap and Metasploit frameworks. For a test case, a virtualized system is used that includes different versions of Windows and Linux OS.