<![CDATA[Local network security is a vital component in maintaining the integrity and confidentiality of data in information systems. This study aims to identify and evaluate the vulnerability of the Windows 7 operating system through penetration testing using the Metasploit Framework. The method used is an experiment with attack si mulation in a controlled virtual environment. The test target is a Windows 7 system that has not received the MS17-010 security patch and still activates the SMBv1 protocol. The EternalBlue exploit (CVE-2017-0144) is used to exploit the vulnerability. The test results show that the exploitation was successful, marked by the acquisition of Meterpreter shell access to the target system, as well as the ability to retrieve system information and desktop screenshots. These findings confirm that systems that have not been updated are highly vulnerable to remote code execution attacks. This study recommends the application of security patches, disabling SMBv1, and configuring firewalls as crucial mitigation steps. The results of this study are expected to be a reference in the practice of evaluating local network security, especially in infrastructure that still uses old operating systems.]]>
Copyrights © 2025
