Testing Metasploit Exploit Module for BlueKeep (CVE-2019-0708)

About a week ago Rapid7 announced on their blog (Initial Metasploit Exploit Module for BlueKeep (CVE-2019-0708)), they are releasing an initial exploit module for CVE-2019-0708. The current module is targeting x64 win7 and win2008 R2.

msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > show targets

Exploit targets:

   Id  Name
   --  ----
   0   Automatic targeting via fingerprinting
   1   Windows 7 SP1 / 2008 R2 (6.1.7601 x64)
   2   Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - Virtualbox)
   3   Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - VMWare)
   4   Windows 7 SP1 / 2008 R2 (6.1.7601 x64 - Hyper-V)

I had setup a windows 7 pro version testing machine on my virtual box. Please refer to the following :

It works ! nice 🙂

Install and use GlobalProtect VPN

I was trying to see if i could setup VPN and connect back to office with my ubuntu VM. first I downloaded the GlobalProect VPN clients from our IT support and tried to install the deb package. It gave me an error message.
just want to give it a try and didn’t think much of it.

I didn’t try to fix the problem i have but I just give a try and see if i could from the tool from Ubuntu repo. and yes I could download and install the program from there… saved a lot of time XD

and just simply user the command : “globalproect” to start the client program. then use “connect -p VPNserevrPortalIP -u UserName “
to connect to the server . following is all the commands process.

once it shows message “Connected” then you had successfully VPN to remote site.

chako@moonbay:~/Downloads$ ls
GlobalProtect_deb-4.1.0.0-91.deb manifest
GlobalProtect_rpm-4.1.0.0-91.rpm ‘PanGPLinux-4.1.0-b41 (1).tgz’
GlobalProtect_tar-4.1.0.0-91.tgz relinfo
chako@moonbay:~/Downloads$ sudo dpkg -i GlobalProtect_deb-4.1.0.0-91.deb
[sudo] password for chako:
Selecting previously unselected package globalprotect.
(Reading database … 136231 files and directories currently installed.)
Preparing to unpack GlobalProtect_deb-4.1.0.0-91.deb …
Start installing gp…
Unpacking globalprotect (4.1.0-91) …
Setting up globalprotect (4.1.0-91) …
Enable gp service…
Starting gp service…
Create symlink for gp cli…
Starting gpa…
Processing triggers for man-db (2.8.5-2) …
chako@moonbay:~/Downloads$ sudo apt-get install GlobalProtect_deb-4.1.0.0-91.deb
Reading package lists… Done
Building dependency tree
Reading state information… Done
E: Unable to locate package GlobalProtect_deb-4.1.0.0-91.deb
E: Couldn’t find any package by glob ‘GlobalProtect_deb-4.1.0.0-91.deb’
E: Couldn’t find any package by regex ‘GlobalProtect_deb-4.1.0.0-91.deb’
chako@moonbay:~/Downloads$ ls
GlobalProtect_deb-4.1.0.0-91.deb manifest
GlobalProtect_rpm-4.1.0.0-91.rpm ‘PanGPLinux-4.1.0-b41 (1).tgz’
GlobalProtect_tar-4.1.0.0-91.tgz relinfo
chako@moonbay:~/Downloads$ sudo apt search globalprotect
Sorting… Done
Full Text Search… Done
globalprotect/now 4.1.0-91 all [installed,local]
Linux system information binary package for Palo Alto Networks GlobalProtect client

libopenconnect-dev/disco 8.02-1 amd64
open client for Cisco AnyConnect, Pulse, GlobalProtect VPN – development files

libopenconnect5/disco 8.02-1 amd64
open client for Cisco AnyConnect, Pulse, GlobalProtect VPN – shared library

openconnect/disco 8.02-1 amd64
open client for Cisco AnyConnect, Pulse, GlobalProtect VPN

chako@moonbay:~/Downloads$ sudo apt install globalprotect
Reading package lists… Done
Building dependency tree
Reading state information… Done
globalprotect is already the newest version (4.1.0-91).
0 upgraded, 0 newly installed, 0 to remove and 35 not upgraded.
chako@moonbay:~/Downloads$ which globalprotect
/usr/bin/globalprotect
chako@moonbay:~/Downloads$ globalprotect
>> connect -p vpn.server -u root
Retrieving configuration…
vpn.server – Enter login credentials
username(root):
Password:
Retrieving configuration…
Discovering network…
Connecting…
Connected
>>

chako@moonbay:~$ ifconfig gpd0
gpd0: flags=4305 mtu 1400
inet 10.10.11.12 netmask 255.255.255.255 destination 10.10.12.10
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 5014 bytes 5001671 (5.0 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3758 bytes 361470 (361.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

Enable/Install .Net3.5 on Win10 using cmd

Background:

About two three weeks ago that I get a request to install a software on one of the Win10 computers. The software require computer to run .net 3.5. and the .net 3.5 was pushed to the computer by SCCM, however it keep give me error message. I tried to install it manuly with GUI at first. but It also been blocked by our firewalls. I could not donwoad the reqiure file for .net 3.5 from MS. Therefore , I was trying to see if I could download the .net 3.5 file and install it offline..

How to offline install .NET 3.5 on Win10 computers?

after tried serval different ways inclduing download installation file from MS but still can’t install it due to blocked by firewalls and things. Howevere very lucky that I found I could donwload a CAB file “microsoft-windows-netfx3-ondemand-package.cab” and install from it offline.

Command:

simply copy the CAB file to one of the folder (in my case is C:\Utility\) then run CMD as Admin and run the following commned. It will then install and enable .Net3.5 for you

dism.exe /online /enable-feature /featurename:NetFX3 /source:C:\utility\ /LimitAccess