Share
## https://sploitus.com/exploit?id=38AA86FD-8221-5B5B-A473-1004C8FF2312
# CVE-2021-20028
Dorks:
SonicWall Exploit CVE-2021-20028
app:"SonicWALL SSL-VPN" +app:"SonicWALL SSL-VPN http proxy" +country:"US" +port:"443"
app:"SonicWALL SSL-VPN" +country:"US" +port:"443"
app:"SonicWALL SSL-VPN" +app:"SonicWALL SSL-VPN http proxy" +port:"443"
app:"Secure Mobile Access"

Install English:
Ubuntu 18.10
# apt install nginx
# apt install apache2-utils
# apt install ssl-cert
# make-ssl-cert generate-default-snakeoil
# apt install python3-pip
# pip3 install requests[socks]

nginx config configuration:

# touch /etc/nginx/sites-available/scanner
# ### see _files/etc/nginx/sites-available/scanner
# ln -sf /etc/nginx/sites-available/scanner /etc/nginx/sites-enabled/

Edit /etc/ssl/openssl.cnf
- add the line "openssl_conf = openssl_init" to the very top
- add the following lines at the very end:

----%<----
[openssl_init]
ssl_conf = ssl_sect

[ssl_sect]
system_default = system_default_sect

[system_default_sect]
CipherString = DEFAULT@SECLEVEL=1
----%<----

Set user to login via nginx:

# htpasswd -c /etc/nginx/.htpasswd user

Restart nginx:

# systemctl enable nginx
# systemctl start nginx

Filling and configuring the scanner application:

# Go to /script/
# ./build.sh
# After there will be a compiled app
# mkdir -p /root/app/
# ### upload app and templates/ to /root/app

Configuring systemd to launch the scanner application:

# touch /etc/systemd/system/app.service
# ### see _files/etc/systemd/system/app.service
#systemctl enable app.service
# systemctl start app.service
# ss -lnt | grep 7777 # check that app is listening on lo:7777

Password for app decryption (can be changed in script/build.sh):

# echo -ne "9968616e676520746869732070617373776f726420746f206120736563726574" >/tmp/.cache-id

# Also install dependencies pip install Crypto

https://satoshidisk.com/pay/CEidDP

-----------------------------------------------------------------------------------------------------------------------------------------------------------
Установка ΠΏΠΎ Русски:
Ubuntu 18.10
# apt install nginx
# apt install apache2-utils
# apt install ssl-cert
# make-ssl-cert generate-default-snakeoil
# apt install python3-pip
# pip3 install requests[socks]

Настройка ΠΊΠΈΠ½Ρ„ΠΈΠ³ΡƒΡ€Π°Ρ†ΠΈΠΈ nginx:

# touch /etc/nginx/sites-available/scanner
# ### см _files/etc/nginx/sites-available/scanner
# ln -sf /etc/nginx/sites-available/scanner /etc/nginx/sites-enabled/

ΠŸΡ€Π°Π²ΠΊΠ° /etc/ssl/openssl.cnf
- Π΄ΠΎΠ±Π°Π²ΠΈΡ‚ΡŒ строку "openssl_conf = openssl_init" Π² самый Π²Π΅Ρ€Ρ…
- Π΄ΠΎΠ±Π°Π²ΠΈΡ‚ΡŒ ΡΠ»Π΅Π΄ΡƒΡŽΡ‰ΠΈΠ΅ строки Π² самый ΠΊΠΎΠ½Π΅Ρ†:

----%<----
[openssl_init]
ssl_conf = ssl_sect

[ssl_sect]
system_default = system_default_sect

[system_default_sect]
CipherString = DEFAULT@SECLEVEL=1
----%<----

Π—Π°Π΄Π°Ρ‚ΡŒ ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»Ρ для Π²Ρ…ΠΎΠ΄Π° Ρ‡Π΅Ρ€Π΅Π· nginx:

# htpasswd -c /etc/nginx/.htpasswd user

Π Π΅ΡΡ‚Π°Ρ€Ρ‚Π°Π½ΡƒΡ‚ΡŒ nginx:

# systemctl enable nginx
# systemctl start nginx

Π—Π°Π»ΠΈΠ²ΠΊΠ° ΠΈ настройка прилоТСния сканСра:

# Π—Π°Ρ…ΠΎΠ΄ΠΈΠΌ Π² /script/
# ./build.sh 
# ПослС Π±ΡƒΠ΄Π΅Ρ‚ скомпилированный app
# mkdir -p /root/app/
# ### Π·Π°Π»ΠΈΡ‚ΡŒ app ΠΈ templates/ Π² /root/app

Настройка systemd Π½Π° запуск прилоТСния сканСра:

# touch /etc/systemd/system/app.service
# ### см _files/etc/systemd/system/app.service
#systemctl enable app.service
# systemctl start app.service
# ss -lnt | grep 7777 # ΠΏΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ°, Ρ‡Ρ‚ΠΎ app ΡΠ»ΡƒΡˆΠ°Π΅Ρ‚ Π½Π° lo:7777

ΠŸΠ°Ρ€ΠΎΠ»ΡŒ для Ρ€Π°ΡΡˆΠΈΡ„Ρ€ΠΎΠ²ΠΊΠΈ app (ΠΌΠΎΠΆΠ½ΠΎ ΡΠΌΠ΅Π½ΠΈΡ‚ΡŒ Π² script/build.sh):

# echo -ne "9968616e676520746869732070617373776f726420746f206120736563726574" >/tmp/.cache-id

# Π’Π°ΠΊ ΠΆΠ΅ устанавливаСм зависимости pip install Crypto

https://satoshidisk.com/pay/CEidDP

----------------------------------------------------------------------------------------------------------------------------------------------------------