Share
## https://sploitus.com/exploit?id=38AA86FD-8221-5B5B-A473-1004C8FF2312
# CVE-2021-20028
Dorks:
SonicWall Exploit CVE-2021-20028
app:"SonicWALL SSL-VPN" +app:"SonicWALL SSL-VPN http proxy" +country:"US" +port:"443"
app:"SonicWALL SSL-VPN" +country:"US" +port:"443"
app:"SonicWALL SSL-VPN" +app:"SonicWALL SSL-VPN http proxy" +port:"443"
app:"Secure Mobile Access"
Install English:
Ubuntu 18.10
# apt install nginx
# apt install apache2-utils
# apt install ssl-cert
# make-ssl-cert generate-default-snakeoil
# apt install python3-pip
# pip3 install requests[socks]
nginx config configuration:
# touch /etc/nginx/sites-available/scanner
# ### see _files/etc/nginx/sites-available/scanner
# ln -sf /etc/nginx/sites-available/scanner /etc/nginx/sites-enabled/
Edit /etc/ssl/openssl.cnf
- add the line "openssl_conf = openssl_init" to the very top
- add the following lines at the very end:
----%<----
[openssl_init]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
CipherString = DEFAULT@SECLEVEL=1
----%<----
Set user to login via nginx:
# htpasswd -c /etc/nginx/.htpasswd user
Restart nginx:
# systemctl enable nginx
# systemctl start nginx
Filling and configuring the scanner application:
# Go to /script/
# ./build.sh
# After there will be a compiled app
# mkdir -p /root/app/
# ### upload app and templates/ to /root/app
Configuring systemd to launch the scanner application:
# touch /etc/systemd/system/app.service
# ### see _files/etc/systemd/system/app.service
#systemctl enable app.service
# systemctl start app.service
# ss -lnt | grep 7777 # check that app is listening on lo:7777
Password for app decryption (can be changed in script/build.sh):
# echo -ne "9968616e676520746869732070617373776f726420746f206120736563726574" >/tmp/.cache-id
# Also install dependencies pip install Crypto
https://satoshidisk.com/pay/CEidDP
-----------------------------------------------------------------------------------------------------------------------------------------------------------
Π£ΡΡΠ°Π½ΠΎΠ²ΠΊΠ° ΠΏΠΎ Π ΡΡΡΠΊΠΈ:
Ubuntu 18.10
# apt install nginx
# apt install apache2-utils
# apt install ssl-cert
# make-ssl-cert generate-default-snakeoil
# apt install python3-pip
# pip3 install requests[socks]
ΠΠ°ΡΡΡΠΎΠΉΠΊΠ° ΠΊΠΈΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΠΈ nginx:
# touch /etc/nginx/sites-available/scanner
# ### ΡΠΌ _files/etc/nginx/sites-available/scanner
# ln -sf /etc/nginx/sites-available/scanner /etc/nginx/sites-enabled/
ΠΡΠ°Π²ΠΊΠ° /etc/ssl/openssl.cnf
- Π΄ΠΎΠ±Π°Π²ΠΈΡΡ ΡΡΡΠΎΠΊΡ "openssl_conf = openssl_init" Π² ΡΠ°ΠΌΡΠΉ Π²Π΅ΡΡ
- Π΄ΠΎΠ±Π°Π²ΠΈΡΡ ΡΠ»Π΅Π΄ΡΡΡΠΈΠ΅ ΡΡΡΠΎΠΊΠΈ Π² ΡΠ°ΠΌΡΠΉ ΠΊΠΎΠ½Π΅Ρ:
----%<----
[openssl_init]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
CipherString = DEFAULT@SECLEVEL=1
----%<----
ΠΠ°Π΄Π°ΡΡ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Ρ Π΄Π»Ρ Π²Ρ
ΠΎΠ΄Π° ΡΠ΅ΡΠ΅Π· nginx:
# htpasswd -c /etc/nginx/.htpasswd user
Π Π΅ΡΡΠ°ΡΡΠ°Π½ΡΡΡ nginx:
# systemctl enable nginx
# systemctl start nginx
ΠΠ°Π»ΠΈΠ²ΠΊΠ° ΠΈ Π½Π°ΡΡΡΠΎΠΉΠΊΠ° ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΡ ΡΠΊΠ°Π½Π΅ΡΠ°:
# ΠΠ°Ρ
ΠΎΠ΄ΠΈΠΌ Π² /script/
# ./build.sh
# ΠΠΎΡΠ»Π΅ Π±ΡΠ΄Π΅Ρ ΡΠΊΠΎΠΌΠΏΠΈΠ»ΠΈΡΠΎΠ²Π°Π½Π½ΡΠΉ app
# mkdir -p /root/app/
# ### Π·Π°Π»ΠΈΡΡ app ΠΈ templates/ Π² /root/app
ΠΠ°ΡΡΡΠΎΠΉΠΊΠ° systemd Π½Π° Π·Π°ΠΏΡΡΠΊ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΡ ΡΠΊΠ°Π½Π΅ΡΠ°:
# touch /etc/systemd/system/app.service
# ### ΡΠΌ _files/etc/systemd/system/app.service
#systemctl enable app.service
# systemctl start app.service
# ss -lnt | grep 7777 # ΠΏΡΠΎΠ²Π΅ΡΠΊΠ°, ΡΡΠΎ app ΡΠ»ΡΡΠ°Π΅Ρ Π½Π° lo:7777
ΠΠ°ΡΠΎΠ»Ρ Π΄Π»Ρ ΡΠ°ΡΡΠΈΡΡΠΎΠ²ΠΊΠΈ app (ΠΌΠΎΠΆΠ½ΠΎ ΡΠΌΠ΅Π½ΠΈΡΡ Π² script/build.sh):
# echo -ne "9968616e676520746869732070617373776f726420746f206120736563726574" >/tmp/.cache-id
# Π’Π°ΠΊ ΠΆΠ΅ ΡΡΡΠ°Π½Π°Π²Π»ΠΈΠ²Π°Π΅ΠΌ Π·Π°Π²ΠΈΡΠΈΠΌΠΎΡΡΠΈ pip install Crypto
https://satoshidisk.com/pay/CEidDP
----------------------------------------------------------------------------------------------------------------------------------------------------------