read the news about US officially blame NK for WannaCry’s damage
so i was wondering if I can still find some machines that are vulnerable to MS17-010 in clients network
Just trying to see if I could got some luck for “old” exploit/vulnerability
I did found some machines are still not patched. and reported the problem to clients 🙂
using namap script to scan for possible/vulnerable targets
1. nmap -p445 --script smb-vuln-ms17-010
2. nmap -p445 --script vuln
found some possible target
Show option for MS17-010 in Metasploit
Successfully get remote shell
Just trying to setup a vnc server for me to connect to my linux box as I can access to the testing linux box easier 🙂
here is the easy way and steps for vnc server on my ubuntu 17.10 testing box.
sudo apt install xfce4 xfce4-goodies tightvncserver
2. setup xstartup
a) make a copy of xstartup ==> mv ~/.vnc/xstartup ~/.vnc/xstartup.bak
b) nano ~/.vnc/xstartup
add the following to xstartup
sudo chmod +x ~/.vnc/xstartup
4. run vncserver
5. connect vnc server from my vnc client
Got some users have problem with Win 7 load with temp profile while they login
using their domain user account.
this is how i fix the problem
1. login windows using account has load temp profile problem.
2. go to Registry “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList”
Look for the profile with the “.bak”. This is the CORRECT old profile.
Rename the profile that does not have “.bak”(profile with the same name but without .bak at end) by adding “_new” to the end.
3. after rename the profile, logout user and use admin privilege to delete TEMP profile folder under User folder.
4. User login again
should fix the problem