This is the explanation regarding the CVE 2020–29138 which I’ve discovered in the routers provided by the CLARO company in Brazil.
The SAGEMCOM router, model F@ST3486 NET, running the NET_4.109.0 software version, contains an Improper Access Control vulnerability in the configuration backup functionality. …
The goal here is to analyze the behavior of the Metasploit Blueekeep Module, which exploits the CVE-2019–0708 vulnerability, and identify signatures which can be used in writing a snort rule for detecting its usage.
The test was executed on a Windows 7 Enterprise x64 Ultimate, running over a VMWare 15 Workstation Pro.
The metasploit was placed on a Kali Linux 4.19, also over VMWare.
Summary of the packages installed in order to run the project’s branch with the operational bluekeep exploit:
UPDATE: Seems that…