This is the explanation regarding the CVE 2020–29138 which I’ve discovered in the routers provided by the CLARO company in Brazil.

The SAGEMCOM router, model F@ST3486 NET, running the NET_4.109.0 software version, contains an Improper Access Control vulnerability in the configuration backup functionality. …

The goal here is to analyze the behavior of the Metasploit Blueekeep Module, which exploits the CVE-2019–0708 vulnerability, and identify signatures which can be used in writing a snort rule for detecting its usage.

Both NCC Group and Talos Intelligence has published snort rules for detecting the CVE-2019–0708. However, both…

The test was executed on a Windows 7 Enterprise x64 Ultimate, running over a VMWare 15 Workstation Pro.

The metasploit was placed on a Kali Linux 4.19, also over VMWare.

Setting Up

Summary of the packages installed in order to run the project’s branch with the operational bluekeep exploit:

UPDATE: Seems that…

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store