OPNsense Forum
English Forums => Intrusion Detection and Prevention => Topic started by: mcc85 on March 08, 2019, 12:35:38 am
-
CVE-2019-8936
https://vuxml.FreeBSD.org/freebsd/c2576e14-36e2-11e9-9eda-206a8a720317.html (https://vuxml.FreeBSD.org/freebsd/c2576e14-36e2-11e9-9eda-206a8a720317.html)
This vulnerability was reported on 01-15-2019, I'm the one who reported it. Why? Because someone didn't like the project I was working on, and someone encrypted all of the data on the two systems that I had connected to. They used port 3389 and then jacked into my network by tagging along the session I had opened, even after I had closed the port back off after I was able to turn on my internal remote access program.
I don't see a forum thread here that deals with specific network vulnerabilities such as this, but I can tell you that someone at Microsoft does not like what I've been up to. Here's my proof....
-------------------
I made this video on January 25th, on that very network I mentioned above, that is, after I had to restore all of my content and scripts and image files and everything else. It was a hard lesson learned, but hey, I managed to get it all back up and running within 10 days alongside another large project I had on my hands, then shared the video once I felt it was capable of being a proof of concept.
https://www.youtube.com/watch?v=5Cyp3pqIMRs [Look at the date I uploaded this project]
The very next day, January 26th, Michael Neihaus, posted an update referencing the Microsoft Deployment Toolkit.
https://blogs.technet.microsoft.com/mniehaus/ [Look at the date of the MDT update/Comments locked]
Coincidence? I think not. Some nefarious party has been relentlessly attacking my networks and I have been checking my security audits several times a day to make sure that I can find out who's doing this.
---------------
I've deduced it to a few culprits, like the authors of the book "Deployment Essentials"... Why?
I'm looking to make WaaS/SaaS for free, without malicious Microsoft Store applications which track everything you do with your system at all times. The reason I went with a FreeBSD port is because I know that even with it's fair share of problems, the developers of this project know what they're doing and made the most reliable enterprise grade firmware I have ever seen... why? Because they didn't ask for a dime to provide it.
If my project sounds a little too good to be true until I actually have a product to distribute, well I can tell you that my conviction will inevitably override the doubt of many... because I do what I'm doing for the same reason this project is also freely available. Because it's a sign of spiritual strength and integrity. AND, because I believe in what Gary Kildall originally built, not what Bill Gates coerced Paul Allen to reverse engineer.
-
By the way, I had process hacker after I posted this information on my Facebook page, and you know what came up on my screen a couple times showing up as red? SDX Helper.
https://www.google.com/search?q=sdx+helper&rlz=1C1GCEU_enUS839US839&oq=sdx+helper&aqs=chrome..69i57j0l5.2751j0j7&sourceid=chrome&ie=UTF-8
-
www.securedigitsplus.com
This is what I'm after.
-
Thanks, CVE-2019-8936 will be addressed in 19.1.4 next week.
Cheers,
Franco