PrintNightmare Windows CVE-2021-1675

Featured

So Microsoft wanted to make it easy for a standard user to install a Printer without Administrator rights. There is a huge bug with the PrintSpooler service that has a huge vulnerability that was a EoP (Elevation of Privilege) affecting Windows 7 to Server 2019.

However this escalated to a RCE (Remote Code Execution). RCE refers to a bug by which cybercriminals can break into your computer in the first place, without needing any password for any account on your computer.

Microsoft released an update to fix it

At the same time this was going on a Zero-day exploit was on the rise. Researchers from the cybersecurity company Sangfor were going to present their paper about Print Spooler Bugs at the 2021 Black Hat conference in August but decided to release it early. Since the Print Spooler was recently patched they thought it would be alright since the vulnerability was fixed.

Well come to find out it was something completely different hiding in the exploit that wasn’t patched. In other words there were two security holes in it. One was patched and the other was not.

The Sangfor crew inadvertently documented an as-yet-undisclosed RCE bug, thus unintentionally unleashing a zero-day exploit. The researchers apparently took down the offending information once the mistake was figured out but by then it was too late, because the exploit code had already been downloaded and republished elsewhere. Pandora’s box had already been opened, and it was too late to close it up again.

The only way to fix this until a patch release is to disable the Print Spooler. However this will disable printing and can’t print anything. It’s good practice anyway to disable the Print Spooler if you don’t have a printer to free up resources in Windows but if you use a printer all the time you’re kind of screwed until then.

This is one of the many reasons why I left Windows in the dust and use Linux. Granted there are exploits in Linux as well but they are typically targeted on older software packages and an easy update fixes it. If it’s a major one it is typically fixed within hours after it has been known to the world.

Advertisement

Installing pfSense on a PC Engines APU2

Featured

The APU2 came in and now I can install pfSense and share the knowledge.

First things first. The APU2 does not have a Video Out such as VGA or HDMI. It’s a headless System that uses RS-232 to run it until pfSense is installed. The options for this is to use either a DB9 Null Modem Cable if the System you’re going to connect has Serial/RS-232 or use a modern USB to Serial Cable.

For this install the Host Machine is my Desktop running Debian Linux. I am also using a USB to Serial Cable Adapter. It uses the CH341-UART chip. Keep in mind you will need a DB9 Null Modem Adapter, a simple Gender Changer Adapter isn’t going to work. for the connection software wise I am going to use GNU Screen.

We need to download pfSense. Make sure to follow the image below.

After it downloads uncompress the file and use dd (DiskDump) to write to a USB Thumb Drive. The Thumb Drive shows up as /dev/sdc but this varies system to system. If anything insert the Thumb Drive and run sudo dmesg and it should show up last and will say /dev/sd* whatever the * is is the Thumb Drive, could be sdb, sdc, sdd and so on.

For my System I issued this command.

sudo dd if=~/Desktop/pfSense-CE-memstick-serial.img of=/dev/sdc

While it was writing to the Thumb Drive I gathered the rest of the equipment together. Do not power on the APU2 just yet. When the Thumb Drive is ready plug it into the APU2. Launch GNU Screen with this command. Remember I am using a USB 2 Serial Adapter so yours might differ.

screen /dev/ttyUSB0 115200

With Screen running you can now power on the APU2. When you turn it on you should see Text pop up in the window. Select F10 to bring up the Boot Menu and select the Thumb Drive. It will take a couple of minutes to load up but it should go directly into the Installer. From there just follow the prompts and install pfSense like you would on a typical PC.

When finished installing you’ll need to reboot the APU2 and this time hit F10 again and select Manage Payload. This will bring you to a BIOS setup and just tell it to boot from whatever Media you installed pfSense onto. If you skip this part then it will only Boot into MemTest86.

After that it should work and you can then start programming it via the Web UI.

Here is a couple of shots of my APU2.

So far I am impressed. I plan installing it this Weekend and see how it goes.

Featured

S-100 Z80 Progress

I didn’t like the first revision of the Schematic so I redid the whole thing. I came across a Z80 Trainer made by Dr. Baker and used that as the basis of the new Schematic. I also used the circuit for the VT132 Project for a Terminal VGA and USB Keyboard.

Control Panel
CPU and Clock
RAM and ROM
IO Board
Serial Terminal for Video and Keyboard

These are not final. I need to review these and make sure everything is in the right order. I also need to import the S-100 BUS.

Featured

New CCTV System

I decided to buy the CCTV equipment. I bought a Reolink 5MP Pan Tilt Zoom Camera for the Driveway and a Reolink 5MP with Audio Turret Camera for the Lanai. My Boss let me buy a Hikvision Door Bell at cost and it was on sale from the distributor for $98.00. It’s the only one I can find that has ONVIF currently. I also have a couple of Hikvision IP Cameras I will use for Indoor use.

For now I plan to use MicroSD Cards for recording and push it to Shinobi that is running on the Home Assistant Server. For now I will use a TP-Link 5 Port PoE Switch. I really don’t see adding anymore Cameras since the placements I have chosen should cover everything. Except one area that has the A/C unit.

I am a bit worried since I heard A/C unit thefts are on arise in my area but I got that covered. I traded a A/C Tech 25ft of Coax for 25ft of outdoor rated cable used for A/C systems so I can make a dummy line that connects to the Alarm Panel so when someone cuts it the Alarm goes off, I have it programmed as a Duress so the Central Station sends out the Cops without Verification. Also used longer Tapcons to attach the unit into the Cement Pad. I also stripped out the Nut Driver portion of the Tapcons so the only way to get them out is with a Flat Head or a Cutting Wheel. Besides the Driveway Camera and Lanai Camera would catch anyone going to the side of the House anyway.

Anyway, back on topic here. I will probably run the Cabling to the Master Closet or Garage and then run a Single Line to the Living Room since the TV stand is getting full. Since the pfSense box has one more open port I can dedicate that to the CCTV and give access to Home Assistant.

I already got a friend that wants to buy my old Analog DVR and I will probably give the Ring to my Mother.

Featured

Lost art of Cable Management – Cable Lacing

Used in Telcom, NASA and Avionics a almost lost art of Cable Management called Cable Lacing. Instead of using Zip Ties or Tape a Waxed Coated Cotton String is used for the whole length of a Wire Rack or Wire Harness/Bundle.

In my honest opinion this looks a lot cleaner and better then a hundred Zip Ties and doesn’t leave a sticky residue like Tape does. It’s also pretty darn cheap, just don’t buy the “Electronics Grade” stuff. The 1mm size that is used for Jewelry is cheaper and it is the exact same stuff. You can also use thinner stuff but you’ll have to double wrap the bundle.

I found a little Video on YouTube that covers how to do it. The man in the Video has a terrible accent but you just to need to watch rather then listen.

A few Tips I have with this Method. Have the knots closer then what I have in the example photo. If the Cabling is running flat then you can get away with knots further away but when you go into turns and twists you want the knots closer or it will look like this.

Just like anything new you will be slow and it will look like crap but with practice it will look better and you’ll get much faster.

Featured

Fresh install Debian 10 Linux

When I install Linux I end up spending a lot of time tweaking it the way I like it. No matter the Distribution I end up doing stuff like this. Mostly because Out of the Box is for the novice user. Most end Linux users do the same thing.

I typically start with just the base install to make sure all of my hardware is in working order such as Chipset, CPU Microcode, Networking and USB. Easier to catch the issues when it’s a plain Command Line Interface. Also much easier to redo the install to Unstable if the Kernel is too old to see brand new hardware. Unstable isn’t really Unstable, it’s just newer Software that is still experimental. For a example Ubuntu uses a mixture of Unstable and LTR (Long Term Release).

When partitioning I keep things simple and use a single Partition for everything. Now if I am doing this to a system that has Multiple Hard Drives I’ll move things around such as putting the /home directory onto a different drive. Back in the day I use to toss in a old drive just to be used for SWAP but these days I see no performance gains. A EXT4 Partition is just find and no need to go into the world of ZFS and GPT since ZFS eats RAM and GPT will bite you in the ass in the end.

After I verify everything is working I’ll edit the APT sources file and add the contrib and non-free entries, update the mirrors and upgrade. Install Xorg and whatever Window Manager I want. Currently I am giving KDE Plasma a spin and it has a few nice features but I like using the Awesome WM.

Before anything else I once again verify my Video and Audio is working correctly. I’ll run the glxgears program or just look at the OpenGL Information. To test Audio I’ll just load something up in YouTube, a few times in the past the Audio would work fine within the Window Manager but YouTube, Steam and VLC would be deaf. So if YouTube works then there shouldn’t be issues with anything else.

Now I can start adding my custom tweaks and such.

I add my user to the sudoers file and make sure the hostname for the system is final. Also install ntp if Xorg’s install didn’t include it.

su
apt install binutiles sudo ntp ufw fish vlc
nano /etc/sudoers


under root’s entry add
[username] ALL=(ALL:ALL) ALL
Save and exit.

exit

I start by changing the Command Line Shell. Debian uses a modified version of BASH called DASH. Works alright but after you start playing with other types of Shells you end up staying away from it. I use to use Zsh but I converted to FISH. After installing fish I then issue chsh -s /usr/bin/fish then launch it. From there I go into ~/.config/fish and edit the config.fish file and add my alias entries.

alias ls="ls -lahp"
alias dir="ls -lahp"
alias shutdown="sudo shutdown now"
alias reboot="sudo reboot"
alias update="sudo apt update"
alias upgrade="sudo apt upgrade"
alias purge="sudo apt autoremove"
alias edit="nano"
alias G="grep"
alias S="sudo"

After tweaking commands to my liking I’ll add more software I attend to use such as Htop, Bleachbit, Guake, and KDE Connect.

Over time I end up installing neofetch, screen, Arduino IDE, Sublime Text and GCC, Firefox and vBox.

Once in a blue moon I’ll screw up and spend a good few hours fixing it or just end up reinstalling everything.

Featured

Limit Unwanted Network Connections

I’m slowly putting together a Network Administration suite for the Raspberry Pi. Came across a little jewel called Evil Limiter. It’s a Python 3 Script that can do a ARP scan of a Network and give you a IP Address on the Network that you know shouldn’t be there or you have a User sucking up too much Bandwidth. So instead of Deauthing the user you can Throttle or even Block the User. For a example you can Limit a User to 100Kbit/sec or even totally block them.

This could be handy for enforcing say the Kids Internet usage during the Spring/Summer Break or even at work when Steve should be working on a report but is too busy watching Netflix or YouTube.

Now this tool is considered a DoS (Denial of Service) Attack so be careful how you use it and deploy it.

Featured

Building a Z80 Computer

Every hardcore Electronics Engineer and Computer Nerd has a bucket list and there is a Homebrew Retro Computer on that list. I could cheat and buy a RC2014 kit but building it from total scratch is even better.

Now you just don’t order/buy/find the parts and slap it all together. You have to study up on the subject. There is a PDF floating around called “Build your own Z80 Computer” by Steve Ciarcia. Then you have Grant Searle’s Website that is loaded with tons of Schematics and ideas for a minimal chip count Z80 running BASIC and CP/M.

To start off the build I am going to build a curd version of the Zeta256 and branch off of that by adding memory, UART, ROM and so forth.

Stupid Cyber Monday

So I was at work terminating a bunch of CAT6 cables and decided to take a small break. I decided to checkout the deals on Amazon for their Cyber Monday deals.

A friend of mine has decided to start a 3D printing business so I was looking at the 3D Printers. They had the Ender 3 for $189.00 so I called him up and he wants to use Prusa printers for his print farm. Well the deal was so tempting I bought one.

I already have a 3D Printer but it’s currently in parts since I am modding the heck out of it but with this second printer I can print out some parts for the down printer and when I get that printer up and going I can install a direct drive on the new printer and use it for TPU filament.

The Raspberry Pi problem

We all know the Raspberry Pi is the go to for projects and some lite server use. However the Raspberry Pi is very hard to get and if you can get one then get ready to spend out the rear for one.

There are alternatives for a SBC (Single Board Computer) but they also cost a bit. However there is trick.

If you need a lite weight system that doesn’t need GPIO but just for Software use like hosting some sort of server you can buy used thin clients and right now on Amazon you can buy those Chineseium micro computers that use old the Intel 7th gen Celeron and DDR3 for about a hundred bucks. However the thin client route is a bit better.

eBay is littered with old commercial thin clients. They’re semi upgradable so you can toss in bigger storage and more RAM. Now this isn’t a untapped way, a lot of people have been doing this and I’ve even done it a few times and my current Home Assistant server is a old HP Thin-Client.

I’m only mentioning this because I was setting up a Pi3+ and watching YouTube, as software was installing I came across a video on a Generic AK2 Mini PC.

3D Printer breakout board

Since I want all of the electronics of my 3D Printer inside it’s own case and I thought maybe a breakout board would be great so I don’t have to do any home run cabling.

I fired up KiCad and went to work and came up with this.

The PCB was done by my sponsor PCBWay. As usual they did great work. Super glossy finish and plated throughholes. The mounting locations are dead on as well so I can reuse the mount from the 3D Printer.

I made one huge error on this board and didn’t realize it until after the boards came in. I didn’t make a breakout for the BL Touch. I was using the old Creality 3D 1.1.4 board as a reference and that board doesn’t have BL Touch headers.

I wanna thank PCBWay for sponsoring this project and it’s always a pleasure to use them for fabricating circuit boards for my wacky projects. Give them a try, It’s like five bucks for five boards. What could go wrong?

Gluster Server Upgrades

After playing around with the little Gluster server I slapped together I decided to get some upgrades for it.

The Dell Vostro 220s is plenty fast for this however I have ran into an issue. The system will not automatically boot from the USB. User interaction has to take place for it to boot from USB. So to fix this I ordered a cheap SATA Raid controller for the RAID10 array and a 128GB SSD for the “OS Drive”. This will also give the system a little more pep in it’s step.

I also had to buy a new CPU cooler for it. The old one is mostly plastic and has turned brittle.

I’m thinking to add some additional functions to it. Have a PXE service for Netbooting so I don’t have to keep track of thumb drives for keeping install media. So if I deploy another system of some sort I can just do a netboot. Also comes in handy for system rescue as well.

Proper Universal Control for the Garage and Home

In the AV world there are many universal remote brands and models for controlling say a theater room of even simple things around the home. The best DIY consumer remote is the Logitech Harmony but for some reason Logitech is getting out of the remote biz.

This kinda leaves the cheap universal remotes from RCA and GE for the typical consumer. Or is it?

I received a URC MX-450 remote with the RF module MRF-260. This equipment is used and was pulled from a customer’s home since we put in Control4. The MX-450 isn’t locked out like some of URC’s higher end MX-Home Series. Technically a typical diy consumer can’t buy URC equipment but I have seen them on eBay and on Amazon.

The plan with my remote is for the Garage and since the remotes in the house attend to get lost I can also program in those items as well. The nifty thing with this remote is you can create scenes with it. So you can hit turn on DVD it will turn on the TV, Audio equipment, DVD player and even have the DVD player open the tray.

However with my smart assness I will use the RF module with a ESP8266 and use it as a integration to Home Assistant so I can control IP things such as the lights, computers and whatever I have in Home Assistant. All I have to do is have the ESP8266 receive IR remote codes to a device I don’t have and have Home Assistant do the rest with scene scripts.

This will be my one day build for this Saturday.

Scalable NAS build

I pulled out the old Dell and slapped in four 500GB drives. Also found a 16GB USB Thumb drive as well. Installed Debian Bookworm onto the thumb drive then had fun setting up a RAID10 with the hard drives.

Setting up a software RAID10 is pretty easy. For a RAID10 you need four drives. Reason being the data is splitting off onto two drives and the other two drives are acting as a backup. So I have a 1TB RAID going. Plenty for my needs since I am just using this as a mirrored /HOME directory for my Linux systems.

To setup the Software RAID I used mdadm. It’s a CLI tool for creating and maintaining the RAID. I went into fdisk and deleted the old partitions on the four drives then created new partitions. I made sure to change the Type from 0x83 (LINUX) to 0xfd (Autodetect Linux RAID).

Install some software.

sudo apt install mdadm -y

Now with mdadm I created the RAID with a few commands. My USB Thumb drive is listed as /dev/sde1

mdadm --create /dev/md0 --level 10 --raid-disks 4 /dev/sda1 /dev/sdb1 /dev/sdc1 /dev/sdd1

I then formatted the new array.

mkfs.ext4 /dev/md0

From there I had mdadm create a mdadm.conf file and then edit it.

mdadm --detail --scan /dev/md0 >> /etc/mdadm/mdadm.conf

(inside mdadm.conf)

DEVICE /dev/sda1 /dev/sdb1 /dev/sdc1 /dev/sdd1

Added the newly created array to the fstab file.

/dev/md0    /data    ext4    defaults 1   1

Then created the directory for the array to mount to in this case I chose /data on the root of the drive. This next part I struggled with and found out after creating the array again I just needed to issue a initramfs rebuild.

update-initramfs -u

I then rebooted and sure enough I had a working RAID10 array.

The fun part was getting Gluster up and running. I guess I have DNS issues on my network and ended up going by IP rather then host names.

sudo wget -O - https://download.gluster.org/pub/gluster/glusterfs/10/rsa.pub | sudo tee /etc/apt/trusted.gpg.d/gluster.asc

sudo echo deb [arch=amd64] https://download.gluster.org/pub/gluster/glusterfs/10/LATEST/Debian/bookworm/amd64/apt bookworm main > /etc/apt/sources.list.d/gluster.list

sudo apt update && sudo apt install glusterfs-server -y

sudo systemctl enable glusterd
sudo systemctl start glusterd

mkdir -p /data/brick1/gv0

Now setting up Gluster. Replace IPADDRESS with the proper IP Address of your server.

gluster volume create gv0 IPADDRESS:/data/brick1/gv0

gluster volume start gv0

mount -t glusterfs IPADDRESS:/gv0 /mnt

The last command mounts the gluster volume so it can be tested. On a client system you would install the gluster-client and then issue the same command.

From there on the client you would add the mount in the fstab file like so.

IPADDRESS:/gv0    /data    glusterfs    defaults,_netdev    0    0

Pretty simple after seeing all of the kinks worked out. Took me most of the day to set this up. Now I need to find a better case for the Dell. The current case is too small to house four standard size mechanical drives. Luckily it’s a standard ATX layout.

Keep in mind Gluster isn’t a typical NAS suite. It’s more like a NFS share on steroids.

Keep multiple computers in check

I have several computers in the house I use a lot. I have the Desktop in the Garage, two Laptops and a few smaller systems doing server like things.

I have Debian Linux running on all of them but I screwed up. Half of them are running Debian 11 and the other half are running Debian 10. This has added incompatibility in the environment since I started using Syncthing. I was using Syncthing to keep my Home directory portable between all of my computers so no matter what system I use would have the same files and settings. Well the minor differences between the two Linux versions isn’t really minor but very different. Enough for things to break software wise.

I decided to swap over to Debian Unstable. It’s the rolling release of Debian and Unstable isn’t really “Unstable”. It’s just the latest packages that hasn’t been tossed on the long term release. For a example Debian 11 has Kernel 5.10 and Unstable has Kernel 6.0.

Another issue I ran into is with Home Assistant. I was using a external system for a MQTT server and now in the latest version of Home Assistant I get MQTT errors because now Home Assistant only uses the the MQTT add-on for Home Assistant. Also not to mention Home Assistant OS uses Debian 10. This is also the system I have as the Syncthing host and so far it’s working but I don’t really want the host to be too far back on the software release or stuff might not work well.

So here is my plan.

Install Unstable on my three machines. Unstable doesn’t work on the Pi so I am stuck with Debian 10 and redo the Home Assistant install since it’s broken because of MQTT. On the systems I want to have mirrored Home directories I plan to run Gluster instead of Syncthing. Gluster is a self host scalabel network filesystem. Use one of my many old desktops I have laying around, toss in a few hard drives and point each client to mount and use it as the /Home for the user. I would also need to create a additional user so if the server fails I wouldn’t be locked out of my systems. Also if I take one of my laptops with me I can still use it.

I got a old Dell Vostro 220s I use to use as a pfSense box. It’s got 4GB of RAM and has a Intel Pentium Dual E2200. Not much but should be fine for the task. It’s not like I have several systems running at once. Still very fast compared to using a USB stick as a portable Home directory. Down the road I’ll toss in a SATA Raid card and some SSDs. For now a RAID 10 with four spinners and a software RAID should work.

I’m still here

I haven’t left, I am still here. Been busy with things such as refinancing the house and working.

Matter of fact I have to work in this bad storm (Nicole). Have to install a Alarm system and do a service call. At least it’s not a hurricane anymore.

What free time I have had for the Garage I have been working on my 3D Printer.

The front control panel. Green button is the soft power button and the red buttons are gonna be shortcut buttons for the 3D Printer. I need to do the rotary encoder wheel on the right and fit in the LCD somewhere.

Everything else electronics wise for the 3D printer. ATX Supply for the Pi and a ESP8266 and whatever else I decide to toss in. I have a solid state relay in there so when the ATX supply turns on it will turn on the 24 volt supply. I bought some silicone 22AWG 6pin ribbon cable and 14AWG silicone wire to finish everything else.

I also redid the Livingroom entertainment center. Installed a 24 port POE switch and swapped out audio receivers. It’s still a mess of wires mostly because of the HDMI cables. But the Ethernet, Speakers and power are nicely done.

Where did I go?

I have been busy with stuff. Refinancing the house, working and slowly buying parts for some projects.

I was lucky enough to lock in my refinancing before it hit 7%. The plan is to pay off a bunch of stuff including the car then with in a couple of years the mortgage rates should drop back to the 4’s or mid 5’s.

I spent the day redoing the Living room entertainment center. Installed that Luxul network switch and swapped out the audio receivers since I have a 4K TV in the living room since last Christmas.

I’m still working on the 3D Printer. I have been parts like wire and such. The case I selected is very roomy and all of the electronic modifications I want to use can fit with plenty of room to spare.

I have to redo my Home Assistant setup, The Remote MQTT setup I have doesn’t work anymore. Apparently I have to use the Home Assistant MQTT addon so I can’t declare it in the Configuation.yaml file anymore. Also a few things isn’t working right. I am planning to add a second hard drive for additional storage anyway so while I am at it I can just start fresh.

Other then that what free time I have gotten I have been spending it with the family.

New Network Switch

A friend of mine got ahold of me and asked if I wanted a 24 port PoE switch, I said sure. When I got the switch it was inside a TrendNet box and TrendNet is total garbage but when I opened the box I saw the LUXUL logo.

When I got home I found out it’s a LUXUL AMS-2624P. I also went and got the latest firmware update and manual. I then looked up the specs and this Switch is only a couple of years old. Still goes for $1,200 on the market.

I finally had time today to hook it up to do a factory reset and update the firmware. Just before powering it up I realized something. Why would a two year old switch get pulled out of a working environment? Could it be broken? A paper weight?

I powered it on and seems fine. Directed my laptop to use 192.168.0.100 as the IPv4 Address and used the Switch’s fall back IP of 192.168.0.4 and it worked. Even used the default login and password as well. So I went ahead and factory reset the thing then updated the firmware.

I’m planning to put the switch in the living room and ditch the 16port TP-Link and the 5port PoE TP-Link. I’ll probably move them to the garage and put the 8port that is in the garage as a reserve.