nccgroup / bkscan Goto Github PK
View Code? Open in Web Editor NEWBlueKeep scanner supporting NLA
BlueKeep scanner supporting NLA
Hey, just re-installed the docker image and am still getting this error when I try to use bkscan.
./bkscan.sh -t █.█.█.█ -u █████ -p █████ --debug
[+] Targeting █.█.█.█:3389...
[+] Using provided credentials, will support NLA
No protocol specified
[22:47:17:428] [1:1] [ERROR][com.freerdp.client.x11] - failed to open display: :1
[22:47:17:428] [1:1] [ERROR][com.freerdp.client.x11] - Please check that the $DISPLAY environment variable is properly set.
Create user test
with password 123
.
Run BKscan ./bkscan.sh -t 10.0.2.15 -u test -p 123 --debug
. Bunch of MST120 was sended and we get true positive:
Run BKscan ./bkscan.sh -t 10.0.2.15 -u test -p 123 --debug
. NLA passes but we get false positive because RDP is restricted for this user and MST120 packets are not sended:
Notice: Server said: ERRINFO_SERVER_INSUFFICIENT_PRIVILEGES (0x00000009):The user cannot connect to the server due to insufficient access privileges.
but BKscan wrote: [!] Target is VULNERABLE!!!
I've had this issue on two completely separate kali instances. I install the tool following the installation instructions. The docker installation completes successfully and sudo ./bkscan.sh -h
gives me the expected output. However when I try to scan a target machine with sudo ./bkscan.sh -t <IP Address>
I get the following error.
[+] No credential provided, won't support NLA
No protocol specified
[22:41:07:683] [1:1] [ERROR][com.freerdp.client.x11] - failed to open display: :0.0
[22:41:07:683] [1:1] [ERROR][com.freerdp.client.x11] - Please check that the $DISPLAY environment variable is properly set.
Hi,
I am unable to build the BKScan docker image in Kali. Here is the command I am running after cloning the repository and the CMake error messages that I get back. I am running the command on Linux kali 4.19.0-kali3-amd64 #1 SMP Debian 4.19.20-1kali1 (2019-02-14) x86_64 GNU/Linux
Any suggestions on how I can remediate these errors? I have tried to research similar errors that others may have faced before, but did not have much luck finding a fix.
root@kali:/opt/BKScan# sudo docker build -t bkscan .
Sending build context to Docker daemon 166.9kB
Step 1/14 : FROM ubuntu:16.04
---> 13c9f1285025
Step 2/14 : MAINTAINER Cedric Halbronn <[email protected]>
---> Using cache
---> bf1362620a53
Step 3/14 : RUN apt-get update && apt-get install -y --no-install-recommends build-essential git-core cmake sudo x11-xserver-utils locales alsa alsa-tools pulseaudio pulseaudio-utils libssl-dev libx11-dev libxext-dev libxinerama-dev libxcursor-dev libxdamage-dev libxv-dev libxkbfile-dev libasound2-dev libcups2-dev libxml2 libxml2-dev libxrandr-dev libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev libxi-dev libavutil-dev libavcodec-dev libxtst-dev libgtk-3-dev libgcrypt11-dev libssh-dev libpulse-dev libvte-2.91-dev libxkbfile-dev libtelepathy-glib-dev libjpeg-dev libgnutls28-dev libgnome-keyring-dev libavahi-ui-gtk3-dev libvncserver-dev libappindicator3-dev intltool libsecret-1-dev libwebkit2gtk-4.0-dev libsystemd-dev libsoup2.4-dev libjson-glib-dev libavresample-dev
---> Using cache
---> 65b17ae2dcb5
Step 4/14 : ADD FreeRDP_scanner.patch /tmp/FreeRDP_scanner.patch
---> Using cache
---> a4cbac1a1e92
Step 5/14 : RUN git clone https://github.com/FreeRDP/FreeRDP.git /tmp/FreeRDP
---> Using cache
---> 75b43663a6b0
Step 6/14 : WORKDIR /tmp/FreeRDP
---> Using cache
---> 69efcc32977d
Step 7/14 : RUN git checkout b907324009b0af6c9fee449e61e6fbcf5d5d865e
---> Using cache
---> f0798532d5de
Step 8/14 : RUN patch -p1 < ../FreeRDP_scanner.patch
---> Using cache
---> 53372f6fb7d6
Step 9/14 : RUN cmake -DWITH_SSE2=off -DWITH_CUPS=off -DWITH_WAYLAND=off -DWITH_PULSE=off -DCMAKE_INSTALL_PREFIX:PATH=/opt/freerdp . && make && make install && echo /opt/freerdp/lib > /etc/ld.so.conf.d/freerdp.conf && ldconfig && ln -sf /opt/freerdp/bin/xfreerdp /usr/local/bin/
---> Running in 33c3cd930b30
-- The C compiler identification is GNU 5.4.0
-- The CXX compiler identification is GNU 5.4.0
-- Check for working C compiler: /usr/bin/cc
-- Check for working C compiler: /usr/bin/cc -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Check for working CXX compiler: /usr/bin/c++
-- Check for working CXX compiler: /usr/bin/c++ -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- Found PkgConfig: /usr/bin/pkg-config (found version "0.29.1")
FREERDP_VERSION=2.0.0-dev5
-- Git Revision b907324
-- Looking for __x86_64__
-- Looking for __x86_64__ - found
-- Performing Test Wno-unused-result
-- Performing Test Wno-unused-result - Success
-- Performing Test Wno-unused-but-set-variable
-- Performing Test Wno-unused-but-set-variable - Success
-- Performing Test Wno-deprecated-declarations
-- Performing Test Wno-deprecated-declarations - Success
-- Performing Test Wno-deprecated-declarationsCXX
-- Performing Test Wno-deprecated-declarationsCXX - Success
-- GCC default symbol visibility: hidden
-- Performing Test Wimplicit-function-declaration
-- Performing Test Wimplicit-function-declaration - Success
-- Performing Test Wredundant-decls
-- Performing Test Wredundant-decls - Success
-- Performing Test Wno-builtin-macro-redefined
-- Performing Test Wno-builtin-macro-redefined - Success
-- Performing Test Wno-builtin-macro-redefinedCXX
-- Performing Test Wno-builtin-macro-redefinedCXX - Success
-- Performing Test fno-omit-frame-pointer
-- Performing Test fno-omit-frame-pointer - Success
-- Looking for include file fcntl.h
-- Looking for include file fcntl.h - found
-- Looking for include file unistd.h
-- Looking for include file unistd.h - found
-- Looking for include file execinfo.h
-- Looking for include file execinfo.h - found
-- Looking for include file inttypes.h
-- Looking for include file inttypes.h - found
-- Looking for include file sys/modem.h
-- Looking for include file sys/modem.h - not found
-- Looking for include file sys/filio.h
-- Looking for include file sys/filio.h - not found
-- Looking for include file sys/sockio.h
-- Looking for include file sys/sockio.h - not found
-- Looking for include file sys/strtio.h
-- Looking for include file sys/strtio.h - not found
-- Looking for include file sys/select.h
-- Looking for include file sys/select.h - found
-- Looking for include file syslog.h
-- Looking for include file syslog.h - found
-- Performing Test HAVE_TM_GMTOFF
-- Performing Test HAVE_TM_GMTOFF - Success
-- Looking for pthread.h
-- Looking for pthread.h - found
-- Looking for pthread_create
-- Looking for pthread_create - not found
-- Looking for pthread_create in pthreads
-- Looking for pthread_create in pthreads - not found
-- Looking for pthread_create in pthread
-- Looking for pthread_create in pthread - found
-- Found Threads: TRUE
-- Looking for pthread_mutex_timedlock
-- Looking for pthread_mutex_timedlock - not found
-- Looking for pthread_mutex_timedlock in pthread
-- Looking for pthread_mutex_timedlock in pthread - found
-- Looking for include file aio.h
-- Looking for include file aio.h - found
-- Looking for include file sys/eventfd.h
-- Looking for include file sys/eventfd.h - found
-- Looking for eventfd_read
-- Looking for eventfd_read - found
-- Looking for include file sys/timerfd.h
-- Looking for include file sys/timerfd.h - found
-- Looking for include file poll.h
-- Looking for include file poll.h - found
-- Looking for ceill
-- Looking for ceill - found
-- Finding recommended feature libsystemd for systemd journal appender (allows to export wLog to systemd journal)
-- Disable feature libsystemd using "-DWITH_LIBSYSTEMD=OFF"
-- Found libsystemd: /usr/lib/x86_64-linux-gnu/libsystemd.so
-- Finding recommended feature X11 for X11 (X11 client and server)
-- Disable feature X11 using "-DWITH_X11=OFF"
-- Found X11: /usr/lib/x86_64-linux-gnu/libX11.so
-- Skipping recommended feature Wayland for Wayland (Wayland client)
-- Finding required feature ZLIB for compression (data compression)
-- Found ZLIB: /usr/lib/x86_64-linux-gnu/libz.so (found version "1.2.8")
-- Finding required feature OpenSSL for cryptography (encryption, certificate validation, hashing functions)
-- Found OpenSSL: /usr/lib/x86_64-linux-gnu/libssl.so;/usr/lib/x86_64-linux-gnu/libcrypto.so (found version "1.0.2g")
-- Skipping optional feature MbedTLS for cryptography (encryption, certificate validation, hashing functions)
-- Enable feature MbedTLS using "-DWITH_MBEDTLS=ON"
-- Skipping optional feature OpenSLES for multimedia (OpenSLES audio / video)
-- Enable feature OpenSLES using "-DWITH_OPENSLES=ON"
-- Finding recommended feature OSS for sound (audio input, audio output and multimedia redirection)
-- Disable feature OSS using "-DWITH_OSS=OFF"
-- Found OSS Audio
-- Finding recommended feature ALSA for sound (audio input, audio output and multimedia redirection)
-- Disable feature ALSA using "-DWITH_ALSA=OFF"
-- Found ALSA: /usr/lib/x86_64-linux-gnu/libasound.so (found version "1.1.0")
-- Skipping optional feature Pulse for sound (audio input, audio output and multimedia redirection)
-- Enable feature Pulse using "-DWITH_PULSE=ON"
-- Skipping optional feature Cups for printing (printer device redirection)
-- Enable feature Cups using "-DWITH_CUPS=ON"
-- Skipping optional feature PCSC for smart card (smart card device redirection)
-- Enable feature PCSC using "-DWITH_PCSC=ON"
-- Finding recommended feature FFmpeg for multimedia (multimedia redirection, audio and video playback)
-- Disable feature FFmpeg using "-DWITH_FFMPEG=OFF"
-- Checking for module 'libavcodec'
-- Found libavcodec, version 56.60.100
-- Checking for module 'libavutil'
-- Found libavutil, version 54.31.100
-- Checking for module 'libavresample'
-- Found libavresample, version 2.1.0
-- Checking for module 'libswresample'
-- Found libswresample, version 1.2.101
-- Found FFmpeg: TRUE
-- Skipping optional feature GStreamer_0_10 for multimedia (multimedia redirection, audio and video playback, gstreamer 0.10 version)
-- Enable feature GStreamer_0_10 using "-DWITH_GSTREAMER_0_10=ON"
-- Finding recommended feature GStreamer_1_0 for multimedia (multimedia redirection, audio and video playback)
-- Disable feature GStreamer_1_0 using "-DWITH_GSTREAMER_1_0=OFF"
-- Checking for module 'glib-2.0'
-- Found glib-2.0, version 2.48.2
-- Found Glib
-- Checking for module 'gstreamer-1.0 >= 1.0.5'
-- Found gstreamer-1.0 , version 1.8.3
-- Checking for module 'gstreamer-base-1.0 >= 1.0.5'
-- Found gstreamer-base-1.0 , version 1.8.3
-- Checking for module 'gstreamer-app-1.0 >= 1.0.5'
-- Found gstreamer-app-1.0 , version 1.8.3
-- Checking for module 'gstreamer-audio-1.0 >= 1.0.5'
-- Found gstreamer-audio-1.0 , version 1.8.3
-- Checking for module 'gstreamer-fft-1.0 >= 1.0.5'
-- Found gstreamer-fft-1.0 , version 1.8.3
-- Checking for module 'gstreamer-pbutils-1.0 >= 1.0.5'
-- Found gstreamer-pbutils-1.0 , version 1.8.3
-- Checking for module 'gstreamer-video-1.0 >= 1.0.5'
-- Found gstreamer-video-1.0 , version 1.8.3
-- Found GSTREAMER_1_0: /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so
-- Skipping optional feature JPEG for codec (use JPEG library)
-- Enable feature JPEG using "-DWITH_JPEG=ON"
-- Skipping optional feature x264 for codec (use x264 library)
-- Enable feature x264 using "-DWITH_X264=ON"
-- Skipping optional feature OpenH264 for codec (use OpenH264 library)
-- Enable feature OpenH264 using "-DWITH_OPENH264=ON"
-- Skipping optional feature GSM for codec (GSM audio codec library)
-- Enable feature GSM using "-DWITH_GSM=ON"
-- Skipping optional feature LAME for codec (lame MP3 audio codec library)
-- Enable feature LAME using "-DWITH_LAME=ON"
-- Skipping optional feature FAAD2 for codec (FAAD2 AAC audio codec library)
-- Enable feature FAAD2 using "-DWITH_FAAD2=ON"
-- Skipping optional feature FAAC for codec (FAAC AAC audio codec library)
-- Enable feature FAAC using "-DWITH_FAAC=ON"
-- Skipping optional feature soxr for codec (SOX audio resample library)
-- Enable feature soxr using "-DWITH_SOXR=ON"
-- Skipping optional feature GSSAPI for auth (add kerberos support)
-- Enable feature GSSAPI using "-DWITH_GSSAPI=ON"
-- Skipping optional feature IPP for performance (Intel Integrated Performance Primitives library)
-- Enable feature IPP using "-DWITH_IPP=ON"
-- Using OpenSSL Version: 1.0.2g
-- Looking for include file stdbool.h
-- Looking for include file stdbool.h - found
-- Looking for include file stdint.h
-- Looking for include file stdint.h - found
-- Looking for include file inttypes.h
-- Looking for include file inttypes.h - found
-- Looking for timer_create
-- Looking for timer_create - found
-- Looking for timer_delete
-- Looking for timer_delete - found
-- Looking for timer_settime
-- Looking for timer_settime - found
-- Looking for timer_gettime
-- Looking for timer_gettime - found
CMake Warning at libfreerdp/CMakeLists.txt:100 (message):
neigter swscale nor libcairo detected, compiling without image scaling
support!
-- Finding recommended feature XKBFile for X11 keyboard (X11 keyboard file extension)
-- Disable feature XKBFile using "-DWITH_XKBFILE=OFF"
-- Found XKBFile: /usr/lib/x86_64-linux-gnu/libxkbfile.so
CMake Error at channels/CMakeLists.txt:48 (if):
if given arguments:
"OFF" "OR"
Unknown arguments specified
Call Stack (most recent call first):
channels/sshagent/ChannelOptions.cmake:5 (define_channel_options)
channels/CMakeLists.txt:273 (include)
-- Configuring incomplete, errors occurred!
See also "/tmp/FreeRDP/CMakeFiles/CMakeOutput.log".
See also "/tmp/FreeRDP/CMakeFiles/CMakeError.log".
The command '/bin/sh -c cmake -DWITH_SSE2=off -DWITH_CUPS=off -DWITH_WAYLAND=off -DWITH_PULSE=off -DCMAKE_INSTALL_PREFIX:PATH=/opt/freerdp . && make && make install && echo /opt/freerdp/lib > /etc/ld.so.conf.d/freerdp.conf && ldconfig && ln -sf /opt/freerdp/bin/xfreerdp /usr/local/bin/' returned a non-zero code: 1
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.