Tunneling services through SSH

While its never a great idea to expose RDP to the world directly, some may argue using filtered ports would be okay. That is, allowing RDP to only specific external networks or IP's... Regardless though, its know RDP is a target for brute force attacks and in some cases exploits on the protocol for things like Bluekeep. In fact its begging to be reported that RDP is a common vector for Ransomware

And some networks may just straight filter RDP outbound, at the network layer or even application layer.

But there are ways to work around these issues. Namely with SSH. SSH if setup correctly (aka key-based authentication) is often exposed to the internet. And while there are definately threat models that may warrant you to take extra precautions, its generally been okay. And its quite powerful.

For example, you can use it to setup a Socks5 Proxy for things like proxying browser traffic with SSH -D.

Well heres another quick trick. SSH -L

The format is ssh -L "Local Port":"internal IP":"Internal Service Port" username@sshhost

Graphical Example

In the example above. Once connecting an SSh session, you can open your RDP window and point to the local port (33389 in this case) and connect to the Remote Desktop session on the IP listed (in my example 192.168.1.10.)

RDP Session Example

Its worth noting for the local port I used a unregistered port..Anything above 49152 are dynamic as well and not assigned by IANA. It is sometimes the case for some OS's to not allow non-admins to bind to registered ports for security reasons so I just make a habit of using a unregistered port above 1000 or so..

CVE-2021-1675

Proof of Concepts and Initial Reports

First attempts seen at claiming a post patch exploit: https://twitter.com/RedDrip7/status/1409353110187757575

Original PoC pulled

First PoC of exploit, forked from the one pulled above: https://github.com/cube0x0/CVE-2021-1675

More efforts to show the PoC:

Microsoft may be pulling the more easily usable PoC's from github

Mitigations

MS Documentation on Print Spooler:

Possible GPO based mitigation for non-print server: https://github.com/LaresLLC/CVE-2021-1675

Possible Mitigation for Print Servers: https://blog.truesec.com/2021/06/30/fix-for-printnightmare-cve-2021-1675-exploit-to-keep-your-print-servers-running-while-a-patch-is-not-available/

Roku Shortcut Cheatsheet

  1. System Information - Things like CPU Temps, Clock Speeds etc.

    Press Home x5 > Fast Forward> Down > Rewind > Down > Fast Forward

  2. Wireless Settings - Things like signal strength, drops/retries etc. Can be used to adjust your 2.4 gHz strength to just the right level (anything better than -70 dbm seems optimal)

    Press Home x5 > Up > Down > Up > Down > Up

  3. Limit streaming bandwidth - Handy if you have datacaps and want to manage a heavy streamer etc

    Press Home x5 > Rewind x3 > Fast Forward x2

  4. Random Secret Screens - Disable scrolling ads etc.

    Press Home x5 > Fast Forward x3 > Rewind x2

    Press Home x5 > Up > Right > Down > Left > Up

  5. Developer Options - Webserver to take screenshots of rokus etc.

    Press Home x3 > Up x2 > Right > Left > Right > Left > Right

  6. Force Restart - When you are too lazy to walk up and power cycle it.

    Press Home x5 > Up > Rewind x2 > Fast Forward x2.

How I cut the chord and built my own DVR

This will give a high level overview of how I canceled my cable subscription and rolled my own whole home DVR. I wont get too in the weeds about specifics because, in reality, I have a lot of existing "infrastructure" probably uncommon in most households.

Ultimately I grew tired of haggling with providers to get the same rates they happily give people with not billing history, and ultimately I realized we really only watch stuff that is basically free with a few exceptions.

To get started I needed some basics.

  1. Storage - A NAS, Desktop, heck even a small RaspberryPi COULD work (though i probably wouldnt reccomend it). For me this is a Synology Diskstation 1815+.
  2. Plex Server - A computer with a decent CPU (or even better one that supports Intel QuickSync). This can be a Windows Desktop, Linux, even Mac. It just needs to be running all the time. For me a built a virtual machine that runs on a Dell 7050 SFF
  3. Plex Pass - This is needed to stream and record OTA tv. You can start small at $5/mo and then just get the lifetime if everything works. A lifetime pass was less than 1 month of cable service..
  4. An Antenna - Or in my case, I'm lazy and went with not one, but two indoor models.
  5. A Tuner to convert the Antenna signal something the plex server can talk to.
  6. Rokus for the TVs - AppleTV's, or Firesticks anything that can run Plex will do. I went with Roku because I had one already, had Recently bought a cheap Roku TV AND most importantly, they work with universal remotes.
  7. Universal Remote - Simple and consistent across all TV's in the house. So guests can generally operate it.

Update - I recently move to these remotes for my rokus that were NOT roku TV (TCL brand). They are still consistent and didnt confuse some visitors as much.

Its worth noting you can combine items 1 and 2, especially if this is a new foray and you are buying hardware anyway. Plex has a good document on what NAS models are supported and can do transcoding. And again, you could get any old desktop, even off amazon and install plex and pop some hard drives in. The only real point is you need both something to store files with some bigger drives and something to stream with.

Once you have the hardware the fun begins.

First I setup file shares on the NAS, along with an account with access. The account was simply "plexserver" and it has modify rights to the file shares.

For all intents and purposes I have several shares

  1. DVR for shows I record.
  2. Television share for shows I own and just want to save.
  3. Movies
  4. Kids movies - I dont really want bambi cluttering up my adult movies.

Once I had the shares setup. I spun up linux server in my VMware lab.

I created the folder /plex and then a folder for each share in /plex.

I mounted the shares in /etc/crontab enter image description here

I used a config file in /etc/ to handle the credentials enter image description here Its very simple with only 2 lines. Make sure you set permissions right. enter image description here.

From there install plex, setup your libraries and you are off to the races.

Setting up the DVR and Tuner is also pretty simple, but the harder part (and a major reason i have 2 antennas, is actually getting them aligned.

For this I used TVFool to get a good idea of the general direction of the towers in my area.

You can put in your address and get a decent idea of the relative antenna locations

Additionally you get your relative strength and co-channel interference you may encounter.enter image description here

There is a handy color chart to help you determine the type of antenna you may need.enter image description here

For me, I was able to get by with indoor antennas so no major drilling outside. However two of my towers were about perpendicular to each other. A single large outdoor antenna likely would work better, but the lazy part of me didn't want to run a 15a plug outside for a booster. So I settled with 2 indoor ones, on perpendicular walls.

Alignment I found to be easiest by starting a stream on a channel in plex, then pulling up the HDHomerun tuners page and adjusting the antenna location until you get a suitable strength. Refreshing the page updates the stats.

The details below are about the MINIMUM needed for a solid stream or recording with no breakup.

enter image description here