Blog Feed

This task sequence cannot be run because the program files for scopeid

There are many issues that can generate above mentioned error while imaging using SCCM. But the biggest hurdle is locating the scope ID. Because usually it gives you some giant number not that clear.

Easiest way to locate the scope ID is clicking on listed task list and reference tab which list all the task IDs. This issue was resolved by re distributing erred task ID related package.

How to setup Tor Bridge

I am not going to detail what is tor and all. Because if you already looking to setup Tor bridge, I assume that you already know about tor 😊. You can learn more about tor here anyways https://www.torproject.org/

In my setup I’ve used Lubuntu ( Focal distribution) (https://lubuntu.net/ ) light weight ubuntu base distro on spare old NUC box. This setup needs very little resources since Lubuntu design to run on your old hardware. Also, system can run 24/7 with very little power consumption.

First you need to get install latest tor. Because Debain LTS ver does not always give you the latest stable tor. if your tor bridge not safe, your intended user will not be safe either.

***** Enable package manager

# apt install apt-transport-https

***** Next go the to /etc/apt/sources.list or a new file in /etc/apt/sources.list.d/ add below entries,

   deb     https://deb.torproject.org/torproject.org <DISTRIBUTION> main

   deb-src https://deb.torproject.org/torproject.org <DISTRIBUTION> main

in my case it was little different because Focal dropped 32-bit support,

   deb     [arch=amd64] https://deb.torproject.org/torproject.org focal main

   deb-src [arch=amd64] https://deb.torproject.org/torproject.org focal main

***** You can fine your distro ver by running lsb_release -c in terminal.

***** Then add gpg Keys to sign packages

# wget -qO-  https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --import

# gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add –

***** Install Key rings

# apt update

# apt install tor deb.torproject.org-keyring

Get more info here https://support.torproject.org/apt/tor-deb-repo/

****** Install Tor and proxy packages

# apt-get  install tor

# apt-get install obfs4proxy

# apt-get update

***** Brows into /etc/tor/  and right click and edit as admin torrc file or open with terminal editor,

Comment out or add these lines if the do not exists,

BridgeRelay 1

ORPort TODO1 = In my case TODO1 replace with 9001

ServerTransportListenAddr obfs4 0.0.0.0:TODO2 = I changed TODO2 to 9002

ExtORPort auto

ContactInfo address@email.com = change out your address you want to be contact if the relay have issue

Nickname PickANickname = set a nickname whatever you like

ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy

Log notice file /var/log/tor/notices.log

****** Set NoNewPrivileges=no in these two files,

/lib/systemd/system/tor@default.service

/lib/systemd/system/tor@.service

After that run below in terminal,

# systemctl daemon-reload

# systemctl restart tor

***** Now you need to port forward above set ports, so that Tor can reach your bridge.

Find more info here , https://community.torproject.org/relay/setup/bridge/debian-ubuntu/

Install VirtualBox Guest Addition in Ubuntu

First from virtual machine menu, click Devices and click on Insert Guest Addition CD Image. This process will add guest addition CD inside VM.

Bring terminal and run below,

sudo apt update
sudo apt install build-essential dkms linux-headers-$(uname -r)

Then brows into the CD from GUI interface and right click somewhere in the CD and click open terminal here. This bring Terminal within CD

then simply run,

sudo su

./VBoxLinuxAdditions.run --nox11

You will need to reboot VM.

How to Install Volatility in Kali

The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. ” Volatility GitHub

Kali Linux has dropped volatility from their new release and you won’t be able to install it as usual apt-get install. You can go to GitHub and get info to install it via volatility download https://www.volatilityfoundation.org/releases. But when you start running it you will see many error pop up. This mainly due to no python availability in new debian and missing dependencies.

It took me few hours of fiddling around with various package install and reading through many post. But this is the method I was able to test and get it working.

Big thanks to Jason @ Jase IT and whoever did post to install python2 @ https://stackoverflow.com/questions/61981156/unable-to-locate-package-python-pip-ubuntu-20-04

Sudo su

apt-get update

###Install phython2

apt install python2

####Install pip2

curl https://bootstrap.pypa.io/get-pip.py –output get-pip.py

python2 get-pip.py

If Error happened run below and then run python2 get-pip.py

curl https://bootstrap.pypa.io/2.7/get-pip.py –output get-pip.py

###Install python3

apt install python3

###Install pip3

apt install python3-pip

###Install dependency

apt-get install pcregrep libpcre++-dev python-dev -y

###Upgrade setuptool

pip2 install –upgrade setuptools (make sure it is dash dash before upgrade setuptools NOT single dash)

###Install pip dependency

pip2 install pycrypto

pip2 install distorm3

###Download and extract volatility from https://www.volatilityfoundation.org/releases listed as “Source Code”

###CD into the location source code

python setup.py install

python vol.py -h to see more info

 

An installation step failed. Kali Linux Install Error

I’ve recently face an error with Kali Linux install in VMware Player and even after giving ample enough space /resources it was keep falling with install step failed and I’ve confirm that VM installer has internet access.

This is pretty much loop back even after restart the install. I’ve tried many times and different methods to install and come back to screen saying hit continue and it will bring up menu that you can skip the step of installing software, pretty much you will loose the GUI and all Kali packages.

After few hours browsing and cursing this the method I used to get kali install and functioning.

**** Basically hit continue and once you come to next step where you have option to skip,skip the step and installer will continue but when kali boot back you will be presented with basic debain shell.

****Log into the shell with your username and password then run these in a order and reboot. Make sure that your Kali can reach to the internet.

This command will install GUI XFACE, after install you will be able to log into Kali GUI.

***sudo apt-get install kali-desktop-xfce

Then you need to update kali install,

***sudo apt update

After this kali need to download base tool set via meta package install. This step will install base Kali tool and some other top tools. You can refer to this link for Kali meta packages in detail https://tools.kali.org/kali-metapackages

*** sudo apt update && sudo apt install kali-linux

*** sudo apt update && sudo apt install kali-linux-full

Here is a great blog post to install meta packages https://githacktools.blogspot.com/2018/04/how-to-install-kali-linux-metapackages.html

DISM ERROR 0x800f081f

You may have seen error 0x800f081f while trying to repair windows with DISM command. It is usually looks like below,

This is the command sequence to fix it,

*** dism /online /cleanup-image /checkhealth

***Dism.exe /Online /Cleanup-Image /AnalyzeComponentStore

***If Above came as yes run Dism.exe /online /Cleanup-Image /StartComponentCleanup

***DISM /Online /Cleanup-Image /RestoreHealth

My case above didn’t work for whatever the reason and had to mount original server install ISO and ran below command and repair via WIM file in OS install ISO

Dism /Online /Cleanup-Image /RestoreHealth /Source:wim:X:\Sources\Install.wim:1/limitaccess ( X was the drive letter for my ISO)

Make sure to run all command in Admin mode in CMD.

Upgrade ESXI 6.7 U1 to U3

This method apply to upgrade Dell ESXI server 6.7 U1 to U3

Go to Dell vmware esxi u3 patch download page https://www.dell.com/support/home/en-ca/drivers/driversdetails?driverid=j75ny

Download VMware-VMvisor-Installer-6.7.0.update03-14320388.x86_64-DellEMC_Customized-A02.zip file and upload in to your ESXI datastore.

Put the host to maintenance mode.

Then ssh into esxi host via putty and run this command

esxcli software vib install -d /vmfs/volumes/Store1/updates/VMware-VMvisor-Installer-6.7.0.update03-14320388.x86_64-DellEMC_Customized-A02.zip

make sure to to change store location and zip file name as per your environment.

After the completion, reboot the esxi

Done!!

Jabber Install Script

As Cisco jabber released a new version to fix some security vulnerabilities, I had a opportunity to mass update the existing jabber versions. Below is tested script that I used to successfully deploy the Jabber 12.9.1 version to all Windows endpoints. You can edit this as needed and deploy Jabber 12.9.1. My script basically removed existing Jabber 12.8.1 and 12.6.2 and install latest 12.9.1.

REM Uninstall Jabber 12.8.1

“msiexec.exe” /x {6E87407E-2EFD-4C7F-B167-8219279226E6} /qn /norestart

REM Uninstall Jabber 12.6.2

“msiexec.exe” /x {BEFF5578-DB83-4AFA-8C40-4A005F2A3BF9} /qn /norestart

REM Delete regkey Jabber 12.6.2

reg delete “HKEY_CLASSES_ROOT\Installer\Products\8855248850B85EC4787609E82C36C6B2” /f

REM Delete regkey Jabber 12.8.1

reg delete “HKEY_CLASSES_ROOT\Installer\Products\7D843DE4BA2A2DC4C89F532E22C06EC9” /f

REM Install Jabber 12.9.1

msiexec.exe /i \share location\CiscoJabberSetup.msi /qn CLEAR=1

Renew Cisco Switch Self-Sign Certificate

This post mainly refer to Cisco Catalyst switches and this I have tested on production network without any issues. But again proceed with caution!!. Cisco recommend to have a CA trust point configured on all the Cisco devices for secure communication. But if you do not have one switch will fall back to a self-sign certificate which we need to renew over the time. This is the full article from Cisco https://www.cisco.com/c/en/us/support/docs/security-vpn/public-key-infrastructure-pki/215118-ios-self-signed-certificate-expiration-o.html

Also great community article https://community.cisco.com/t5/networking-documents/a-self-signed-certificate-is-added-to-a-cisco-catalyst-switch/ta-p/3124222

Here are the steps for how to do it in short form,

*** SSH into the switch or console connect.

***show crypto pki certificates —– to get the certificates and show you all the certificates. This will show you all the switch certs and you will be able to locate expired one.

***Locate the ID of the cert that has expired date and it will usually show you something like TP-self-signed-51XXXXXX

***Switch to privilege mode

***no ip http secure-server ——-disable https server before do any renewal

*** no crypto pki trustpoint TP-self-signed-51XXXXX —- this id you were located running first command

***ip http secure-server ———re enables the https server and generates a new trustpoint and certificate

*** do show crypto pki certificates – check the new cert is there with new validity period

Then you are done.

SCCM Reporting Error After SQL Upgrade. (Failed to load expressions host assembly)

Few Weeks back I had the chance to upgrade SQL server from 2012 to 2016 which host SCCM DB. Usually SQL Upgrades are very straight forward process. You can read a very good article about how to do SQL upgrade here. https://www.virtualizationhowto.com/2017/03/how-to-upgrade-sql-server-2014-to-sql-server-2016/

But after straight forward upgrade and testing everything was fine except SCCM, reporting will not load and was throwing an error Failed to load expressions host assembly. But SQL server was working without an any error.

MINDCORE BLOG: Failed to load expression host assembly. Details ...

After looking through many logs I was able to located the issue which was cause by SQL file location changes during the upgrade. Then I had to brows through the internet to find a solution and Microsoft recommend solution was to reinstall Reporting Service Point (RSP) role which is describe here https://social.technet.microsoft.com/wiki/contents/articles/15475.how-to-successfully-install-reporting-services-point-role-in-sccm-2012-sp1.aspx

But I wasn’t dare enough to go and mess around SCCM and found very good solution here https://ronnydejong.com/2013/05/23/reporting-service-point-rsp-broken-after-upgrading-sql-server-2012-sp1-sysctr/ This was listed solution for upgrade from 2008 to 2012 but same solution worked for my situation also.

****Basically, copy srsresources.dll from old SSRS install location which was in my case was in \Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\Report Server\Bin

TO

New SSRS location \Program Files\Microsoft SQL Server\MSRS13.MSSQLSERVER\Reporting Services\Report Server\Bin

****Then find rssrvpolicy.config file in new SSRS install (\Program Files\Microsoft SQL Server\MSRS13.MSSQLSERVER\Reporting Services\Report Server\Bin) open with note pad

****Then search for the SRSResources URL within note pad and change the URL to new location where DLL copied in first step.

Then you are done.