#StackBounty: #metasploit #windows-10 #antimalware #virtualbox How to find discrepancy between exploitable and unexploitable VM

Bounty: 50

For several years, I have been setting up VMs with 2-3 year old versions of Windows as well as some additional applications to demonstrate two-stage exploits using Metasploit for educational purposes (more precisely Bachelor-level IT security courses).

This year, I set up a Windows VM from an x86 1803 ISO, installed Firefox 38 and successfully and reproducibly managed to obtain SYSTEM privileges after first using exploit/windows/browser/firefox_smil_uaf (both on its own and via browser_autopwn2) and subsequently exploit/windows/local/appxsvc_hard_link_privesc. This VM works perfectly and I have a restore point from before any attacks that I can go back to and successfully use both exploits.

However, when trying to build a new VM for the course from scratch, I cannot get any of the two exploits to work (Windows Defender detects them as malware every single time). I use the exact same ISO file and installed the exact same software – I kept a folder of all binaries/files as well as a log of every setting that I changed. I tried setting up the Windows VM at least three times now, but every time, Windows Defender detects the exploits, whereas they work flawlessly (i.e., undetected) in my first VM. The VMs have the same amount of memory etc. None of them is connected to the Internet at any time.

How can I find out what difference exists between the VMs (my first, working one, and all the others that I set up based on my notes)? There must be some difference that I missed or accidentally misconfigured. I did not touch any Windows Defender settings in any of the VMs.

A workaround would also be fine for me. I already tried to set the payload(s) to windows/meterpreter/reverse_winhttps and used different encoders, but to no avail in the new VMs. In my first VM, the exploits always work, regardless of the payload or used encoder. Any clues are appreciated.


Get this bounty!!!

#StackBounty: #networking #ubuntu #virtualbox #virtual-machine VirtualBox network stops working

Bounty: 50

I have VirtualBox 6.1 running on Windows 10. It is running virtual machine with Ubuntu server 18.04 LTS. It can work couple of weeks without any issues, but sometimes VM completely looses network. It is not available to connect to (using ssh like putty) and services, which are running in VM also cannot connect to anything (cannot send email, resolve DNS). The VM itself is running, I can control it using VirtualBox window.

Restart from Ubuntu (shutdown -r now) does not help. After restart it still does not have network. Complete shutdown (shutdown -h now) and then start helps.

What could be wrong? How I can investigate and find the reason of the issue?


Get this bounty!!!

#StackBounty: #virtualbox #openbsd #reboot OpenBSD as VirtualBox guest halts on reboot on Linux host (not on macOS host)

Bounty: 150

I have an installation of OpenBSD-current running headlessly within VirtualBox 6.1.16 on a headless Ubuntu Linux (Focal) system. Whenever I reboot the virtual machine (issuing the reboot command as root in the guest system), the virtual machine halts, i.e. it stops running.

This is a nuisance when running the OpenBSD sysupgrade tool to upgrade to a new snapshot release, as it means having to log into the host system to restart the virtual machine twice (after the initial reboot, and then again the upgrade has completed and the system reboots again).

This is different from how the same identical virtual machine functions in VirtualBox 6.1.18 on macOS (using the GUI there). There, the virtual machine is kept running, allowing the system to properly reboot without having to interact with the VirtualBox GUI on the host system. It is also different from how another virtual machine running Kali Linux behaves on the same Ubuntu host system.

On Linux, I start this virtual machine, mymachine, as an unprivileged user like so:

VBoxManage startvm --type headless mymachine

Should I start it in some particular way, or should I change the machine’s configuration in some particular way (I haven’t found anything that seems related to this in the machine’s settings)?

The only substantial difference between the OpenBSD virtual machine on macOS (which reboots properly) and the same machine on the Ubuntu host (which halts instead of rebooting) is that the former uses a VDI disk image while the latter has a VMDK disk image.


Get this bounty!!!

#StackBounty: #virtualbox Running Virtualbox 6.1.22 on Ubunti 21.04, I get 'Effective UID is not root' every time it try to sta…

Bounty: 50

I’m running Ubuntu 21.04 with the default Virtualbox that comes with Ubuntu. VirtualBox Graphical User Interface Version 6.1.22_Ubuntu r144080 .

It starts up fine, but when I try to start a VM, I get:

Effective UID is not root (euid=1000 egid=1000 uid=1000 gid=1000) (rc=-10)
Please try reinstalling VirtualBox.
where: SUPR3HardenedMain what: 2 VERR_PERMISSION_DENIED (-10) - Permission denied.

So, I tried reinstalling Virtualbox. No dice, I get the same error. So, I tried sudo chown 4755 /usr/lib/virtualbox/Virtualbox, but then I got the error saying that running as root was a no-no, due to security, which makes sense.

So, help? Any ideas?

Additional information, if I run on:

sudo virtualbox it seems to work fine.

More additional info:

I filed a bug on this against Virtualbox on Ubuntu 21.04. It is now confirmed. No ETA on a fix.


Get this bounty!!!

#StackBounty: #virtualbox Running Virtualbox 6.1.22 on Ubunti 21.04, I get 'Effective UID is not root' every time it try to sta…

Bounty: 50

I’m running Ubuntu 21.04 with the default Virtualbox that comes with Ubuntu. VirtualBox Graphical User Interface Version 6.1.22_Ubuntu r144080 .

It starts up fine, but when I try to start a VM, I get:

Effective UID is not root (euid=1000 egid=1000 uid=1000 gid=1000) (rc=-10)
Please try reinstalling VirtualBox.
where: SUPR3HardenedMain what: 2 VERR_PERMISSION_DENIED (-10) - Permission denied.

So, I tried reinstalling Virtualbox. No dice, I get the same error. So, I tried sudo chown 4755 /usr/lib/virtualbox/Virtualbox, but then I got the error saying that running as root was a no-no, due to security, which makes sense.

So, help? Any ideas?

Additional information, if I run on:

sudo virtualbox it seems to work fine.

More additional info:

I filed a bug on this against Virtualbox on Ubuntu 21.04. It is now confirmed. No ETA on a fix.


Get this bounty!!!

#StackBounty: #virtualbox Running Virtualbox 6.1.22 on Ubunti 21.04, I get 'Effective UID is not root' every time it try to sta…

Bounty: 50

I’m running Ubuntu 21.04 with the default Virtualbox that comes with Ubuntu. VirtualBox Graphical User Interface Version 6.1.22_Ubuntu r144080 .

It starts up fine, but when I try to start a VM, I get:

Effective UID is not root (euid=1000 egid=1000 uid=1000 gid=1000) (rc=-10)
Please try reinstalling VirtualBox.
where: SUPR3HardenedMain what: 2 VERR_PERMISSION_DENIED (-10) - Permission denied.

So, I tried reinstalling Virtualbox. No dice, I get the same error. So, I tried sudo chown 4755 /usr/lib/virtualbox/Virtualbox, but then I got the error saying that running as root was a no-no, due to security, which makes sense.

So, help? Any ideas?

Additional information, if I run on:

sudo virtualbox it seems to work fine.

More additional info:

I filed a bug on this against Virtualbox on Ubuntu 21.04. It is now confirmed. No ETA on a fix.


Get this bounty!!!

#StackBounty: #virtualbox Running Virtualbox 6.1.22 on Ubunti 21.04, I get 'Effective UID is not root' every time it try to sta…

Bounty: 50

I’m running Ubuntu 21.04 with the default Virtualbox that comes with Ubuntu. VirtualBox Graphical User Interface Version 6.1.22_Ubuntu r144080 .

It starts up fine, but when I try to start a VM, I get:

Effective UID is not root (euid=1000 egid=1000 uid=1000 gid=1000) (rc=-10)
Please try reinstalling VirtualBox.
where: SUPR3HardenedMain what: 2 VERR_PERMISSION_DENIED (-10) - Permission denied.

So, I tried reinstalling Virtualbox. No dice, I get the same error. So, I tried sudo chown 4755 /usr/lib/virtualbox/Virtualbox, but then I got the error saying that running as root was a no-no, due to security, which makes sense.

So, help? Any ideas?

Additional information, if I run on:

sudo virtualbox it seems to work fine.

More additional info:

I filed a bug on this against Virtualbox on Ubuntu 21.04. It is now confirmed. No ETA on a fix.


Get this bounty!!!

#StackBounty: #virtualbox Running Virtualbox 6.1.22 on Ubunti 21.04, I get 'Effective UID is not root' every time it try to sta…

Bounty: 50

I’m running Ubuntu 21.04 with the default Virtualbox that comes with Ubuntu. VirtualBox Graphical User Interface Version 6.1.22_Ubuntu r144080 .

It starts up fine, but when I try to start a VM, I get:

Effective UID is not root (euid=1000 egid=1000 uid=1000 gid=1000) (rc=-10)
Please try reinstalling VirtualBox.
where: SUPR3HardenedMain what: 2 VERR_PERMISSION_DENIED (-10) - Permission denied.

So, I tried reinstalling Virtualbox. No dice, I get the same error. So, I tried sudo chown 4755 /usr/lib/virtualbox/Virtualbox, but then I got the error saying that running as root was a no-no, due to security, which makes sense.

So, help? Any ideas?

Additional information, if I run on:

sudo virtualbox it seems to work fine.

More additional info:

I filed a bug on this against Virtualbox on Ubuntu 21.04. It is now confirmed. No ETA on a fix.


Get this bounty!!!

#StackBounty: #virtualbox Running Virtualbox 6.1.22 on Ubunti 21.04, I get 'Effective UID is not root' every time it try to sta…

Bounty: 50

I’m running Ubuntu 21.04 with the default Virtualbox that comes with Ubuntu. VirtualBox Graphical User Interface Version 6.1.22_Ubuntu r144080 .

It starts up fine, but when I try to start a VM, I get:

Effective UID is not root (euid=1000 egid=1000 uid=1000 gid=1000) (rc=-10)
Please try reinstalling VirtualBox.
where: SUPR3HardenedMain what: 2 VERR_PERMISSION_DENIED (-10) - Permission denied.

So, I tried reinstalling Virtualbox. No dice, I get the same error. So, I tried sudo chown 4755 /usr/lib/virtualbox/Virtualbox, but then I got the error saying that running as root was a no-no, due to security, which makes sense.

So, help? Any ideas?

Additional information, if I run on:

sudo virtualbox it seems to work fine.

More additional info:

I filed a bug on this against Virtualbox on Ubuntu 21.04. It is now confirmed. No ETA on a fix.


Get this bounty!!!

#StackBounty: #virtualbox Running Virtualbox 6.1.22 on Ubunti 21.04, I get 'Effective UID is not root' every time it try to sta…

Bounty: 50

I’m running Ubuntu 21.04 with the default Virtualbox that comes with Ubuntu. VirtualBox Graphical User Interface Version 6.1.22_Ubuntu r144080 .

It starts up fine, but when I try to start a VM, I get:

Effective UID is not root (euid=1000 egid=1000 uid=1000 gid=1000) (rc=-10)
Please try reinstalling VirtualBox.
where: SUPR3HardenedMain what: 2 VERR_PERMISSION_DENIED (-10) - Permission denied.

So, I tried reinstalling Virtualbox. No dice, I get the same error. So, I tried sudo chown 4755 /usr/lib/virtualbox/Virtualbox, but then I got the error saying that running as root was a no-no, due to security, which makes sense.

So, help? Any ideas?

Additional information, if I run on:

sudo virtualbox it seems to work fine.

More additional info:

I filed a bug on this against Virtualbox on Ubuntu 21.04. It is now confirmed. No ETA on a fix.


Get this bounty!!!