Jump to content

SPLASHTOP RELAY Server being blocked, please white-list?


guruuno

Recommended Posts

September 13th this was informed of issues (I cannot reply or reopen, hence new here topic); 

Splashtop remote printing being blocked, again

please advise as to a resolution

their reply was
 


For the fixed ip solution, follow the steps below to configure:
 
1. Please update and whitelist the following ip addresses
2. Once the ip addresses are whitelisted, please respond and inform us that this has been done
3. When we are notified, we can tag your account to properly route on our backend 
 
Please find the list of current fixed ip addresses.
 
150.136.132.17 3.132.193.204 18.191.44.25 35.165.160.97 50.18.229.181
129.159.111.190 129.159.101.179 3.141.58.188 158.101.45.160 158.101.35.45
129.159.110.20 34.235.90.206 129.159.85.200 129.146.211.84 132.226.113.124
35.211.56.94 18.233.112.74 54.173.10.171 129.146.228.243 54.176.215.111
3.141.82.240 129.159.74.46 129.159.114.84 35.212.232.80 35.155.46.184
129.159.99.162 35.211.185.165 35.211.205.237 132.226.24.89 35.208.36.229
193.122.185.220 150.136.0.254 35.211.20.190 54.241.4.254 54.203.233.2
35.211.146.105 34.225.225.238 3.140.205.16 44.230.159.46 44.241.96.242
35.211.145.52 54.163.92.216 129.159.105.223 132.226.30.183 129.146.216.189
193.122.200.117 129.159.106.212 129.159.92.21 132.226.25.67 132.226.121.15
129.159.84.35 193.122.191.67 158.101.39.21 158.101.39.108 129.146.234.94
3.12.183.222 35.172.169.64 184.169.237.2 158.101.38.12 50.18.55.179
3.141.226.31 35.207.37.114 35.80.107.79 158.101.24.240 54.71.160.66
35.153.163.73 129.159.89.174 44.233.167.217 54.203.67.36 35.212.212.174
129.159.86.83 129.159.100.58 158.101.32.219 35.212.248.219 132.226.113.48
54.198.215.106 193.122.172.160 54.176.48.173 54.241.2.8 132.226.124.195
129.159.116.1 193.122.192.28 158.101.45.12 129.146.197.13 132.226.124.196
35.211.247.4 35.211.34.194 35.209.244.86 129.146.150.170 158.101.37.95
129.159.101.198 150.136.0.219 35.215.99.56 129.146.208.44 129.146.229.237
18.224.115.69 193.122.199.224 132.226.124.145 54.176.81.135 52.9.42.215
3.142.162.106 129.159.108.9 35.215.67.29 132.226.126.196 129.159.82.0/24
129.159.89.16 129.159.108.8 35.208.104.94 132.226.29.110 132.226.144.0/24
35.174.216.37 54.164.19.64 44.238.115.102 132.226.24.212 50.18.0.172
35.211.141.116 150.136.187.68 35.215.81.247 54.151.91.105 132.226.112.220
3.132.98.42 193.122.199.213 35.209.14.26 54.241.14.13  
 
Thank you,
 
-Splashtop Team
 

Regards,
Splashtop Business Support Team

 

 

Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 9/26/23
Protection Event Time: 2:31 PM
Log File: ee98596a-5c9a-11ee-8a7f-b083fe889a7e.json

-Software Information-
Version: 4.6.3.282
Components Version: 1.0.2151
Update Package Version: 1.0.75695
License: Premium

-System Information-
OS: Windows 10 (Build 19045.3448)
CPU: x64
File System: NTFS
User: System

-Exploit Details-
File: 0
(No malicious items detected)

Exploit: 1
Exploit.PayloadProcessBlock, C:\WINDOWS\system32\cscript.exe cscript prnmngr.vbs -a -p Splashtop PDF Remote Printer -m Microsoft Print to PDF -r FILE:, Blocked, 701, 392684, 0.0.0, , 

-Exploit Data-
Affected Application: cmd
Protection Layer: Application Behavior Protection
Protection Technique: Exploit payload process blocked
File Name: C:\WINDOWS\system32\cscript.exe cscript prnmngr.vbs -a -p Splashtop PDF Remote Printer -m Microsoft Print to PDF -r FILE:
URL: 

(end)

Link to post
Share on other sites

4 hours ago, guruuno said:

Exploit.PayloadProcessBlock, C:\WINDOWS\system32\cscript.exe cscript prnmngr.vbs -a -p Splashtop PDF Remote Printer -m Microsoft Print to PDF -r FILE:, Blocked, 701, 392684, 0.0.0, , 

-Exploit Data-
Affected Application: cmd
Protection Layer: Application Behavior Protection
Protection Technique: Exploit payload process blocked
File Name: C:\WINDOWS\system32\cscript.exe cscript prnmngr.vbs -a -p Splashtop PDF Remote Printer -m Microsoft Print to PDF -r FILE:
URL: 

(end)

This is a known issue with exploit protection and a fix will be out in the next couple of weeks. The ONLY workaround is to disable exploit protection during your session.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.