CVE-2020-0796 Pre-Auth POC

(c) 2020 ZecOps, Inc. - https://www.zecops.com - Find Attackers' Mistakes
POC to check for CVE-2020-0796 / "SMBGhost"
Expected outcome: Blue Screen
Intended only for educational and testing in corporate environments.
ZecOps takes no responsibility for the code, use at your own risk.
Please contact sales@ZecOps.com if you are interested in agent-less DFIR tools for Servers, Endpoints, and Mobile Devices to detect SMBGhost and other types of attacks automatically.

Usage

CVE-2020-0796-POC.exe [<TargetServer>]

If <TargetServer> is omitted, the POC is executed on localhost (127.0.0.1).

Compiled POC

You can get the compiled POC here.

Compiling

Use Visual Studio to compile the following projects:

ProtoSDK\Asn1Base\Asn1Base.csproj
ProtoSDK\MS-XCA\Xca.csproj
ProtoSDK\MS-SMB2\Smb2.sln

Use the resulting exe file to run the POC.

Name		Name	Last commit message	Last commit date
Latest commit History 2,499 Commits
AssemblyInfo		AssemblyInfo
CommonScripts		CommonScripts
Doc		Doc
InstallPrerequisites		InstallPrerequisites
MessageAnalyzerLibrary		MessageAnalyzerLibrary
ProtoSDK		ProtoSDK
ProtocolTestManager		ProtocolTestManager
RemoteRun		RemoteRun
TestSuites		TestSuites
common		common
pipelines		pipelines
.gitattributes		.gitattributes
.gitignore		.gitignore
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE.txt		LICENSE.txt
README.md		README.md
demo.gif		demo.gif

License

jamf/CVE-2020-0796-POC

Folders and files

Latest commit

History

Repository files navigation

CVE-2020-0796 Pre-Auth POC

Usage

Compiled POC

Compiling

References

About

Topics

Resources

License

Stars

Watchers

Forks

Languages