CVE-2020-0796 – CVE-2020-0796 Pre-Auth POC

March 31, 2020
CVE 2020 0796 POC 1 demo

(c) 2020 ZecOps, Inc. – https://www.zecops.com – Find Attackers’ Mistakes

POC to check for CVE-2020-0796 / “SMBGhost”
Expected outcome: Blue Screen
Intended only for educational and testing in corporate environments.
ZecOps takes no responsibility for the code, use at your own risk.
Please contact [email protected] if you are interested in agent-less DFIR tools for Servers, Endpoints, and Mobile Devices to detect SMBGhost and other types of attacks automatically.

Usage

CVE-2020-0796-POC.exe [<TargetServer>]

If <TargetServer> is omitted, the POC is executed on localhost (127.0.0.1).

Compiled POC

You can get the compiled POC here.

Compiling

Use Visual Studio to compile the following projects:

  1. ProtoSDKAsn1BaseAsn1Base.csproj
  2. ProtoSDKMS-XCAXca.csproj
  3. ProtoSDKMS-SMB2Smb2.sln

Use the resulting exe file to run the POC.

References

  • Vulnerability Reproduction: CVE-2020-0796 POC – ZecOps Blog
  • CVE-2020-0796 – Microsoft Security Response Center
  • SMBGhost Analysis – Lucas Georges
Download CVE-2020-0796-POC
Original Source
Tags: , , , ,

You may have missed

gophish

GoPhish Login Page Detected – 128[.]199[.]214[.]73:8443

May 1, 2024
gophish

GoPhish Login Page Detected – 8[.]210[.]191[.]142:8443

May 1, 2024
gophish

GoPhish Login Page Detected – 128[.]199[.]159[.]85:8443

May 1, 2024
gophish

GoPhish Login Page Detected – 35[.]176[.]131[.]221:8443

May 1, 2024
9d026502e3f54c59bd9b28bbd9fc3100eb2ac075f6896ea7246f136536f9b85e

OSTE-Web-Log-Analyzer – Automate The Process Of Analyzing Web Server Logs With The Python Web Log Analyzer

May 1, 2024