CVE-2020-0796 PoC — 微软 Microsoft SMBv3 缓冲区错误漏洞

Source

Associated Vulnerability

Description

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

Readme

# CVE-2020-0796

Windows SMBv3 LPE Exploit

![exploit](https://user-images.githubusercontent.com/1675387/77913732-110d4f80-7295-11ea-9af6-f17201c66673.gif)

## Authors

  * Daniel García Gutiérrez ([@danigargu](https://twitter.com/danigargu))
  * Manuel Blanco Parajón ([@dialluvioso_](https://twitter.com/dialluvioso_))
  
## Exploit analysis

* [POC Analysis by SungLin (Knownsec 404 Team)](https://paper.seebug.org/1165/)
* [Writeup+PoC by @ZecOps](https://blog.zecops.com/vulnerabilities/exploiting-smbghost-cve-2020-0796-for-a-local-privilege-escalation-writeup-and-poc/)

## References

* https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796
* https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html
* https://www.fortinet.com/blog/threat-research/cve-2020-0796-memory-corruption-vulnerability-in-windows-10-smb-server.html#.Xndfn0lv150.twitter
* https://www.mcafee.com/blogs/other-blogs/mcafee-labs/smbghost-analysis-of-cve-2020-0796/
* http://blogs.360.cn/post/CVE-2020-0796.html
* https://blog.zecops.com/vulnerabilities/vulnerability-reproduction-cve-2020-0796-poc/

File Snapshot

 [4.0K]  /data/pocs/20f036958eb567ea4f751eef1987409108cc50bd
├── [4.0K]  cve-2020-0796-local
│   ├── [6.4K]  cve-2020-0796-local.vcxproj
│   ├── [1.1K]  cve-2020-0796-local.vcxproj.filters
│   ├── [ 165]  cve-2020-0796-local.vcxproj.user
│   ├── [ 11K]  exploit.cpp
│   └── [297K]  ntos.h
├── [1.1K]  cve-2020-0796-local.sln
└── [1.1K]  README.md

1 directory, 7 files

Remarks