Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-0144 PoC — Microsoft Windows SMB 输入验证错误漏洞

Source
https://github.com/sethwhy/BlueDoor
Associated Vulnerability
Title:Microsoft Windows SMB 输入验证错误漏洞 (CVE-2017-0144)
Description:The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Description
Can you exploit the EternalBlue vulnerability (CVE-2017-0144) on a Windows 7 system and retrieve the hidden flag? Your goal is to gain administrative privileges and locate the flag.txt file stored in the `C:\Windows\System32` directory.
Readme
# BlueDoor
Can you exploit the EternalBlue vulnerability (CVE-2017-0144) on a Windows 7 system and retrieve the hidden flag? Your goal is to gain administrative privileges and locate the flag.txt file stored in the `C:\Windows\System32` directory.
File Snapshot

 [4.0K]  /data/pocs/214d6b88937d6813080539e016859701415ea49b
├── [4.0K]  exploit-modules
│   ├── [ 27K]  BUG.txt
│   ├── [2.4K]  checker.py
│   ├── [ 25K]  eternalblue_exploit7.py
│   ├── [ 24K]  eternalblue_exploit8.py
│   ├── [3.7K]  eternalblue_poc.py
│   ├── [1.5K]  eternalchampion_leak.py
│   ├── [5.8K]  eternalchampion_poc2.py
│   ├── [2.5K]  eternalchampion_poc.py
│   ├── [1.6K]  eternalromance_leak.py
│   ├── [5.0K]  eternalromance_poc2.py
│   ├── [ 948]  eternalromance_poc.py
│   ├── [1.8K]  eternalsynergy_leak.py
│   ├── [3.0K]  eternalsynergy_poc.py
│   ├── [1.1K]  infoleak_uninit.py
│   ├── [ 16K]  mysmb.py
│   ├── [1.8K]  npp_control.py
│   ├── [3.3K]  README.md
│   ├── [4.0K]  shellcode
│   │   ├── [ 20K]  eternalblue_kshellcode_x64.asm
│   │   ├── [ 19K]  eternalblue_kshellcode_x86.asm
│   │   └── [1.6K]  eternalblue_sc_merge.py
│   └── [ 42K]  zzz_exploit.py
├── [4.0K]  Instructions
│   ├── [1.3K]  deployment.md
│   └── [ 33K]  image-2.png
└── [ 248]  README.md

3 directories, 24 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →