CVE-2020-0796 PoC — 微软 Microsoft SMBv3 缓冲区错误漏洞

Source

Associated Vulnerability

Description

Powershell SMBv3 Compression checker

Readme

> **Warning**
> This repository has been archived and is no longer actively maintained.

# CVE-2020-0796
Powershell SMBv3 Compression checker

![Image of Powershell SMBv3 Compression checker](https://raw.githubusercontent.com/T13nn3s/CVE-2020-0976/master/images/Image-of-Powershell-SMBv3-Compression-checker.png)

Related blog post: https://binsec.nl/cve-2020-0796-smbv3-rce-vulnerebility-in-smbv3-coronablue/

## This vulnerability has so far only applied to the following operating systems:

Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)

## What is the default setting of Windows?
We have asked Microsoft what is the default setting for SMBv3 compression? Microsoft has answered this question that SMBv3 compression is enabled by default.

## March 12: Microsoft has released patch KB4551762 for fixing CVE-2020-0796
Patch download: https://www.catalog.update.microsoft.com/Search.aspx?q=KB4551762

File Snapshot

 [4.0K]  /data/pocs/71fb9fa588dd938b409a4cc9208b9cfb5ca4543b
├── [5.2K]  CVE-2020-0796-Smbv3-checker.ps1
├── [4.0K]  images
│   └── [ 26K]  Image-of-Powershell-SMBv3-Compression-checker.png
└── [1.2K]  README.md

1 directory, 3 files

Remarks