Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-0143 PoC — Microsoft Windows SMB 输入验证错误漏洞

Source
https://github.com/Cedric-Martz/EthernalBlue_report
Associated Vulnerability
Title:Microsoft Windows SMB 输入验证错误漏洞 (CVE-2017-0143)
Description:The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Description
This is a security assessment report regarding the EthernalBlue vulnerability (CVE-2017-0143).
Readme
# EthernalBlue Report

## What is it?

This is an exploit developed by the NSA, stolen by hacker group, primarily known for being used in ransomware attacks, such as WannaCry or NotPetya...

## Why did you make this report?

I've been asked to do this report on the Tryhackme EthernalBlue room, but without using Metasploit, the primary purpose of this room.

## More information?

If you want to learn more about EthernalBlue, you can check these resources:

[Wikipedia](https://en.wikipedia.org/wiki/EternalBlue)

[Microsoft](https://learn.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010)

[Youtube - Cybernews](https://youtu.be/3-MSlNVqzYY?si=7s0nKptCkBu04-i_)

[Youtube - The TWS Channel](https://youtu.be/PKHH_gvJ_hA?si=zbpC7VvHbXu2pRr-)

[Youtube - Micode](https://youtu.be/nIRDzPnJAro?si=I1NJsHUotSEurbWo)
File Snapshot

 [4.0K]  /data/pocs/995a1bb0f83d249fad35cdd54c37978f55a5ae8b
├── [ 834]  README.md
└── [1.2M]  Report_MARTZ_Cedric.pdf

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →