Skip to content
This repository was archived by the owner on May 9, 2023. It is now read-only.

Files

Latest commit

m417zm417z
Added references to README.md
Jun 9, 2020
9e917e5 · Jun 9, 2020

History

History
33 lines (21 loc) · 1.33 KB

README.md

File metadata and controls

33 lines (21 loc) · 1.33 KB

CVE-2020-1206 Uninitialized Kernel Memory Read POC

(c) 2020 ZecOps, Inc. - https://www.zecops.com - Find Attackers' Mistakes
POC to check for CVE-2020-1206 / "SMBleed"
Expected outcome: Local file containing target computer kernel memory.
Intended only for educational and testing in corporate environments.
ZecOps takes no responsibility for the code, use at your own risk.
Please contact sales@ZecOps.com if you are interested in agent-less DFIR tools for Servers, Endpoints, and Mobile Devices to detect SMBleed and other types of attacks automatically.

Usage

SMBleed.exe server_name ip_address domain user pass share_name remote_path local_path

demo

Compiled POC

You can get the compiled POC here.

Compiling

Use Visual Studio to compile the following projects:

  1. ProtoSDK\Asn1Base\Asn1Base.csproj
  2. ProtoSDK\MS-XCA\Xca.csproj
  3. ProtoSDK\MS-SMB2\Smb2.sln

Use the resulting exe file to run the POC.

References