学习链接:https://blog.csdn.net/eastmount/article/details/105350314
漏洞简介:
2020.03.11一个SMB服务远程代码执行漏洞
漏洞影响版本:
该漏洞属于远程代码执行漏洞,漏洞主要影响Windows10的系统及应用版本(1903和1909),包括32位、64位的家用版、专业版、企业版、教育版。具体如下:
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
1.检测漏洞
https://github.com/joaozietolie/CVE-2020-0796-Checker
kali中获取此脚本
chmod +x CVE-2020-0796-Checker.sh bash CVE-2020-0796-Checker.sh -t TARGET-IP
2.POC利用
https://github.com/eerykitty/CVE-2020-0796-PoC
win10需要关闭防火墙,否则复现失败。
python CVE-2020-0796.py 192.168.**.**(win10 ip)
