CVE-2020-1206 Uninitialized Kernel Memory Read POC

(c) 2020 ZecOps, Inc. - https://www.zecops.com - Find Attackers' Mistakes
POC to check for CVE-2020-1206 / "SMBleed"
Expected outcome: Local file containing target computer kernel memory.
Intended only for educational and testing in corporate environments.
ZecOps takes no responsibility for the code, use at your own risk.
Please contact sales@ZecOps.com if you are interested in agent-less DFIR tools for Servers, Endpoints, and Mobile Devices to detect SMBleed and other types of attacks automatically.

Usage

SMBleed.exe server_name ip_address domain user pass share_name remote_path local_path

Compiled POC

You can get the compiled POC here.

Compiling

Use Visual Studio to compile the following projects:

ProtoSDK\Asn1Base\Asn1Base.csproj
ProtoSDK\MS-XCA\Xca.csproj
ProtoSDK\MS-SMB2\Smb2.sln

Use the resulting exe file to run the POC.

Name		Name	Last commit message	Last commit date
Latest commit History 2,497 Commits
AssemblyInfo		AssemblyInfo
CommonScripts		CommonScripts
Doc		Doc
InstallPrerequisites		InstallPrerequisites
MessageAnalyzerLibrary		MessageAnalyzerLibrary
ProtoSDK		ProtoSDK
ProtocolTestManager		ProtocolTestManager
RemoteRun		RemoteRun
TestSuites		TestSuites
common		common
pipelines		pipelines
.gitattributes		.gitattributes
.gitignore		.gitignore
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE.txt		LICENSE.txt
README.md		README.md
demo.gif		demo.gif

License

jamf/CVE-2020-1206-POC

Folders and files

Latest commit

History

Repository files navigation

CVE-2020-1206 Uninitialized Kernel Memory Read POC

Usage

Compiled POC

Compiling

References

About

Topics

Resources

License

Stars

Watchers

Forks

Languages