sucess install KB4551762,but detection is still vulnerable!

Question

sucess install KB4551762,but detection is still vulnerable!

dickens88 opened this issue 5 years ago · 5 comments

Answer 1 · 2020-03-13T17:00:33.000Z

From my tests it seems to depend on whether or not the reg key is present:
(VULNERABLE) - No reg key, no patch
(VULNERABLE) - No reg key, patch
(NOT VULNERABLE) - Reg key, no patch
(NOT VULNERABLE) - Reg key, patch

Answer 2 · 2020-03-13T20:18:13.000Z

@ollypwn mentioned to me on Twitter that the scanner needs an update to test for the patched systems.

Answer 3 · 2020-03-13T20:22:36.000Z

@hackdefendr That's what I figured and was only trying to give feedback from testing with the script so hopefully it wasn't received negatively. Thank you for responding!
@ollypwn Thanks for your research and PoC script!

Answer 4 · 2020-04-05T20:39:43.000Z

Hi Boss, congratulations for the Tool !! I installed it on kali linux 2020, when I go to run it gives me these errors:
CVE-2020-0796-PoC-master/smbprotocol/transport.py", line 57, in wrapped
self._sock = socket.create_connection((self.server, self.port), timeout=self.timeout)
File "/usr/local/lib/python3.7/socket.py", line 728, in create_connection
raise err
File "/usr/local/lib/python3.7/socket.py", line 716, in create_connection
sock.connect(sa)
socket.timeout: timed out

END

Traceback (most recent call last):
File "CVE-2020-0796.py", line 19, in
password="password", encrypt=False) # encryption must be disabled

WHAT CAN IT BE?
Thanks !! ;)

Answer 5 · 2020-06-09T13:24:23.000Z

@Lorenz11x I would recommend creating your own separate ticket