CVE-2020-1301
POC exploit for SMBLost vulnerability (CVE-2020-1301)
Affected version
Refer here: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1301
Steps to reproduce
- Make sure SMB/CIFF service feature is turned on target.
- SMB1 must be supported by target. Refer here: https://docs.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3
- Target must have C:\ driver shared
Running the exploit
exploit.py -t <target> -u <username> -p <password>
username and password are not required in case of target machine has no credentials set.
Outcome
Will cause BSOD (Blue screen of death)
Code execution comming soon.
Source and Credits
https://airbus-cyber-security.com/diving-into-the-smblost-vulnerability-cve-2020-1301/
