CVE-2020-0796 - CVE-2020-0796 Pre-Auth POC

CVE-2020-0796 – CVE-2020-0796 Pre-Auth POC

(c) 2020 ZecOps, Inc. – – Find Attackers’ Mistakes

POC to check for CVE-2020-0796 / “SMBGhost”
Expected outcome: Blue Screen
Intended only for educational and testing in corporate environments.
ZecOps takes no responsibility for the code, use at your own risk.
Please contact [email protected] if you are interested in agent-less DFIR tools for Servers, Endpoints, and Mobile Devices to detect SMBGhost and other types of attacks automatically.


CVE-2020-0796-POC.exe [<TargetServer>]

If <TargetServer> is omitted, the POC is executed on localhost (

Compiled POC

You can get the compiled POC here.


Use Visual Studio to compile the following projects:

  1. ProtoSDKAsn1BaseAsn1Base.csproj
  2. ProtoSDKMS-XCAXca.csproj
  3. ProtoSDKMS-SMB2Smb2.sln

Use the resulting exe file to run the POC.


Leave a Reply

Your email address will not be published.

Special Offer for Hackers!Sign up to get your $5 Coupon code, weekly deals and latest hacking tools straight to your inbox!