(c) 2020 ZecOps, Inc. – https://www.zecops.com – Find Attackers’ Mistakes
POC to check for CVE-2020-0796 / “SMBGhost”
Expected outcome: Blue Screen
Intended only for educational and testing in corporate environments.
ZecOps takes no responsibility for the code, use at your own risk.
Please contact sales@ZecOps.com if you are interested in agent-less DFIR tools for Servers, Endpoints, and Mobile Devices to detect SMBGhost and other types of attacks automatically.
<TargetServer> is omitted, the POC is executed on localhost (
You can get the compiled POC here.
Use Visual Studio to compile the following projects:
Use the resulting exe file to run the POC.
- Vulnerability Reproduction: CVE-2020-0796 POC – ZecOps Blog
- CVE-2020-0796 – Microsoft Security Response Center
- SMBGhost Analysis – Lucas Georges