CVE-2020-0796 - CVE-2020-0796 Pre-Auth POC

CVE-2020-0796 – CVE-2020-0796 Pre-Auth POC

(c) 2020 ZecOps, Inc. – – Find Attackers’ Mistakes

POC to check for CVE-2020-0796 / “SMBGhost”
Expected outcome: Blue Screen
Intended only for educational and testing in corporate environments.
ZecOps takes no responsibility for the code, use at your own risk.
Please contact if you are interested in agent-less DFIR tools for Servers, Endpoints, and Mobile Devices to detect SMBGhost and other types of attacks automatically.


CVE-2020-0796-POC.exe [<TargetServer>]

If <TargetServer> is omitted, the POC is executed on localhost (

Compiled POC

You can get the compiled POC here.


Use Visual Studio to compile the following projects:

  1. ProtoSDKAsn1BaseAsn1Base.csproj
  2. ProtoSDKMS-XCAXca.csproj
  3. ProtoSDKMS-SMB2Smb2.sln

Use the resulting exe file to run the POC.


Leave a Reply

Your email address will not be published. Required fields are marked *

Special Offer for Hackers!Sign up to get your $5 Coupon code, weekly deals and latest hacking tools straight to your inbox!