Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

This is a proof-of-concept PoC exploit for CVE-2020-0796, also known as SMBGhost, a pre-authentication remote code execution vulnerability in Windows SMBv3. The exploit is written in Python and uses the SMB protocol to inject shellcode into the Windows kernel. The shellcode is generated from a...

PT-2021-14537 · Sap · Sap Netweaver Master Data Management

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Master Data Management versions 7.10, 710, and 710.750 Description: The issue arises when security guidelines for SAP NetWeaver Master Data Management running on Windows have not been thoroughly reviewed. This oversight might...

Panorama NHIServiSignAdapter Input Validation Error Vulnerability

Panorama NHIServiSignAdapter is a security control component for panoramic surveillance devices from China Panorama. A security vulnerability exists in NHIServiSignAdapter, which stems from a failure of the digest generation function to validate the path to the source file, resulting in SMB...

CVE-2020-17140

Windows SMB Information Disclosure Vulnerability...

Exploit for CVE-2020-0797

This repository is a PoC exploit for CVE-2020-0796, a wormable SMBv3 vulnerability. The vulnerability allows an attacker to execute code on a target SMB Server or SMB Client by sending a specially crafted packet. The exploit is implemented in Python and uses the socket library to send a packet to...

PT-2020-5233 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling objects in memory in the implementation of the Windows SMB network protocol in Windows operating systems. This can allow a remote attacker to obta...

The vulnerability of the SMB service in the RouterOS operating system of MikroTik allows a hacker to cause a service failure.

The vulnerability of the SMB service in the RouterOS operating system from MikroTik is related to a numerical overflow vulnerability. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smbfdata via recursion...

tcpdump: SMB data printing mishandled

tcpdump before 4.9.3 mishandles the printing of SMB data issue 1 of 2...

tcpdump: SMB data printing mishandled

tcpdump before 4.9.3 mishandles the printing of SMB data issue 2 of 2...

The vulnerability of the SMB protocol implementation in tools for intercepting and analyzing network traffic with tcpdump allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the SMB protocol implementation for capturing and analyzing network traffic using tcpdump exists due to insufficient verification of input data. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the SMB protocol implementation in tools for intercepting and analyzing network traffic with tcpdump allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the SMB protocol implementation for capturing and analyzing network traffic using tcpdump exists due to insufficient verification of input data. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of...

metasploit-framework

This is an exploit module for the Metasploit Framework, a penetration testing tool. The module is designed to target a specific vulnerability in a Windows system, exploiting the SMB protocol to gain remote code execution. The module is written in Ruby and is part of the Metasploit Framework's...

Denial of service vulnerability in RouterOS smb service

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. A denial of service vulnerability exists in the RouterOS smb service, which can be exploited by an attacker to...

CVE-2019-16160

An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service...

Exploit for CVE-2017-0143

Eternal-blue-Windows-7-Checker EternalBlue is a well-known SM...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796-SMB 该资源为CVE-2020-0796漏洞复现，包括Python版本和C++版本。主要是集合了github大神们的资源，希望您喜欢 - C++ - Python - EXP - POC 漏洞利用： - 本地EXP提权：https://github.com/danigargu/CVE-2020-0796 - 本地EXE提权: https://github.com/f1tz/CVE-2020-0796-LPE-EXP - POC版本提权： https://github.com/eerykitty/CVE-2020-0796-PoC -...

MS17-010

This repository is for public analysis of the MS17-010 vulnerability. The vulnerability is related to the SMB Server Message Block protocol and affects Windows operating systems. The repository contains various PoCs Proof of Concepts and exploits for different versions of Windows, including Windo...

MS17-010

This repository is a collection of exploits and tools for the MS17-010 vulnerability, also known as the EternalBlue exploit. The vulnerability is a remote code execution RCE bug in the SMBv1 protocol, which was used by the WannaCry ransomware in 2017. The repository contains various exploits and...

The vulnerability in the implementation of the Microsoft Server Message Block 1.0 (SMBv1) network protocol on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Server Message Block 1.0 SMBv1 network protocol implementation in the Windows operating system is related to insufficient input validation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...