Microsoft SMBv3 CVE-2020-0796 whitepaper that discusses the workings, exploitation, and mitigations.
9154829412e6f27bbd51d39811e1acf07f15b9daf04fbad8e3cb61e74d7e6c62
This whitepaper goes through identification and exploitation of the SMB Ghost vulnerability.
1598b7f81fc0fd106b6abbd1f0e5a9da28fc8f2cbf5e4b6c0db7946666870aa5
This proof of concept exploits a pre-authentication remote code execution vulnerability by combining SMBleed with SMBGhost.
ccd8ef1a4d15dca93a5b578e4d4dbbcff2f63e8252444be08bccf20fe2d7a55d
Microsoft Windows SMBGhost pre-authentication remote code execution exploit.
ed2ac35e5fce382005bff7d23559c3f72965eed0b632b7eef57568e90b28b4b7
A vulnerability exists within the Microsoft Server Message Block 3.1.1 (SMBv3) protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe.
b897523218de261b528a25b48e985e91f958585e7ae9753a0c897e339abe8503
Microsoft Windows 10 SMB version 3.1.1 SMBGhost local privilege escalation exploit.
6264aca1e467841faf26e69f8666d2ab3b3b4382fd866c93ace48782ed2ba071
Microsoft Windows SMB version 3.1.1 suffers from a code execution vulnerability.
d9fdfb9e61bb275a5d1ad888c25c5fcac36b178ec52a684eb9a5d2fca36c1f21
CoronaBlue aka SMBGhost proof of concept exploit for Microsoft Windows 10 (1903/1909) SMB version 3.1.1. This script connects to the target host, and compresses the authentication request with a bad offset field set in the transformation header, causing the decompresser to buffer overflow and crash the target.
a6198ae85f64490f2207edcf491fc86b32e73b0999d7636f334fbed1b7940be7