Microsoft Windows 10 (1903/1909) – ‘SMBGhost’ SMB3.1.1 ‘SMB2_COMPRESSION_CAPABILITIES’ Local Privilege Escalation

• Exploit Database
• 15 阅读

• 作者： Daniel García Gutiérrez
  日期： 2020-03-30
• 类别：

  • local
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/48267/

• # CVE-2020-0796
  
  Windows SMBv3 LPE Exploit
  
  ![exploit](https://user-images.githubusercontent.com/1675387/77913732-110d4f80-7295-11ea-9af6-f17201c66673.gif)
  
  ## Authors
  
  * Daniel García Gutiérrez ([@danigargu](https://twitter.com/danigargu))
  * Manuel Blanco Parajón ([@dialluvioso_](https://twitter.com/dialluvioso_))
  
  ## References
  
  * https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796
  * https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html
  * https://www.fortinet.com/blog/threat-research/cve-2020-0796-memory-corruption-vulnerability-in-windows-10-smb-server.html#.Xndfn0lv150.twitter
  * https://www.mcafee.com/blogs/other-blogs/mcafee-labs/smbghost-analysis-of-cve-2020-0796/
  * http://blogs.360.cn/post/CVE-2020-0796.html
  * https://blog.zecops.com/vulnerabilities/vulnerability-reproduction-cve-2020-0796-poc/
  
  
  Download ~ https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48267.zip