Microsoft windows 10 (1903/1909) smbghost smb3.1.1 smb2_compression_capabilities local privilege escalation Vulnerability / Exploit

/ / /

Exploits / Vulnerability Discovered : 2020-03-30 | Type : local | Platform : windows
This exploit / vulnerability Microsoft windows 10 (1903/1909) smbghost smb3.1.1 smb2_compression_capabilities local privilege escalation is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

# CVE-2020-0796

Windows SMBv3 LPE Exploit

![exploit](https://user-images.githubusercontent.com/1675387/77913732-110d4f80-7295-11ea-9af6-f17201c66673.gif)

## Authors

* Daniel García Gutiérrez ([@danigargu](https://twitter.com/danigargu))
* Manuel Blanco Parajón ([@dialluvioso_](https://twitter.com/dialluvioso_))

## References

* https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796
* https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html
* https://www.fortinet.com/blog/threat-research/cve-2020-0796-memory-corruption-vulnerability-in-windows-10-smb-server.html#.Xndfn0lv150.twitter
* https://www.mcafee.com/blogs/other-blogs/mcafee-labs/smbghost-analysis-of-cve-2020-0796/
* http://blogs.360.cn/post/CVE-2020-0796.html
* https://blog.zecops.com/vulnerabilities/vulnerability-reproduction-cve-2020-0796-poc/

Download ~ https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/48267.zip