AI Summary: CVE-2020-0796 is a Windows SMBv3 local privilege escalation exploit that targets a vulnerability in the SMB protocol, enabling unauthorized users to elevate their permissions. The tool includes proof of concept (PoC) and analysis references for users seeking to understand and replicate the exploit. Notable features include detailed documentation and references to further resources for in-depth exploitation and analysis of the vulnerability.

README

CVE-2020-0796

Windows SMBv3 LPE Exploit

Authors

• Daniel García Gutiérrez (@danigargu)
• Manuel Blanco Parajón (@dialluvioso_)

Exploit analysis

• POC Analysis by SungLin (Knownsec 404 Team)
• Writeup+PoC by @ZecOps

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796
• https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html
• https://www.fortinet.com/blog/threat-research/cve-2020-0796-memory-corruption-vulnerability-in-windows-10-smb-server.html#.Xndfn0lv150.twitter
• https://www.mcafee.com/blogs/other-blogs/mcafee-labs/smbghost-analysis-of-cve-2020-0796/
• http://blogs.360.cn/post/CVE-2020-0796.html
• https://blog.zecops.com/vulnerabilities/vulnerability-reproduction-cve-2020-0796-poc/