一、 漏洞 CVE-2017-0144 基础信息
漏洞标题
N/A
来源:AIGC 神龙大模型
漏洞描述信息
Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
来源:AIGC 神龙大模型
漏洞类别
N/A
来源:AIGC 神龙大模型
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Microsoft Windows SMB 输入验证错误漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Microsoft Windows和Microsoft Windows Server都是美国微软(Microsoft)公司的产品。Microsoft Windows是一套个人设备使用的操作系统。Microsoft Windows Server是一套服务器操作系统。Server Message Block(SMB)Server是其中的一个为计算机提供身份验证用以访问服务器上打印机和文件系统的组件。 Microsoft Windows中的SMBv1服务器存在远程代码执行漏洞。远程攻击者可借助特制的数据包利用该
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
输入验证错误
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2017-0144 的公开POC
# POC 描述 源链接 神龙链接
1 An internet scanner for exploit CVE-2017-0144 (Eternal Blue) & CVE-2017-0145 (Eternal Romance) https://github.com/peterpt/eternal_scanner POC详情
2 CVE-2017-0144 https://github.com/kimocoder/eternalblue POC详情
3 None https://github.com/EEsshq/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution POC详情
4 Chương trình theo dõi, giám sát lưu lượng mạng được viết bằng Python, nó sẽ đưa ra cảnh báo khi phát hiện tấn công CVE-2017-0144 https://github.com/quynhold/Detect-CVE-2017-0144-attack POC详情
5 LAB: TẤN CÔNG HỆ ĐIỀU HÀNH WINDOWS DỰA VÀO LỖ HỔNG GIAO THỨC SMB. https://github.com/ducanh2oo3/Vulnerability-Research-CVE-2017-0144 POC详情
6 CVE-2017-0144 (Eternal Blue) | CVE-2023-3881 | CVE-2011-2523 https://github.com/AnugiArrawwala/CVE-Research POC详情
7 Can you exploit the EternalBlue vulnerability (CVE-2017-0144) on a Windows 7 system and retrieve the hidden flag? Your goal is to gain administrative privileges and locate the flag.txt file stored in the `C:\Windows\System32` directory. https://github.com/sethwhy/BlueDoor POC详情
8 AutoBlue - Automated EternalBlue (CVE-2017-0144 / MS17-010) exploitation tool leveraging Nmap and Metasploit for ethical hacking, penetration testing, and CTF challenges. Strictly for authorized and educational use only! https://github.com/AtithKhawas/autoblue POC详情
9 This script checks for devices vulnerable to the EternalBlue exploit (CVE-2017-0144) in a network using SMB. https://github.com/MedX267/EternalBlue-Vulnerability-Scanner POC详情
三、漏洞 CVE-2017-0144 的情报信息