cve/2017/CVE-2017-0147.md

### [CVE-2017-0147](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0147)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20SMB&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen)

### Description

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability."

### POC

#### Reference
- http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html
- http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html
- https://www.exploit-db.com/exploits/41891/
- https://www.exploit-db.com/exploits/41987/
- https://www.exploit-db.com/exploits/43970/

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/FutureComputing4AI/ClarAVy
- https://github.com/GhostTroops/scan4all
- https://github.com/Guccifer808/doublepulsar-scanner-golang
- https://github.com/Kiz619ao630/StepwisePolicy3
- https://github.com/Lynk4/Windows-Server-2008-VAPT
- https://github.com/NeuromorphicComputationResearchProgram/ClarAVy
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/R-Vision/ms17-010
- https://github.com/Ratlesv/Scan4all
- https://github.com/RobertoLeonFR-ES/Exploit-Win32.CVE-2017-0147.A
- https://github.com/RodrigoVarasLopez/Download-Scanners-from-Nessus-8.7-using-the-API
- https://github.com/UNO-Babb/CYBR1100
- https://github.com/Urahara3389/SmbtouchBatchScan
- https://github.com/androidkey/MS17-011
- https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode
- https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode
- https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag-
- https://github.com/chaao195/EBEKv2.0
- https://github.com/edsellalexander/codepath-unit-11
- https://github.com/ericjiang97/SecScripts
- https://github.com/ginapalomo/ScanAll
- https://github.com/hktalent/scan4all
- https://github.com/ivanhbxyz/codepath-honeypot-assign
- https://github.com/ivanxhb/codepath-honeypot-assign
- https://github.com/lnick2023/nicenice
- https://github.com/merlinepedra/SCAN4LL
- https://github.com/merlinepedra25/SCAN4ALL-1
- https://github.com/nirsarkar/scan4all
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/reversinglabs/reversinglabs-sdk-py3
- https://github.com/splunk-soar-connectors/trustar
- https://github.com/trhacknon/scan4all
- https://github.com/uroboros-security/SMB-CVE
- https://github.com/w3security/goscan
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2017-0147](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0147)`
			`![](https://img.shields.io/static/v1?label=Product&message=Windows%20SMB&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen)`

			`### Description`

			`The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability."`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html`
			`- http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html`
			`- https://www.exploit-db.com/exploits/41891/`
			`- https://www.exploit-db.com/exploits/41987/`
			`- https://www.exploit-db.com/exploits/43970/`

			`#### Github`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/FutureComputing4AI/ClarAVy`
Update CVE sources 2024-06-07 04:52 2024-06-07 04:52:01 +00:00			`- https://github.com/GhostTroops/scan4all`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`- https://github.com/Guccifer808/doublepulsar-scanner-golang`
			`- https://github.com/Kiz619ao630/StepwisePolicy3`
			`- https://github.com/Lynk4/Windows-Server-2008-VAPT`
			`- https://github.com/NeuromorphicComputationResearchProgram/ClarAVy`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors`
			`- https://github.com/R-Vision/ms17-010`
			`- https://github.com/Ratlesv/Scan4all`
			`- https://github.com/RobertoLeonFR-ES/Exploit-Win32.CVE-2017-0147.A`
			`- https://github.com/RodrigoVarasLopez/Download-Scanners-from-Nessus-8.7-using-the-API`
			`- https://github.com/UNO-Babb/CYBR1100`
			`- https://github.com/Urahara3389/SmbtouchBatchScan`
			`- https://github.com/androidkey/MS17-011`
			`- https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode`
			`- https://github.com/cb4cb4/EternalBlue-EK-Manual-Mode`
			`- https://github.com/ceskillets/DCV-Predefined-Log-Filter-of-Specific-CVE-of-EternalBlue-and-BlueKeep-with-Auto-Tag-`
			`- https://github.com/chaao195/EBEKv2.0`
			`- https://github.com/edsellalexander/codepath-unit-11`
			`- https://github.com/ericjiang97/SecScripts`
			`- https://github.com/ginapalomo/ScanAll`
			`- https://github.com/hktalent/scan4all`
			`- https://github.com/ivanhbxyz/codepath-honeypot-assign`
			`- https://github.com/ivanxhb/codepath-honeypot-assign`
			`- https://github.com/lnick2023/nicenice`
			`- https://github.com/merlinepedra/SCAN4LL`
			`- https://github.com/merlinepedra25/SCAN4ALL-1`
			`- https://github.com/nirsarkar/scan4all`
			`- https://github.com/qazbnm456/awesome-cve-poc`
			`- https://github.com/reversinglabs/reversinglabs-sdk-py3`
			`- https://github.com/splunk-soar-connectors/trustar`
			`- https://github.com/trhacknon/scan4all`
			`- https://github.com/uroboros-security/SMB-CVE`
			`- https://github.com/w3security/goscan`
			`- https://github.com/xbl3/awesome-cve-poc_qazbnm456`