Skip to content

Instantly share code, notes, and snippets.

@sysgoblin

sysgoblin/SMB3LanScan.ps1

Last active Mar 11, 2020
Embed
What would you like to do?
CVE-2020-0796 LAN scanner
# for PoSh v7+
# requires appropriate privileges and network access
# change "1..250" and "10.0.0." to scan the range you want
1..250 | ForEach-Object -Parallel {
try {
$h = (Resolve-DnsName "10.0.0.$_" -ErrorAction Break).NameHost
$os = Get-CimInstance -computername $h -Query "Select CSName, BuildNumber from Win32_OperatingSystem" -ErrorAction Break
if ([int]$os.BuildNumber -ge 18362) { # 18362 = 1903, 18363 = 1909
dir "\\$($h)\c$" | out-null # open smb connection to remote host
$smb = Get-SmbConnection $h # get active smb connection details
if ($smb.dialect -ge 3) { $smb | select -First 1 -Property ServerName, Dialect }
}
} catch {}
} -ThrottleLimit 50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment