CVE-2017-0144CISA KEV: Actively Exploited

Microsoft SMBv1 Remote Code Execution Vulnerability

Published Feb 10, 2022·Updated Feb 10, 2022

Description

The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.

Public Exploits & PoCs24 found

PoC: eternal_scanner

An internet scanner for exploit CVE-2017-0144 (Eternal Blue) & CVE-2017-0145 (Eternal Romance)

291

PoC: EternalBlue-Explained

Educational documentation on EternalBlue (CVE-2017-0144) – Windows SMB vulnerability, history, and mitigation. No exploit code.

1

PoC: VAPT-Report-on-SMB-Exploitation-in-Windows-10-Finance-Endpoint

This report outlines a structured VAPT engagement focusing on PCI DSS compliance, SMB service enumeration, and exploitation of CVE-2017-0144 (EternalBlue) on a Windows 10 machine within a finance-oriented infrastructure.

1

PoC: EternalBlueTrojan

EternalBlueTrojan(CVE-2017-0144)

1

PoC: eternalblue

CVE-2017-0144

1

PoC: CVE-2017-0144

CVE-2017-0144

PoC: eternalblue-ms17-010-research

Controlled reproduction of CVE-2017-0144 (EternalBlue) in an isolated AWS EC2 lab — exploit analysis, Wireshark traffic capture, and MITRE ATT&CK mapping

PoC: CVE-2017-0144

Writeup for CVE-2017-0144

PoC: EternalBlue-Exploit-Demonstration-MS17-010

Cybersecurity lab demonstrating exploitation of CVE-2017-0144 (EternalBlue) using Metasploit against a vulnerable Windows 7 VM, achieving SYSTEM-level access via Meterpreter. Includes full attack chain, post exploitation, and mitigation via MS17-010 patching, tested in an isolated ethical lab environment.

PoC: EternalBlue-DoublePulsar-Exploit-Demonstration

Cybersecurity lab demonstrating exploitation of CVE-2017-0144 (EternalBlue) using Metasploit against a vulnerable Windows 7 VM, achieving SYSTEM-level access via Meterpreter. Includes full attack chain, post exploitation, and mitigation via MS17-010 patching, tested in an isolated ethical lab environment.

PoC: EternalBlue-DoublePulsar-Exploit-Demonstration

Cybersecurity lab demonstrating exploitation of CVE-2017-0144 (EternalBlue) using Metasploit against a vulnerable Windows 7 VM, achieving SYSTEM-level access via Meterpreter. Includes full attack chain, post exploitation, and mitigation via MS17-010 patching, tested in an isolated ethical lab environment.

PoC: Multi-VLAN-Enterprise-Network-Vulnerability-Assessment

Professional vulnerability assessment of a multi-VLAN enterprise network (student21.local). Confirmed Stored XSS on WebGoat (HIGH, 16) via OWASP ZAP fuzzer, absent XSS on Magento via server sanitization, and CVE-2017-0144 EternalBlue on Metasploitable 3 (CRITICAL, 25) via Nessus + Wireshark PCAP validation.

PoC: Vulnerability-Risk-Assessment-TVRA-Enterprise-Network

Qualitative TVRA for a multi-VLAN enterprise lab: Stored XSS on WebGoat (HIGH, 16), Stored XSS on Magento (ABSENT, MEDIUM, 8), and CVE-2017-0144 EternalBlue on Metasploitable 3 (CRITICAL, 25). Scored via Likelihood × Impact using CVSS v3.0 and ZAP/Nessus/Wireshark evidence.

PoC: Multi-VLAN-Enterprise-Network-Security-Infrastructure

Multi-VLAN virtual network across 10 VMs: GRE tunneling, nftables firewall, Active Directory, BIND9 DNS, Kea DHCP, Docker web services, SMB file sharing. Vulnerability assessment using OWASP ZAP (Stored XSS) and Nessus (CVE-2017-0144 EternalBlue). Validated with Wireshark.

PoC: Eternal-Blue-CVE-2017-0144-THM-Write-Up

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability."

PoC: Blackash-CVE-2017-0144

CVE-2017-0144

PoC: CVE-2017-0144_Lab-Guide

En praktisk genomgång av EternalBlue-exploit i en kontrollerad labbmiljö.

PoC: Blackash-CVE-2017-0144

CVE-2017-0144

PoC: WIndows-7-automated-exploitation-using-metasploit-framework-

Automated bash script which scans an ip for potential vulnerability to eternalblue using nmap and then exploit using metasploit framework which uses the CVE-2017-0144 vulnerability[Code name: EternalBlue] in (windows 7,windows 2008 servers,etc.) to gain access to a windows 7 machine and establish a reverse meterpreter shell.

PoC: EternalBlue-Vulnerability-Scanner

This script checks for devices vulnerable to the EternalBlue exploit (CVE-2017-0144) in a network using SMB.

PoC: autoblue

AutoBlue - Automated EternalBlue (CVE-2017-0144 / MS17-010) exploitation tool leveraging Nmap and Metasploit for ethical hacking, penetration testing, and CTF challenges. Strictly for authorized and educational use only!

PoC: BlueDoor

Can you exploit the EternalBlue vulnerability (CVE-2017-0144) on a Windows 7 system and retrieve the hidden flag? Your goal is to gain administrative privileges and locate the flag.txt file stored in the `C:\Windows\System32` directory.

PoC: Vulnerability-Research-CVE-2017-0144

LAB: TẤN CÔNG HỆ ĐIỀU HÀNH WINDOWS DỰA VÀO LỖ HỔNG GIAO THỨC SMB.

PoC: Detect-CVE-2017-0144-attack

Chương trình theo dõi, giám sát lưu lượng mạng được viết bằng Python, nó sẽ đưa ra cảnh báo khi phát hiện tấn công CVE-2017-0144

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free