shadowbroker-smb-scanner
Use shadowbroker SMBTOUCH tools to scan for vulnerable smb services so these machines can be identified and patched. Comes with x86 libraries. Target List option should be list of IPs separated by newline. This is based on SMBTOUCH from the shadowbroker dump.
!!!!!!! DANGER !!!!!!!
This is based on shadowborker dump. Who knows what hides in these binaries, use at your own risk and from VM ideally.
Version History
** v0.5a **
- Added Wine detection using which command
- Added single IP target
** v0.4a **
- Added some error handling
- Added authomatic wine handler if Linux detected
- Added directory handling code depending on OS version
- Changed verbose option
- Added CTRL-C handler
** v0.3a **
- Tested in Wine on Linux
Help
-=[ SMBTouch scanner (x86) v0.5a ]=-
by op7ic
Usage: shadowbroker-smb-scanner.py [options]
Options:
-h, --help show this help message and exit
-l TARGET_LIST, --list=TARGET_LIST
List of Target IPs separated by newline
-d OUTPUT_DIR, --dir=OUTPUT_DIR
Output Directory
-v, --verbose Verbose debug mode
-t SINGLE_TARGET, --target=SINGLE_TARGET
Single target IP to scan
Does it exploit anything?
Nope. This is just a scanner. Use it to find vulnerable boxes and patch them. It scans for following bugs:
ETERNALSYNERGY
ETERNALBLUE
ETERNALROMANCE
ETHERNALCHAMPION
How to compile it:
No need - just grab binaries and python wrapper around these. Binaries came from https://github.com/misterch0c/shadowbroker/tree/master/windows/lib/x86-Windows
How to use it:
See screenshots below for use examples. You need to use on Windows machine. Wine seems to work too (see below)
Run this on Wine (Linux)
wine python shadowbroker-smb-scanner.py -l target.txt -d /tmp/ -v
or use auto wine handling built into verion 0.4a and above
Run this on Windows
python shadowbroker-smb-scanner.py -l target.txt -d output/ -v
Help
Verbose output
Non-Verbose output
MD5s
Issues:
This is a alpha version, use at your own risk.
- Error handling is far from completed but it runs in the lab.
- Checks for correct exploits are rather simple
TODO:
- Improve error handling
- Improve input handling
- Work out if this works over IPv6