Nmap NSE script to detect MS17-010 vuln used by WannaCry
smb-vuln-ms17-010.nse nmap nse script description
Attempts to detect if a Microsoft SMBv1 server is vulnerable to a remote code
execution vulnerability (ms2017-010).The script connects to the $IPC tree, executes a transaction on FID 0 and
checks if the error “STATUS_INSUFF_SERVER_RESOURCES” is returned to
determine if the target is not patched against CVE2017-010.Tested on a vulnerable Windows 7. We might have some issues with v2 protocols with
signing enabled.
Usage
Download smb-vuln-ms17-010.nse
Save it to Nmap NSE script directory
# Linux – /usr/share/nmap/scripts/ or /usr/local/share/nmap/scripts/
# OSX – /opt/local/share/nmap/scripts/
Run
Reference seclists.org