{"vulnerability": "cve-2017-0145", "sightings": [{"uuid": "8f028706-7469-4a33-8894-2963b3a1d29f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/591b13de-f3c8-4cee-8afb-113095ca48b7", "content": "", "creation_timestamp": "2017-05-16T15:54:38.000000Z"}, {"uuid": "8ac2abf5-6de8-4f4f-973d-7c2fc24ddf76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/59527baf-7ad8-458f-a1c6-1e14ac12042b", "content": "", "creation_timestamp": "2017-06-28T07:59:14.000000Z"}, {"uuid": "07140a24-be7c-47e9-a571-c7c3803b6792", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/591948ff-adb0-4b15-836a-72dfbce2ab96", "content": "", "creation_timestamp": "2017-05-15T08:36:10.000000Z"}, {"uuid": "e650581e-84a2-4dd6-bb96-e252dc027d63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/5919c895-3268-45eb-9b7b-2a8995ca48b7", "content": "", "creation_timestamp": "2017-05-16T12:25:49.000000Z"}, {"uuid": "fd3c6138-e7b5-4192-8b6e-771a0804bf80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "bbf0f0fd-e37a-4647-a6cd-89fbed74ef95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:18.000000Z"}, {"uuid": "b33a008d-166b-4168-bc63-81ba554a114b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/b60ecd6e-648d-4bc4-a6ad-3527a2216be1", "content": "", "creation_timestamp": "2020-10-09T13:26:51.000000Z"}, {"uuid": "a047f5c3-b945-4f84-97ed-e50292298309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/8eaa87aa-de4f-40d7-ad6f-a9c433935266", "content": "", "creation_timestamp": "2020-10-09T16:29:25.000000Z"}, {"uuid": "b96ae1d7-5c9e-4e4e-a504-13753217a82b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/b909d469-014d-4c2b-a989-4618f5a3a92b", "content": "", "creation_timestamp": "2020-10-16T03:00:22.000000Z"}, {"uuid": "98190c97-5fec-4b3d-a4dd-78255c07c7df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/e6fe42d5-2d65-4430-a1f1-dc057b94d89e", "content": "", "creation_timestamp": "2020-10-09T13:23:54.000000Z"}, {"uuid": "6b0a7c7b-9f26-4cad-b00f-5f85d96da2f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/e1d58ad8-7800-491b-a63b-a03d081914d4", "content": "", "creation_timestamp": "2020-06-25T12:24:13.000000Z"}, {"uuid": "a8c42bdf-7fd4-47a9-8006-8c8897da8015", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "exploited", "source": "https://www.exploit-db.com/exploits/47456", "content": "", "creation_timestamp": "2019-10-02T00:00:00.000000Z"}, {"uuid": "3a5d5822-57b6-4655-bc3b-1070f63051cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/85570b80-a7e3-488c-9206-8c7fc0d6e76d", "content": "", "creation_timestamp": "2024-11-14T06:09:49.000000Z"}, {"uuid": "21161943-83a5-480a-9784-7e5173bd03b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "exploited", "source": "https://www.exploit-db.com/exploits/41891", "content": "", "creation_timestamp": "2017-04-17T00:00:00.000000Z"}, {"uuid": "2f26bac8-eec9-4785-b0c7-42637693e56b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971243", "content": "", "creation_timestamp": "2024-12-24T20:26:24.657187Z"}, {"uuid": "0603e81b-8635-4f7d-81df-ff5a5206536c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:42.000000Z"}, {"uuid": "0c32a9ae-2da4-4a2d-b106-b9c4fffef8fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:51.000000Z"}, {"uuid": "a767980a-ed88-4ceb-b7a6-de1d7ae8284f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/smb/smb_doublepulsar_rce.rb", "content": "", "creation_timestamp": "2020-02-03T20:07:28.000000Z"}, {"uuid": "dff09ba9-a45f-4f8b-8ffe-afc5df1c1b05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:39.000000Z"}, {"uuid": "828c76eb-b189-4d42-863a-ff0d80240d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "https://t.me/arpsyndicate/1901", "content": "#ExploitObserverAlert\n\nCVE-2017-0145\n\nDESCRIPTION: Exploit Observer has 75 entries related to CVE-2017-0145. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka \"Windows SMB Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.\n\nFIRST-EPSS: 0.972700000\nNVD-IS: 5.9\nNVD-ES: 2.2", "creation_timestamp": "2023-12-18T03:32:12.000000Z"}, {"uuid": "8e287655-decb-45f0-bb1b-88e028418628", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/smb/smb_ms17_010.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "d8b697af-1b0a-4dd5-b67f-830e76e5db99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/1258", "content": "What is scan4all: integrated vscan, nuclei, ksubdomain, subfinder, etc., fully automated and intelligent\u3002red team tools Code-level optimization, parameter optimization, and individual modules, such as vscan filefuzz, have been rewritten for these integrated projects. In principle, do not repeat the wheel, unless there are bugs, problemsCross-platform: based on golang implementation, lightweight, highly customizable, open source, supports Linux, windows, mac os, etc.Support [21] password blasting, support custom dictionary, open by \"priorityNmap\": true RDPSSHrsh-spxMysqlMsSqlOraclePostgresqlRedisFTPMongodbSMB, also detect MS17-010 (CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, CVE-2017-0147, CVE-2017-0148), SmbGhost (CVE- 2020-0796)TelnetSnmpWap-wsp (Elasticsearch)RouterOsHTTP BasicAuthWeblogic, enable nuclei through enableNuclei=true at the same time, support T3, IIOP and other detectionTomcatJbossWinrm(wsman)POP3By default, http password intelligent blasting is enabled, and it will be automatically activated when an HTTP password is required, without manual interventionDetect whether there is nmap in the system, and enable nmap for fast scanning through priorityNmap=true, which is enabled by default, and the optimized nmap parameters are faster than masscan Disadvantages of using nmap: Is the network bad, because the traffic network packet is too large, which may lead to incomplete results Using nmap additionally requires setting the root password to an environment variable\n  export PPSSWWDD=yourRootPswd More references: config/doNmapScan.sh By default, naabu is used to complete port scanning (https://www.kitploit.com/search/label/Port%20Scanning) -stats=true to view the scanning progress Can I not scan ports?noScan=true ./scan4all -l list.txt -v\n# nmap result default noScan=true \n./scan4all -l nmapRssuilt.xml -vFast 15000+ POC detection capabilities, PoCs include: nuclei POCNuclei Templates Top 10 statisticsTAGCOUNTAUTHORCOUNTDIRECTORYCOUNTSEVERITYCOUNTTYPECOUNTcve1294daffainfo605cves1277info1352http3554panel591dhiyaneshdk503exposed-panels600high938file76lfi486pikpikcu321vulnerabilities493medium766network50xss439pdteam269technologies266critical436dns17wordpress401geeknik187exposures254low211exposure355dwisiswant0169misconfiguration207unknown7cve20213220x_akoko154token-spray206rce313princechaddha147workflows187wp-plugin297pussycat0x128default-logins101tech282gy741126file76281 directories, 3922 files.vscan POC vscan POC includes: xray 2.0 300+ POC, go POC, etc.scan4all POCSupport 7000+ web fingerprint scanning, identification:httpx fingerprint vscan fingerprintvscan fingerprint: including eHoleFinger, localFinger, etc.scan4all fingerprintSupport 146 protocols and 90000+ rule port scanningDepends on protocols and fingerprints supported by nmapFast HTTP sensitive file detection, can customize dictionaryLanding page detectionSupports multiple types of input - STDIN/HOST/IP/CIDR/URL/TXTSupports multiple output types - JSON/TXT/CSV/STDOUTHighly integratable: Configurable unified storage of results to Elasticsearch (https://www.kitploit.com/search/label/Elasticsearch) [strongly recommended]Smart SSL Analysis:In-depth analysis, automatically correlate the scanning of domain names in SSL information, such as *.xxx.com, and complete subdomain traversal according to the configuration, and the result will automatically add the target to the scanning listSupport to enable *.xx.com subdomain traversal function in smart SSL information, export EnableSubfinder=true, or adjust in the configuration fileAutomatically identify the case of multiple IPs associated with a domain (DNS), and automatically scan the associated multiple IPsSmart processing:When the IPs of multiple domain names in the list are the same, merge port scans to improve efficiencyIntelligently handle http abnormal pages, and fingerprint calculation and learningAutomated supply chain (https://www.kitploit.com/search/label/Supply%20Chain) identification, analysis", "creation_timestamp": "2022-09-28T12:10:14.000000Z"}, {"uuid": "2ae084ea-c7c9-4607-8d29-e473db364f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "https://t.me/arpsyndicate/1955", "content": "#ExploitObserverAlert\n\nCVE-2017-0146\n\nDESCRIPTION: Exploit Observer has 58 entries related to CVE-2017-0146. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka \"Windows SMB Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0148.\n\nFIRST-EPSS: 0.971460000\nNVD-IS: 5.9\nNVD-ES: 2.2", "creation_timestamp": "2023-12-18T09:21:38.000000Z"}, {"uuid": "d461b099-fae1-4443-9bdf-a5331dff33e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/smb/ms17_010_eternalblue.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "0f9b144e-e994-4bb5-a8dd-a71888d8bdca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2017-0145", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f6f9e870-b360-4287-8adb-b5b27f5d3111", "content": "", "creation_timestamp": "2026-02-02T12:28:24.744335Z"}, {"uuid": "87bc05ea-81f2-4926-8579-66b736069f9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "exploited", "source": "https://t.me/MajorHacker/36", "content": "Eternal scanner is an network scanner for Eternal Blue exploit CVE-2017-0144 & Eternal Romance (named pipe) CVE-2017-0145\n\n# Requirements\n- masscan\n- metasploit-framework\n- wget (To Update Eternal Scanner Directly from github)\n- pip (for alternative install of python modules)\n- python-crypto (Dependency for Eternal Romance check)\n- python-impacket (Dependency for Eternal Romance check)\n- python-pyasn1-modules (Dependency for Eternal Romance check)\n\n# How to Install\n- git clone https://github.com/peterpt/eternal_scanner.git\n- cd eternal_scanner && ./escan\n- OR ./escan -h (to change scanner speed)\n\n# Install Requirements\n- apt-get install masscan metasploit-framework wget python-pip python-crypto python-impacket python-pyasn1-modules", "creation_timestamp": "2019-03-29T05:58:16.000000Z"}, {"uuid": "d6f92aed-a53e-497a-a169-d7533a8a21bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "seen", "source": "https://t.me/arpsyndicate/1872", "content": "#ExploitObserverAlert\n\nCVE-2017-0148\n\nDESCRIPTION: Exploit Observer has 58 entries related to CVE-2017-0148. The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka \"Windows SMB Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.\n\nFIRST-EPSS: 0.971740000\nNVD-IS: 5.9\nNVD-ES: 2.2", "creation_timestamp": "2023-12-18T00:36:29.000000Z"}, {"uuid": "394f23e8-e755-430b-ac21-50dfad6b1556", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0145", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/585", "content": "#exploit\n1. CVE-2019-18922:\nDirectory Traversal in Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3\nhttps://seclists.org/fulldisclosure/2019/Nov/31\n\n2. CVE-2017-0143, CVE-2017-0144,\nCVE-2017-0145, CVE-2017-0146,\nCVE-2017-0147, CVE-2017-0148:\nSMB/RDP Doublepulsar - RCE\nhttps://packetstormsecurity.com/files/156196/smb_doublepulsar_rce.rb.txt\n]-> https://packetstormsecurity.com/files/156200/rdp_doublepulsar_rce.rb.txt", "creation_timestamp": "2024-10-15T16:10:08.000000Z"}]}