smb1_smb2_verify

# Filename: smb1_smb2_verify.ps1
# Version: 1.0.0
# Author: Jeoi Reqi

<#
.SYNOPSIS
    Verify the status of SMB1 and SMB2 protocols on the system.

.DESCRIPTION
    This script checks whether SMB1 and SMB2 protocols are enabled or disabled on the system.
    It provides a warning if both SMB1 and SMB2 are enabled, indicating a high risk of vulnerability to exploits such as EternalBlue.

.NOTES
    Author: Jeoi Reqi
    Version: 1.0.0
    Last Updated: April 2024
#>

function Verify-SMB1Status {
    try {
        # Check the value of the SMB1 registry key
        $result = Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" -Name "SMB1" -ErrorAction Stop
        if ($result.SMB1 -eq 1) {
            Write-Host "`nSMB1 is enabled. `n`t`t:: ⚠️ Warning ⚠ ::`n`n`t- Enabling SMB1 exposes your system to potential vulnerabilities such as EternalBlue.`n"
            return $true
        }
        elseif ($result.SMB1 -eq 0) {
            Write-Host "`nSMB1 is disabled.`n"
            return $false
        }
        else {
            Write-Host "`nSMB1 status could not be determined or registry key not found on the system.`n"
            return $null
        }
    }
    catch {
        Write-Host "`nAn error occurred while checking SMB1 status: $($Error[0].Exception.Message)`n"
        return $null
    }
}

function Verify-SMB2Status {
    $smb2Enabled = (Get-SmbServerConfiguration).EnableSMB2Protocol
    if ($smb2Enabled) {
        return $true
    }
    else {
        return $false
    }
}

$smb1Enabled = Verify-SMB1Status
$smb2Enabled = Verify-SMB2Status

if ($smb1Enabled -eq $true -and $smb2Enabled -eq $true) {
    Write-Host "`n⚠️ Warning: Both SMB1 and SMB2 are enabled!`nYour system is at high risk due to vulnerabilities such as EternalBlue.`n"
}
else {
    Write-Host "`nNo vulnerability to EternalBlue exploits detected.`n"
}