Advertisement
Python253

smb1_smb2_verify

Apr 12th, 2024
807
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 3.91 KB | None | 0 0
  1. #!/usr/bin/env python3
  2. # -*- coding: utf-8 -*-
  3. # Filename: smb1_smb2_verify.py
  4. # Version: 1.0.0
  5. # Author: Jeoi Reqi
  6.  
  7. """
  8. This script verifies the status of SMB1 and SMB2 protocols on the system.
  9.  
  10. Requirements:
  11.    - Python 3.x
  12.    - Access to the Windows Registry (for SMB1 verification)
  13.    - PowerShell (for SMB2 verification)
  14.  
  15. Usage:
  16.    - Run the script in a terminal or command prompt.
  17.  
  18. Additional Notes:
  19.    - SMB1 and SMB2 are network communication protocols used by Windows operating systems for sharing files, printers, and other resources over a network.
  20.    - Enabling SMB1 exposes the system to potential vulnerabilities such as EternalBlue, a cyberattack exploit developed by the U.S. National Security Agency (NSA) that targets Microsoft Windows operating systems.
  21.    - Disabling SMB1 and SMB2 reduces the risk of exploitation by known vulnerabilities.
  22.    - This script provides a warning if both SMB1 and SMB2 protocols are enabled, indicating a high risk of vulnerability to exploits such as EternalBlue.
  23.  
  24. Known exploits that use EternalBlue attack methods:
  25. 1. WannaCry
  26. 2. EternalRocks
  27. 3. Petya
  28. 4. NotPetya
  29. 5. Bad Rabbit
  30. 6. TrickBot
  31. 7. Emotet
  32. 8. Ryuk
  33. 9. GandCrab
  34. 10. SamSam
  35. 11. Smominru
  36. 12. RobbinHood
  37. 13. Dharma
  38. """
  39.  
  40. import subprocess
  41.  
  42. def verify_smb1_status():
  43.     """
  44.    Verify the status of SMB1 protocol.
  45.  
  46.    This function checks whether SMB1 protocol is enabled or disabled on the system.
  47.    
  48.    Returns:
  49.        bool or None: True if SMB1 is enabled, False if SMB1 is disabled,
  50.                      None if the status cannot be determined.
  51.    """
  52.     try:
  53.         # Check the value of the SMB1 registry key
  54.         result = subprocess.run(
  55.             [
  56.                 "reg",
  57.                 "query",
  58.                 "HKLM\\SYSTEM\\CurrentControlSet\\Services\\LanmanServer\\Parameters",
  59.                 "/v",
  60.                 "SMB1",
  61.             ],
  62.             capture_output=True,
  63.             text=True,
  64.         )
  65.         if "SMB1    REG_DWORD    0x1" in result.stdout:
  66.             print(
  67.                 "\nSMB1 is enabled. \n\t\t:: ⚠️ Warning ⚠ ::\n\n\t- Enabling SMB1 exposes your system to potential vulnerabilities such as EternalBlue.\n"
  68.             )
  69.             return True
  70.         elif "SMB1    REG_DWORD    0x0" in result.stdout:
  71.             print("\nSMB1 is disabled.\n")
  72.             return False
  73.         else:
  74.             print(
  75.                 "\nSMB1 status could not be determined or registry key not found on the system.\n"
  76.             )
  77.             return None
  78.     except subprocess.CalledProcessError as e:
  79.         print("\nAn error occurred while checking SMB1 status:", e.stderr)
  80.         return None
  81.  
  82.  
  83. def verify_smb2_status():
  84.     """
  85.    Verify the status of SMB2 protocol.
  86.  
  87.    This function checks whether SMB2 protocol is enabled or disabled on the system.
  88.    
  89.    Returns:
  90.        bool or None: True if SMB2 is enabled, False if SMB2 is disabled,
  91.                      None if the status cannot be determined.
  92.    """
  93.     result = subprocess.run(
  94.         [
  95.             "powershell",
  96.             "-Command",
  97.             '$SMB2Enabled = (Get-SmbServerConfiguration).EnableSMB2Protocol; if ($SMB2Enabled) { Write-Output "SMB2 is enabled" } else { Write-Output "SMB2 is disabled" }',
  98.         ],
  99.         capture_output=True,
  100.         text=True,
  101.     )
  102.     if "SMB2 is enabled" in result.stdout:
  103.         return True
  104.     elif "SMB2 is disabled" in result.stdout:
  105.         return False
  106.     else:
  107.         return None
  108.  
  109.  
  110. if __name__ == "__main__":
  111.     smb1_enabled = verify_smb1_status()
  112.     smb2_enabled = verify_smb2_status()
  113.  
  114.     if smb1_enabled is True and smb2_enabled is True:
  115.         print(
  116.             "\n⚠️ Warning: Both SMB1 and SMB2 are enabled!\nYour system is at high risk due to vulnerabilities such as EternalBlue.\n"
  117.         )
  118.     else:
  119.         print("\nNo vulnerability to EternalBlue exploits detected.\n")
  120.  
  121.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement