Nmap NSE script to detect MS17-010
smb-vuln-ms17-010.nse nmap nse script description
Attempts to detect if a Microsoft SMBv1 server is vulnerable to a remote code
execution vulnerability (ms2017-010).
The script connects to the $IPC tree, executes a transaction on FID 0 and
checks if the error “STATUS_INSUFF_SERVER_RESOURCES” is returned to
determine if the target is not patched against CVE2017-010.
Tested on a vulnerable Windows 7. We might have some issues with v2 protocols with
Save it to Nmap NSE script directory
# Linux – /usr/share/nmap/scripts/ or /usr/local/share/nmap/scripts/
# OSX – /opt/local/share/nmap/scripts/