Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft CVE-2020-0796

## https://sploitus.com/exploit?id=B351E803-26D7-5CFC-8727-D423591F86F5
# SMBGhost Scanner — CVE-2020-0796

SMBv3 vulnerability scanner (SMBGhost). Detects vulnerable Windows hosts by sending a malformed SMBv3 negotiation packet and checking the response.

## Usage

```bash
# Single host
python3 scanner.py -H 10.0.0.5

# Host list
python3 scanner.py -l targets.txt

# Network segment
python3 scanner.py -s 192.168.1.0/24 -t 50 -T 2 -v
```

## Options

| Flag      | Description                           | Default |
|-----------|---------------------------------------|---------|
| `-H HOST` | Single host or IP                     | —       |
| `-l FILE` | File with one host per line           | —       |
| `-s CIDR` | Network segment (e.g. `10.10.10.0/24`) | —       |
| `-t N`    | Concurrent threads                    | 10      |
| `-T SEC`  | Socket timeout                        | 3 s     |
| `-v`      | Show hosts with port 445 closed       | off     |
| `-o FILE` | Save results to file (no color output)| —       |

## Requirements

Python 3.9+

## Additional information
based on https://github.com/ly4k/SMBGhost