deepsecurity-pe/GoGhost deepsecurity-pe/GoGhost

  • Stars
    star
    157
  • Rank 230,990 (Top 5 %)
  • Language
    Go
  • Created almost 4 years ago
  • Updated almost 4 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
deepsecurity-pe/GoGhost
github

deepsecurity-pe

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

High Performance, lightweight, portable Open Source tool for mass SMBGhost Scan

GoGhost

GoGhost is a High Performance, lightweight, portable Open Source tool for mass SMBGhost Scan.

GoGhost Running

Installation

You can download Windows Binary or Linux Binary. Alternatively, GoGhost uses native Golang libraries so the line above would be fine to compile it:

go build GoGhost.go

Usage Options

GoGhost Scanned 25,000 IP addresses in less than 3 seconds, NMAP took more than 600.

NMAP vs GoGhost

-iL [FILE]

By using the -iL option you're able to specify a list file with CIDRs in file.

-iR [CIDR]

By using the -iR option you're able to specify an IP Range.

False Positive & False Negative

If the Windows is patched with KB4551762, GoGhost will still flag it as vulnerable. If the list of CIDRs in the file is bigger than 500k IP Addresses it may flag some vulnerable as Timeout.

The Results

Timeout => Closed Port

Not Vulnerable => Does not has compression

Vulnerable => LZNT1 compression on SMB.

Disclaimer

This tool was coded to measure the impact of SMBGhost in Latin America and Deepsecurity is not responsible for the use of this tool.

More Repositories

1

OperacionApakuy

Recursos del post sobre operaciรณn apakuy
Python
5
star
2

GoF5-CVE-2020-5902

Script para validar CVE-2020-5902 hecho en Go.
Go
3
star
3

BlueKeep

Check BlueKeep
Batchfile
2
star