Vulnerability scanner <span style="white-space: nowrap">MS17-010</span>

Vulnerability scanner MS17-010

BI.ZONE has developed a utility with which to scan for vulnerabilities exploited by WannaCrypt ransomware
May 16, 2017

Please feel free to use it and distribute among your clients and partners.

The scanner detects four states of the computer system:

  • No vulnerability MS17-010 (no message from scanner);
  • Vulnerability MS17-010 detected;
  • The system is infected;
  • Incorrect operation of SMB protocol.

The scanner is written in GO. With GOLANG installed, you can use this scanner on any system or compile it for any platform. Here is a link for GOLANG installation: https://golang.org/doc/install

Please note that this utility might be detected by antivirus software, as it uses a part of the exploit to find the vulnerability. The archive contains an .exe file and the source code of the scanner. Here is the link for archive download: scanner.wannacry.7z

Usage instructions

$ scanner.exe -h
WannaCry scanner tool by BiZone

Usage of scanner.exe:

  • file string

File with list of targets to scan. Each address or netmask on new line.

  • ip string

IP address

  • net string

IP network address. Example: 10.0.1.0/24

  • out string

Output file with results of scan in CSV format. Example: results.csv

  • verbose

Verbose output

  • workers int

Count of concurrent workers. (default 200, max count 1000)

Examples:
scanner.exe -ip 10.0.1.12
scanner.exe -net 10.0.1.0/24
scanner.exe -file ips.txt -out vuln.csv


The utility is downloadable from:

scanner.wannacry.7z

The password for the archive is 'wannacry'


The checksum:

shasum scanner.exe
78801a61a36500e797979e41d118d762405d54d4 scanner.exe