How to scan your network for WannaCry vulnerability (SMBv1 MS17-010)?

This tutorial is for Linux systems, especially Debian derivatives.

Update Nmap

At first please check your Nmap version:

nmap --version

You will need at least 7.5. If it’s lower than that, simply go to and follow their instructions. I’ve used alien to convert RPM package because Debian ones are very old.

sudo alien nmap-7.50-1.x86_64.rpm 
sudo dpkg --force-overwrite -i nmap_7.50-2_amd64.deb

Preapare Nmap for scan

You need to determine where NSE scripts are stored in your system. I’ve used:

find / -type f -name "*.nse"

And I’ve found out that they are in /usr/share/nmap/scripts/. Download and place it there.

Scan your network

Now simply scan your network:

nmap -p445 -Pn --script smb-vuln-ms17-010 192.168.x.x/24 | grep -B 8 VULNERABLE

Grep will list only these machines which are vulnerable. Results look like this:

Nmap scan report for 192.168.x.x
Host is up (0.00029s latency).

445/tcp open  microsoft-ds

Host script results:
| smb-vuln-ms17-010: 
|   Remote Code Execution vulnerability in Microsoft SMBv1 servers (ms17-010)
|     State: VULNERABLE

Of course you can put them into file for latter investigation:

nmap -p445 -Pn --script smb-vuln-ms17-010 192.168.x.x/24 | grep -B 8 VULNERABLE > scan_result.txt