Detect, enable, and disable SMBv1 in Windows

[Luckyy]

How to Detect, Disable, or Enable SMBv1 on a Windows SMB Server (PowerShell)​

SMBv1 (Server Message Block version 1) is an outdated and insecure protocol that should be disabled unless absolutely necessary for legacy support.

Detect if SMBv1 is Enabled​

Get-Item HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters | ForEach-Object {Get-ItemProperty $_.pspath}

Note:
If SMBv1 is enabled by default, there will be no "SMB1" registry value, so the command will not return any SMB1 key. This means SMBv1 is active unless explicitly disabled.

Disable SMBv1​

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" -Name SMB1 -Type DWORD -Value 0 -Force

This creates the SMB1 registry value and sets it to 0, effectively disabling SMBv1.

Enable SMBv1 (Not Recommended)​

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" -Name SMB1 -Type DWORD -Value 1 -Force

This sets the SMB1 registry value to 1, re-enabling the protocol.

Security Warning​

It is strongly advised to disable SMBv1 unless absolutely required. SMBv1 is vulnerable to several attacks including EternalBlue, which was used in the WannaCry ransomware outbreak.

---