PoC for CVE-2015-1635 / MS15-034 - HTTP.sys Allows Remote Code Execution / Check & DOS

CVE-2015-1635

PoC for CVE-2015-1635 / MS15-034 - HTTP.sys Allows Remote Code Execution / Check & DOS

./MS15-034 <URL> <RESOURCE> <FLAG [0 or 18]>

Note: Search for an accessible resource (e.g iis-85.png) & Specify Flag (0/Check or 18/Exploit)

HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka “HTTP.sys Remote Code Execution Vulnerability.”

Reference: https://www.cvedetails.com/cve/CVE-2015-1635/

Executable: Binary has been compiled and tested on Debian11

CVE-2015-1635: ELF 64-bit LSB executable, x86-64, version 1 (SYSV)

Owner
Nikola Kipariz Stamov
Nikola Kipariz Stamov
https://github.com/nksf7/CVE-2015-1635
Similar Resources

一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Welcome to xray 👋 一款功能强大的安全评估工具 ✨ Demo 🏠 使用文档 ⬇️ 下载地址 注意:xray 不开源,直接下载构建的二进制文件即可,仓库内主要为社区贡献的 poc,每次 xray 发布将自动打包。 🚀 快速使用 在使用之前,请务必阅读并同意 License 文件中

Jan 5, 2023

PoC for running AWS services(kinesis, dynamodb, lambdas) locally with Localstack

hotdog-localstack-PoC PoC for running AWS services(kinesis, dynamodb, lambdas) locally with Localstack alias awslocal="aws --endpoint-url=http://local

Dec 3, 2022

ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file.

ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file.

ZipExec ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file. This zip file is then base64 encoded i

Dec 31, 2022

An improvement on the PoC for the privacy-preserving contact discovery scheme I implemented as part of my UCL masters degree

Privacy-Preserving Contact Discovery / ARKE - PoC This is an improved version of the work I submitted as part of my masters degree dissertation at UCL

Dec 18, 2021

Gocrypter - Crypter em golang (POC)

Gocrypter - Crypter em golang (POC)

Gocrypter Crypter em golang (POC) Uso ./gocrypter executável Estágios do crypter Comprimi o arquivo malicioso usando a ZLIB Criptografa os bytes res

Jan 2, 2022

Go poc - Golang proof of concept

quickstart tar -zxvf go1.17.6.linux-amd64.tar.gz -C ~/tools/ echo "export PATH=

Jan 8, 2022

Vishnu - Golang port-knocking PoC

Vishnu(The Hidden Backdoor) Taken from the Trimurit, the triple deity of supreme

Nov 9, 2022

🗡 Molag is a POC/awareness project for dependency risks.

molag // 🚧 WIP Intro This is a POC package, showcasing why dependencies in general (in any programming language/framework) are a bad idea. This does

Sep 23, 2022

SandboxPPL - Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted

SandboxPPL - Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted

SandboxPPL Golang PoC that sandboxes Defender (or other PPL) by setting its toke

Jul 1, 2022
Related tags
Security CVE-2015-1635
Exploitation of CVE-2018-18925 a Remote Code Execution against the Git self hosted tool: Gogs.
 Exploitation of CVE-2018-18925 a Remote Code Execution against the Git self hosted tool: Gogs.

CVE-2018-18925 Exploitation of CVE-2018-18925 a Remote Code Execution against the Git self hosted tool: Gogs. Gogs is based on the Macaron framework.

Nov 9, 2022
vRealize RCE + Privesc (CVE-2021-21975, CVE-2021-21983, CVE-0DAY-?????)
 vRealize RCE + Privesc (CVE-2021-21975, CVE-2021-21983, CVE-0DAY-?????)

REALITY_SMASHER vRealize RCE + Privesc (CVE-2021-21975, CVE-2021-21983, CVE-0DAY-?????) "As easy to stop as it is to comprehend." What is it? "Reality

Nov 9, 2022
An awesome reverse engine for xray poc. | 一个自动化根据 xray poc 生成对应 server 的工具
 An awesome reverse engine for xray poc. | 一个自动化根据 xray poc 生成对应 server 的工具

在线体验 漏洞报告 Yarx 是什么 Yarx 来自于 x-r-a-y 的反向拼写,它能够根据 xray 的 yaml poc 规则全自动的生成一个满足规则要求的 Server,使用 xray 扫描该 Server 将会扫描出对应的漏洞。它的核心工作原理如下: 它的主要特性有: 支持 status、

Jan 5, 2023
A CVE-2021-22205 Gitlab RCE POC written in Golang

Golang-CVE-2021-22205-POC A bare bones CVE-2021-22205 Gitlab RCE POC written in Golang which affects Gitlab CE/EE < 13.10.3 Gitlab CE/EE < 13.9.6 Gitl

Jul 4, 2022
PoC for CVE-2021-41277

CVE-2021-41277 PoC Metabase is an open source data analytics platform. Local File Inclusion issue has been discovered in some versions of metabase. He

Dec 3, 2021
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.

PewSWITCH A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157. Related blog: https://0xinfection.github.io/p

Nov 2, 2022
CVE-2021-4034 - A Golang implementation of clubby789's implementation of CVE-2021-4034

CVE-2021-4034 January 25, 2022 | An00bRektn This is a golang implementation of C

Feb 3, 2022
Tool to check whether one of your applications is affected by a vulnerability in log4j: CVE-2021-44228
 Tool to check whether one of your applications is affected by a vulnerability in log4j: CVE-2021-44228

log4shell.tools log4shell.tools is a tool allows you to run a test to check whether one of your applications is affected by a vulnerability in log4j:

Nov 2, 2022
Exploit for remote command execution in Golang go get command.

CVE-2018-6574 Exploit for remote command execution in Golang go get command. Introduction When you go get a package, Go is designed to build and insta

Oct 15, 2021
A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).
 A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).

proxylogscan This tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and imperson

Dec 26, 2022