MS15-034-Scanner is a windows command line utility which scans one or more URLs for the MS15-034 vulnerability in a non-destructive manner.
+ This utility uses raw sockets to perform the scan, bypassing the limitations inherent in most native .NET web browser or clients (which block access to critical header values).
+ Additionally, this solution provides full SSL support with header manipulation.
+ Invoke the utility without arguments to see options.
+ Accepts a list of one or more URL to scan. Each url should be fully qualified, can include http or https, can use alternate ports, and can include virtual directories or subsites.
Vulnerability in HTTP.sys Could Allow Remote Code Execution
+ A remote code execution vulnerability exists in the HTTP protocol stack (HTTP.sys) that is caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of the System account.
+ To exploit this vulnerability, an attacker would have to send a specially crafted HTTP request to the affected system. The update addresses the vulnerability by modifying how the Windows HTTP stack handles requests.
+ Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was originally issued, Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.
Usage:
The utility emits onscreen progress details and records to a log file (CSV) detailed results of scanning.
Intallation 1
Example Log :
[00:00:00] Build started [00:00:14] git clone -q --branch=master https://github.com/geekmarine72/MS15-034-Scanner.git C:\projects\ms15-034-scanner [00:00:29] git checkout -qf 28d21bce70030a2fe245a79d8b6669872477f3da [00:00:33] "C:\Program Files (x86)\MSBuild\12.0\Bin\MSBuild.exe" "IIS-SCAN.sln" /verbosity:minimal /logger:"C:\Program Files\AppVeyor\BuildAgent\Appveyor.MSBuildLogger.dll" [00:00:44] Microsoft (R) Build Engine version 12.0.31101.0 [00:00:44] [Microsoft .NET Framework, version 4.0.30319.34209] [00:00:44] Copyright (C) Microsoft Corporation. All rights reserved. [00:00:44] [00:01:27] cl : Command line warning D9035: option 'clr:oldsyntax' has been deprecated and will be removed in a future release [C:\projects\ms15-034-scanner\SSL\SSL.vcxproj] [00:01:27] Stdafx.cpp [00:01:28] cl : Command line warning D9035: option 'clr:oldsyntax' has been deprecated and will be removed in a future release [C:\projects\ms15-034-scanner\SSL\SSL.vcxproj] [00:01:28] AssemblyInfo.cpp [00:01:32] SSL.cpp [00:01:38] sslcommon.cpp [00:01:39] sslcommon.cpp(26): warning C4996: 'GetVersionExA': was declared deprecated [C:\projects\ms15-034-scanner\SSL\SSL.vcxproj] [00:01:39] C:\Program Files (x86)\Windows Kits\8.1\Include\um\sysinfoapi.h(433) : see declaration of 'GetVersionExA' [00:01:39] sslcommon.cpp(34): warning C4996: 'strcpy': This function or variable may be unsafe. Consider using strcpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details. [C:\projects\ms15-034-scanner\SSL\SSL.vcxproj] [00:01:39] C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\include\string.h(112) : see declaration of 'strcpy' [00:01:39] sslcommon.cpp(39): warning C4996: 'strcpy': This function or variable may be unsafe. Consider using strcpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details. [C:\projects\ms15-034-scanner\SSL\SSL.vcxproj] [00:01:39] C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\include\string.h(112) : see declaration of 'strcpy' [00:01:39] SSLServer.cpp [00:01:41] Generating Code... [00:01:48] SSL.vcxproj -> C:\projects\ms15-034-scanner\SSL\Debug\SSL.dll [00:01:52] HTTPSSocket.cs(84,39): warning CS0168: The variable 'ex' is declared but never used [C:\projects\ms15-034-scanner\IIS-SCAN\IIS-SCAN.csproj] [00:01:52] HTTPSSocket.cs(88,58): warning CS0168: The variable 'ex' is declared but never used [C:\projects\ms15-034-scanner\IIS-SCAN\IIS-SCAN.csproj] [00:01:52] IIS-SCAN -> C:\projects\ms15-034-scanner\IIS-SCAN\bin\Debug\IIS-SCAN.exe [00:01:57] C:\Program Files (x86)\MSBuild\12.0\bin\Microsoft.Common.CurrentVersion.targets(1697,5): warning MSB3270: There was a mismatch between the processor architecture of the project being built "MSIL" and the processor architecture of the reference "C:\projects [00:01:57] \ms15-034-scanner\IIS-SCAN\bin\Debug\IIS-SCAN.exe", "x86". This mismatch may cause runtime failures. Please consider changing the targeted processor architecture of your project through the Configuration Manager so as to align the processor architectures between your project and references, or take a dependency on references with a processor architecture that matches the targeted processor architecture of your project. [C:\projects\ms15-034-scanner\IIS-SCAN-Test\IIS-SCAN-Test.csproj] [00:01:57] C:\Program Files (x86)\MSBuild\12.0\bin\Microsoft.Common.CurrentVersion.targets(1697,5): warning MSB3270: There was a mismatch between the processor architecture of the project being built "MSIL" and the processor architecture of the reference "C:\projects [00:01:57] \ms15-034-scanner\SSL\Debug\SSL.dll", "x86". This mismatch may cause runtime failures. Please consider changing the targeted processor architecture of your project through the Configuration Manager so as to align the processor architectures between your project and references, or take a dependency on references with a processor architecture that matches the targeted processor architecture of your project. [C:\projects\ms15-034-scanner\IIS-SCAN-Test\IIS-SCAN-Test.csproj] [00:01:57] IIS-SCAN-Test -> C:\projects\ms15-034-scanner\IIS-SCAN-Test\bin\Debug\IIS-SCAN-Test.dll [00:01:59] Discovering tests... [00:01:59] OK [00:01:59] vstest.console /logger:Appveyor "C:\projects\ms15-034-scanner\IIS-SCAN-Test\bin\Debug\IIS-SCAN-Test.dll" [00:02:04] Microsoft (R) Test Execution Command Line Tool Version 12.0.30723.0 [00:02:04] [00:02:04] Copyright (c) Microsoft Corporation. All rights reserved. [00:02:04] [00:02:11] Starting test execution, please wait... [00:02:11] [00:02:20] Passed TestMethod1 [00:02:20] [00:02:20] Passed TestMethod1 [00:02:20] [00:02:21] [00:02:21] Total tests: 2. Passed: 2. Failed: 0. Skipped: 0. [00:02:21] [00:02:21] Test Run Successful. [00:02:21] [00:02:21] Test execution time: 2.3817 Seconds [00:02:21] [00:02:22] Build success
Download : MS15-034-Scanner.zip(6.64 MB) | Clone URL
Source : https://github.com/geekmarine72