module
MS15-034 HTTP Protocol Stack Request Handling HTTP.SYS Memory Information Disclosure
| Disclosed | Created |
|---|---|
| N/A | May 30, 2018 |
Disclosed
N/A
Created
May 30, 2018
Description
This module dumps memory contents using a crafted Range header and affects only
Windows 8.1, Server 2012, and Server 2012R2. Note that if the target
is running in VMware Workstation, this module has a high likelihood
of resulting in BSOD; however, VMware ESX and non-virtualized hosts
seem stable. Using a larger target file should result in more memory
being dumped, and SSL seems to produce more data as well.
Windows 8.1, Server 2012, and Server 2012R2. Note that if the target
is running in VMware Workstation, this module has a high likelihood
of resulting in BSOD; however, VMware ESX and non-virtualized hosts
seem stable. Using a larger target file should result in more memory
being dumped, and SSL seems to produce more data as well.
Authors
Rich Whitcroft rwhitcroft@gmail.com
sinn3r sinn3r@metasploit.com
Sunny Neo sunny.neo@centurioninfosec.sg
sinn3r sinn3r@metasploit.com
Sunny Neo sunny.neo@centurioninfosec.sg
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.