module

MS15-034 HTTP Protocol Stack Request Handling HTTP.SYS Memory Information Disclosure

Disclosed
01/01/1970
Created
05/30/2018

Description

This module dumps memory contents using a crafted Range header and affects only
Windows 8.1, Server 2012, and Server 2012R2. Note that if the target
is running in VMware Workstation, this module has a high likelihood
of resulting in BSOD; however, VMware ESX and non-virtualized hosts
seem stable. Using a larger target file should result in more memory
being dumped, and SSL seems to produce more data as well.

Authors

Rich Whitcroft sinn3r Sunny Neo

Module Options

To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:


    msf > use auxiliary/scanner/http/ms15_034_http_sys_memory_dump
    msf /(p) > show actions
        ...actions...
    msf /(p) > set ACTION < action-name >
    msf /(p) > show options
        ...show and set options...
    msf /(p) > run
  
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.