module
MS15-034 HTTP Protocol Stack Request Handling HTTP.SYS Memory Information Disclosure
| Disclosed | Created |
|---|---|
| 01/01/1970 | 05/30/2018 |
Disclosed
01/01/1970
Created
05/30/2018
Description
This module dumps memory contents using a crafted Range header and affects only
Windows 8.1, Server 2012, and Server 2012R2. Note that if the target
is running in VMware Workstation, this module has a high likelihood
of resulting in BSOD; however, VMware ESX and non-virtualized hosts
seem stable. Using a larger target file should result in more memory
being dumped, and SSL seems to produce more data as well.
Windows 8.1, Server 2012, and Server 2012R2. Note that if the target
is running in VMware Workstation, this module has a high likelihood
of resulting in BSOD; however, VMware ESX and non-virtualized hosts
seem stable. Using a larger target file should result in more memory
being dumped, and SSL seems to produce more data as well.
Authors
Rich Whitcroft sinn3r Sunny Neo
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use auxiliary/scanner/http/ms15_034_http_sys_memory_dump
msf /(p) > show actions
...actions...
msf /(p) > set ACTION < action-name >
msf /(p) > show options
...show and set options...
msf /(p) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.