MS15-034-Scanner - Application that supports scanning for MS15-034 Vulnerability over http & https.

MS15-034-Scanner – Application that supports scanning for MS15-034 Vulnerability over http & https.

MS15-034-Scanner is a windows command line utility which scans one or more URLs for the MS15-034 vulnerability in a non-destructive manner.
+ This utility uses raw sockets to perform the scan, bypassing the limitations inherent in most native .NET web browser or clients (which block access to critical header values).
+ Additionally, this solution provides full SSL support with header manipulation.
+ Invoke the utility without arguments to see options.
+ Accepts a list of one or more URL to scan. Each url should be fully qualified, can include http or https, can use alternate ports, and can include virtual directories or subsites.

Vulnerability in HTTP.sys Could Allow Remote Code Execution
+ A remote code execution vulnerability exists in the HTTP protocol stack (HTTP.sys) that is caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of the System account.
+ To exploit this vulnerability, an attacker would have to send a specially crafted HTTP request to the affected system. The update addresses the vulnerability by modifying how the Windows HTTP stack handles requests.
+ Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was originally issued, Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers.

Usage:
The utility emits onscreen progress details and records to a log file (CSV) detailed results of scanning.

Intallation 1

Intallation 1

install2

Example Log :

Download : MS15-034-Scanner.zip(6.64 MB)  | Clone URL
Source : https://github.com/geekmarine72