.. / CVE-2015-1635

Exploit for Microsoft Windows 'HTTP.sys' - Remote Code Execution (CVE-2015-1635)

Description:

HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka “HTTP.sys Remote Code Execution Vulnerability.”

Nuclei Template

View the template here CVE-2015-1635.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2015/CVE-2015-1635.yaml

References:

https://www.exploit-db.com/exploits/36773
https://github.com/b1gbroth3r/shoMe
http://www.securitytracker.com/id/1032109
https://nvd.nist.gov/vuln/detail/CVE-2015-1635
https://www.securitysift.com/an-analysis-of-ms15-034/

.. / CVE-2015-1635 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Microsoft Windows 'HTTP.sys' - Remote Code Execution (CVE-2015-1635)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2015-1635