Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
MS15-034 Test
function Test-MS15034($url) {
try {
$wr = [Net.WebRequest]::Create($url)
$wr.AddRange('bytes',234234,28768768)
$res = $wr.GetResponse()
$status = $res.statuscode
Write-Output "$status means it is not vulnerable"
$res.Close()
}catch {
if ($Error[0].Exception.InnerException.Response.StatusCode -eq '416') {Write-Output "Site is vulnerable"}
}
}
@jdubbbb

This comment has been minimized.

Copy link

commented Apr 15, 2015

Doesn't seem to work. Tested before and after patching and script still reports vulnerable. Used a test box that I could crash with ms15034 prior to patching.

@obscuresec

This comment has been minimized.

Copy link
Owner Author

commented Apr 15, 2015

I don't know if this is a good test. I just copied it from the logic here: https://twitter.com/wincmdfu/status/588336782007148545

@Zagrophyte

This comment has been minimized.

Copy link

commented Apr 16, 2015

The WebClient/WebRequest object doesn't let you set the full Range required to reliably detect the vulnerability. I wrote one that uses TcpClient instead. This also shows whether a system has been patched, or is indeterminate.

I humbly submit:
https://gist.github.com/Zagrophyte/ea086087e6fd7ca579ef (Powershell)
https://gist.github.com/Zagrophyte/0fa7a8e2e507fac2b59d (C#)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.