Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
MS15-034 Test
function Test-MS15034($url) {
try {
$wr = [Net.WebRequest]::Create($url)
$res = $wr.GetResponse()
$status = $res.statuscode
Write-Output "$status means it is not vulnerable"
}catch {
if ($Error[0].Exception.InnerException.Response.StatusCode -eq '416') {Write-Output "Site is vulnerable"}

This comment has been minimized.

Copy link

@jdubbbb jdubbbb commented Apr 15, 2015

Doesn't seem to work. Tested before and after patching and script still reports vulnerable. Used a test box that I could crash with ms15034 prior to patching.


This comment has been minimized.

Copy link
Owner Author

@obscuresec obscuresec commented Apr 15, 2015

I don't know if this is a good test. I just copied it from the logic here:


This comment has been minimized.

Copy link

@Zagrophyte Zagrophyte commented Apr 16, 2015

The WebClient/WebRequest object doesn't let you set the full Range required to reliably detect the vulnerability. I wrote one that uses TcpClient instead. This also shows whether a system has been patched, or is indeterminate.

I humbly submit: (Powershell) (C#)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment