CVE-2015-1635

PoC for CVE-2015-1635 / MS15-034 – HTTP.sys Allows Remote Code Execution / Check & DOS

./MS15-034 <URL> <RESOURCE> <FLAG [0 or 18]>

Note: Search for an accessible resource (e.g iis-85.png) & Specify Flag (0/Check or 18/Exploit)

HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka “HTTP.sys Remote Code Execution Vulnerability.”

Reference: https://www.cvedetails.com/cve/CVE-2015-1635/

Executable: Binary has been compiled and tested on Debian11

CVE-2015-1635: ELF 64-bit LSB executable, x86-64, version 1 (SYSV)

GitHub

View Github