I just wanted to let everyone know that over the past few days I updated my MS15-034 code to support HTTPS connections. The work involved was much easier than I expected, so I felt that it was worth including.
Working with HTTPS is pretty simple. I have followed the usual convention and defined the –UseSSL parameter, it should be noted you will need to specify a port with the –Port parameter as well. Typically –Port 443 –UseSSL will perform what you need.
Let’s take a look at a few quick examples.
1) Testing a Windows 2012 server with HTTPS and determining if it is vulnerable:
2) Invoking the DOS, this time there is a custom port number in use:
One thing to note, the certificate will be validated, so make sure it is trusted/valid etc.
I am still seeing and hearing of this attack occurring, with a significant number of systems still remaining unpatched. I still haven’t seen any code examples supporting Remote Code Execution (RCE), but I am sure someone has figured that one out and is keeping it very secret.