Research and Development

MS08-067 check is python script which can anonymously check if a target machine or a list of target machines are affected by MS08-067 vulnerability.

This tool can be used to anonymously check if a target machine or a list of target machines are affected by MS08-067 issue (Vulnerability in Server Service Could Allow Remote Code Execution).

Usage

$ python ms08-067_check.py -h
Usage: ms08-067_check.py [option] {-t |-l }

Options:
  --version   show program's version number and exit
  -h, --help  show this help message and exit
  -d          show description and exit
  -t TARGET   target IP or hostname
  -l LIST     text file with list of targets
  -s          be silent

Example output

$ python ms08-067_check.py -t 192.168.123.30
192.168.123.30: VULNERABLE

Note

On Windows XP Service Pack 2 and Windows XP Service Pack 3 this check might lead to a race condition and heap corruption in the svchost.exe process, but it may not crash the service immediately: it can trigger later on inside any of the shared services in the process.

References


Request to be added to the Portcullis Labs newsletter

We will email you whenever a new tool, or post is added to the site.

Your Name (required)

Your Email (required)