bug-bounty488
google318
xss283
microsoft259
facebook226
rce175
apple153
exploit147
malware112
account-takeover109
bragging-post102
cve92
csrf85
privilege-escalation81
authentication-bypass66
stored-xss65
writeup63
phishing60
reflected-xss57
dos57
browser57
react53
ssrf52
access-control51
supply-chain49
input-validation49
cross-site-scripting48
cloudflare48
aws47
node46
smart-contract45
docker45
sql-injection45
ethereum44
web-application43
defi43
web-security43
oauth42
reverse-engineering42
web340
lfi37
burp-suite36
idor36
vulnerability-disclosure35
html-injection33
race-condition33
smart-contract-vulnerability32
csp-bypass32
information-disclosure31
clickjacking31
0
5/10
A writeup demonstrating how to escalate a banner grabbing reconnaissance finding into critical vulnerabilities (DoS and memory corruption) on IIS servers using MS15-034 (CVE-2015-1635), exploitable via HTTP Range headers and Metasploit modules.
banner-grabbing
dos
memory-corruption
iis
cve-2015-1635
http-range-header
metasploit
penetration-testing
vulnerability-chaining
nmap
curl
MS15-034
CVE-2015-1635
Daniel Morais
IIS
Metasploit