bug-bounty489
google320
xss283
microsoft261
facebook229
rce177
apple156
exploit147
malware112
account-takeover109
bragging-post102
cve92
csrf85
privilege-escalation81
authentication-bypass66
stored-xss65
writeup63
phishing60
dos57
browser57
reflected-xss57
react54
ssrf52
access-control50
input-validation49
supply-chain49
cloudflare49
cross-site-scripting48
node47
aws47
docker46
sql-injection45
smart-contract45
ethereum44
web-application43
defi43
web-security43
oauth43
reverse-engineering42
web340
lfi37
idor36
burp-suite36
vulnerability-disclosure35
html-injection33
race-condition33
csp-bypass32
smart-contract-vulnerability32
clickjacking31
info-disclosure30
0
5/10
A writeup demonstrating how to escalate a banner grabbing reconnaissance finding into critical vulnerabilities (DoS and memory corruption) on IIS servers using MS15-034 (CVE-2015-1635), exploitable via HTTP Range headers and Metasploit modules.
banner-grabbing
dos
memory-corruption
iis
cve-2015-1635
http-range-header
metasploit
penetration-testing
vulnerability-chaining
nmap
curl
MS15-034
CVE-2015-1635
Daniel Morais
IIS
Metasploit