suggester does not find an exploit
giper45 opened this issue · 1 comments
giper45 commented
Hello,
first of all thanks for this great tool;
I am doing a virtual lab PE, systeminfo of targeted machine is the following:
Hostname TESTING
OS Name: Microsoft Windows 7 Ultimate N
OS Version: 6.1.7601 Service Pack 1 Build 7601
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Workstation
OS Build Type: Multiprocessor Free
Registered Owner: Admin
Registered Organization:
Product ID: 00432-020-0000007-85048
Original Install Date: 1/8/2017, 4:21:34 AM
System Boot Time: 3/6/2018, 5:29:32 PM
System Manufacturer: VMware, Inc.
System Model: VMware Virtual Platform
System Type: X86-based PC
Processor(s): 1 Processor(s) Installed.
[01]: x64 Family 6 Model 63 Stepping 2 GenuineIntel ~2597 Mhz
BIOS Version: Phoenix Technologies LTD 6.00, 9/21/2015
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC-08:00) Pacific Time (US & Canada)
Total Physical Memory: 1,024 MB
Available Physical Memory: 622 MB
Virtual Memory: Max Size: 1,815 MB
Virtual Memory: Available: 1,264 MB
Virtual Memory: In Use: 551 MB
Page File Location(s): C:\pagefile.sys
Domain: WORKGROUP
Logon Server: \\TESTING
Hotfix(s): 10 Hotfix(s) Installed.
[01]: KB968771
[02]: KB971033
[03]: KB2305420
[04]: KB2425227
[05]: KB2533552
[06]: KB2534366
[07]: KB3045171
[08]: KB958488
[09]: KB976902
[10]: KB976932
Network Card(s): 1 NIC(s) Installed.
[01]: Intel(R) PRO/1000 MT Network Connection
Connection Name: Local Area Connection
DHCP Enabled: No
IP address(es)
[01]: 10.1.1.5
I launch the script:
python windows-exploit-suggester.py -d 2017-12-16-mssb.xls -i hotfix.txt
The output MS list is the following:
MS16-135
MS16-098
MS16-075
MS16-074
MS16-063
MS16-059
MS16-056
MS16-032
MS16-016
MS16-014
MS16-007
MS15-134
MS15-132
MS15-112
MS15-111
MS15-102
MS15-100
MS15-097
MS15-078
MS15-001
MS14-068
MS14-064
MS14-060
MS14-040
MS14-035
MS14-029
MS14-026
MS14-012
MS14-009
MS13-097
MS13-090
MS13-080
MS13-069
MS13-059
MS13-055
MS13-009
MS12-037
Anyway the right exploit to do privilege escalation was the simple ms11-046 (adf.sys). Am I wrong something ? Why I am not able to detect this MS with the script?
Thanks in advance
F1r3Hydr4nt commented
You are not wrong, I also noticed this omission from the suggestion list 👍