AonCyberLabs/Windows-Exploit-Suggester

Windows 10 is not supported

gszathmari opened this issue · 2 comments

gszathmari commented

Command output

$ ./windows-exploit-suggester.py -d 2015-09-07-mssb.xlsx -i windows10.txt 
[*] initiating winsploit version 25...
[*] database file detected as xls or xlsx based on extension
[*] attempting to read from the systeminfo input file
[+] systeminfo input file read successfully (utf-8)
[-] unable to determine the windows versions from the input file specified. consider using --ostext option to force detection (example: --ostext 'windows 7 sp1 64-bit')

The input file


Host Name:                 DESKTOP-KAU0TTL
OS Name:                   Microsoft Windows 10 Pro
OS Version:                10.0.10240 N/A Build 10240
OS Manufacturer:           Microsoft Corporation
OS Configuration:          Standalone Workstation
OS Build Type:             Multiprocessor Free
Registered Owner:          gszathmari
Registered Organization:   
Product ID:                00330-80000-00000-AA446
Original Install Date:     31/07/2015, 15:49:46
System Boot Time:          10/09/2015, 12:39:48
System Manufacturer:       VMware, Inc.
System Model:              VMware Virtual Platform
System Type:               x64-based PC
Processor(s):              1 Processor(s) Installed.
                           [01]: Intel64 Family 6 Model 58 Stepping 9 GenuineIntel ~2693 Mhz
BIOS Version:              Phoenix Technologies LTD 6.00, 20/05/2014
Windows Directory:         C:\Windows
System Directory:          C:\Windows\system32
Boot Device:               \Device\HarddiskVolume1
System Locale:             en-gb;English (United Kingdom)
Input Locale:              en-gb;English (United Kingdom)
Time Zone:                 (UTC) Dublin, Edinburgh, Lisbon, London
Total Physical Memory:     2,047 MB
Available Physical Memory: 1,042 MB
Virtual Memory: Max Size:  3,199 MB
Virtual Memory: Available: 2,133 MB
Virtual Memory: In Use:    1,066 MB
Page File Location(s):     C:\pagefile.sys
Domain:                    WORKGROUP
Logon Server:              \\DESKTOP-KAU0TTL
Hotfix(s):                 3 Hotfix(s) Installed.
                           [01]: KB3074678
                           [02]: KB3074683
                           [03]: KB3074686
Network Card(s):           2 NIC(s) Installed.
                           [01]: Intel(R) 82574L Gigabit Network Connection
                                 Connection Name: Ethernet0
                                 DHCP Enabled:    Yes
                                 DHCP Server:     172.16.142.254
                                 IP address(es)
                                 [01]: 172.16.142.153
                                 [02]: fe80::546c:3c8d:5558:da3f
                           [02]: Bluetooth Device (Personal Area Network)
                                 Connection Name: Bluetooth Network Connection
                                 Status:          Media disconnected
Hyper-V Requirements:      A hypervisor has been detected. Features required for Hyper-V will not be displayed.
sammbertram commented

Hi gszathmari,

Thank you for raising this bug! I've added a fix to now support Windows 10.

$ ./windows-exploit-suggester.py -i ../examples/windows-10-pro-64bit.txt -d 2015-09-16-mssb.xlsx --audit --sub
[*] initiating winsploit version 2.9...
[*] database file detected as xls or xlsx based on extension
[*] attempting to read from the systeminfo input file
[+] systeminfo input file read successfully (ascii)
[*] querying database file for potential vulnerabilities
[*] comparing the 4 hotfix(es) against the 12 potential bulletins(s) with a database of 115 known exploits
[*] there are now 12 remaining vulns
[+] [E] exploitdb PoC, [M] Metasploit module, [*] missing bulletin
[+] windows version identified as 'Windows 10 64-bit'
[*] 
[*] MS15-105: Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass (3091287) - Important
[*] |_MS15-091: Cumulative Security Update for Microsoft Edge (3084525) - Critical
[*] MS15-102: Vulnerabilities in Windows Task Management Could Allow Elevation of Privilege (3089657) - Important
[*] MS15-101: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3089662) - Important
[*] MS15-098: Vulnerabilities in Windows Journal Could Allow Remote Code Execution (3089669) - Critical
[*] MS15-097: Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3089656) - Critical
[*] |_MS15-080: Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3078662) - Critical
[*] MS15-095: Cumulative Security Update for Microsoft Edge (3089665) - Critical
[*] MS15-093: Security Update for Internet Explorer (3088903) - Critical
[*] MS15-092: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3086251) - Important
[*] MS15-088: Unsafe Command Line Parameter Passing Could Allow Information Disclosure (3082458) - Important
[*] MS15-085: Vulnerability in Mount Manager Could Allow Elevation of Privilege (3082487) - Important
[*] done
gszathmari commented

Cool, thanks @sammbertram