Windows 10 is not supported
gszathmari opened this issue · 2 comments
gszathmari commented
Command output
$ ./windows-exploit-suggester.py -d 2015-09-07-mssb.xlsx -i windows10.txt
[*] initiating winsploit version 25...
[*] database file detected as xls or xlsx based on extension
[*] attempting to read from the systeminfo input file
[+] systeminfo input file read successfully (utf-8)
[-] unable to determine the windows versions from the input file specified. consider using --ostext option to force detection (example: --ostext 'windows 7 sp1 64-bit')
The input file
Host Name: DESKTOP-KAU0TTL
OS Name: Microsoft Windows 10 Pro
OS Version: 10.0.10240 N/A Build 10240
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Workstation
OS Build Type: Multiprocessor Free
Registered Owner: gszathmari
Registered Organization:
Product ID: 00330-80000-00000-AA446
Original Install Date: 31/07/2015, 15:49:46
System Boot Time: 10/09/2015, 12:39:48
System Manufacturer: VMware, Inc.
System Model: VMware Virtual Platform
System Type: x64-based PC
Processor(s): 1 Processor(s) Installed.
[01]: Intel64 Family 6 Model 58 Stepping 9 GenuineIntel ~2693 Mhz
BIOS Version: Phoenix Technologies LTD 6.00, 20/05/2014
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-gb;English (United Kingdom)
Input Locale: en-gb;English (United Kingdom)
Time Zone: (UTC) Dublin, Edinburgh, Lisbon, London
Total Physical Memory: 2,047 MB
Available Physical Memory: 1,042 MB
Virtual Memory: Max Size: 3,199 MB
Virtual Memory: Available: 2,133 MB
Virtual Memory: In Use: 1,066 MB
Page File Location(s): C:\pagefile.sys
Domain: WORKGROUP
Logon Server: \\DESKTOP-KAU0TTL
Hotfix(s): 3 Hotfix(s) Installed.
[01]: KB3074678
[02]: KB3074683
[03]: KB3074686
Network Card(s): 2 NIC(s) Installed.
[01]: Intel(R) 82574L Gigabit Network Connection
Connection Name: Ethernet0
DHCP Enabled: Yes
DHCP Server: 172.16.142.254
IP address(es)
[01]: 172.16.142.153
[02]: fe80::546c:3c8d:5558:da3f
[02]: Bluetooth Device (Personal Area Network)
Connection Name: Bluetooth Network Connection
Status: Media disconnected
Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
sammbertram commented
Hi gszathmari,
Thank you for raising this bug! I've added a fix to now support Windows 10.
$ ./windows-exploit-suggester.py -i ../examples/windows-10-pro-64bit.txt -d 2015-09-16-mssb.xlsx --audit --sub
[*] initiating winsploit version 2.9...
[*] database file detected as xls or xlsx based on extension
[*] attempting to read from the systeminfo input file
[+] systeminfo input file read successfully (ascii)
[*] querying database file for potential vulnerabilities
[*] comparing the 4 hotfix(es) against the 12 potential bulletins(s) with a database of 115 known exploits
[*] there are now 12 remaining vulns
[+] [E] exploitdb PoC, [M] Metasploit module, [*] missing bulletin
[+] windows version identified as 'Windows 10 64-bit'
[*]
[*] MS15-105: Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass (3091287) - Important
[*] |_MS15-091: Cumulative Security Update for Microsoft Edge (3084525) - Critical
[*] MS15-102: Vulnerabilities in Windows Task Management Could Allow Elevation of Privilege (3089657) - Important
[*] MS15-101: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3089662) - Important
[*] MS15-098: Vulnerabilities in Windows Journal Could Allow Remote Code Execution (3089669) - Critical
[*] MS15-097: Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3089656) - Critical
[*] |_MS15-080: Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3078662) - Critical
[*] MS15-095: Cumulative Security Update for Microsoft Edge (3089665) - Critical
[*] MS15-093: Security Update for Internet Explorer (3088903) - Critical
[*] MS15-092: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3086251) - Important
[*] MS15-088: Unsafe Command Line Parameter Passing Could Allow Information Disclosure (3082458) - Important
[*] MS15-085: Vulnerability in Mount Manager Could Allow Elevation of Privilege (3082487) - Important
[*] done
gszathmari commented
Cool, thanks @sammbertram