/Invoke-CVE-2022-22965-SafeCheck

PowerShell port of CVE-2022-22965 vulnerability check by colincowie.

Primary LanguagePowerShell

Invoke-CVE-2022-22965-SafeCheck

PowerShell port of CVE-2022-22965 by colincowie's original python version.

Install:

iex((iwr https://raw.githubusercontent.com/daniel0x00/Invoke-CVE-2022-22965-SafeCheck/main/Invoke-CVE202222965-SafeCheck.ps1 -UseBasicParsing).content)

Usage:

# Injects file 'CVE_2022_22965_exploited.txt' on the server:
$Output = Get-Content targets.txt | ForEach-Object { Invoke-CVE202222965-SafeCheck -Url "https://$_" }

# Outputs vulnerable items only:
$Output | Where-Object {$_.url_content -match 'CVE_2022_22965 was sucessfully exploited' -or $_.base_content -match 'CVE_2022_22965 was sucessfully exploited'}

With parallelism:

NOTE: Requires you place the script locally on C:\scripts\Invoke-CVE-2022-22965-SafeCheck.ps1 or elsewhere.

$Output = Get-Content targets.txt | ForEach-Object -ThrottleLimit 4 -Parallel { . C:\scripts\Invoke-CVE-2022-22965-SafeCheck.ps1; Invoke-CVE202222965-SafeCheck -Url "https://$_" }
$Output | Where-Object {$_.url_content -match 'CVE_2022_22965 was sucessfully exploited' -or $_.base_content -match 'CVE_2022_22965 was sucessfully exploited'}

Suggestion: run the script twice against the target with a 2' difference between requests.