Invoke-CVE-2022-22965-SafeCheck
PowerShell port of CVE-2022-22965 by colincowie's original python version.
Install:
iex((iwr https://raw.githubusercontent.com/daniel0x00/Invoke-CVE-2022-22965-SafeCheck/main/Invoke-CVE202222965-SafeCheck.ps1 -UseBasicParsing).content)
Usage:
# Injects file 'CVE_2022_22965_exploited.txt' on the server:
$Output = Get-Content targets.txt | ForEach-Object { Invoke-CVE202222965-SafeCheck -Url "https://$_" }
# Outputs vulnerable items only:
$Output | Where-Object {$_.url_content -match 'CVE_2022_22965 was sucessfully exploited' -or $_.base_content -match 'CVE_2022_22965 was sucessfully exploited'}
With parallelism:
NOTE: Requires you place the script locally on C:\scripts\Invoke-CVE-2022-22965-SafeCheck.ps1 or elsewhere.
$Output = Get-Content targets.txt | ForEach-Object -ThrottleLimit 4 -Parallel { . C:\scripts\Invoke-CVE-2022-22965-SafeCheck.ps1; Invoke-CVE202222965-SafeCheck -Url "https://$_" }
$Output | Where-Object {$_.url_content -match 'CVE_2022_22965 was sucessfully exploited' -or $_.base_content -match 'CVE_2022_22965 was sucessfully exploited'}
Suggestion: run the script twice against the target with a 2' difference between requests.