The subject line says HTTP only. Does this attack work over HTTPS? | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ptaipale on April 16, 2015 \| parent \| context \| favorite \| on: Remote Kernel Code Execution Via HTTP Request In I... The subject line says HTTP only. Does this attack work over HTTPS?

tbpollard on April 16, 2015 [–]

yes, at least the BSOD aspect. I haven't been able to confirm remote code execution, but I was able to BSOD IIS 8.5 via this method over http and https.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact