From de3cac6968b1e96026903b8765ed4e21ba46628d Mon Sep 17 00:00:00 2001
From: RythmStick <43847240+RythmStick@users.noreply.github.com>
Date: Sun, 21 Aug 2022 23:15:02 +0100
Subject: [PATCH 1/2] Add files via upload
---
SharpUp/SharpUp.csproj | 1 +
1 file changed, 1 insertion(+)
diff --git a/SharpUp/SharpUp.csproj b/SharpUp/SharpUp.csproj
index f848e64..601040a 100755
--- a/SharpUp/SharpUp.csproj
+++ b/SharpUp/SharpUp.csproj
@@ -59,6 +59,7 @@
+
From cc1f315a4a5a4751a3be22395dacb7e33449c160 Mon Sep 17 00:00:00 2001
From: RythmStick <43847240+RythmStick@users.noreply.github.com>
Date: Sun, 21 Aug 2022 23:15:31 +0100
Subject: [PATCH 2/2] Add files via upload
---
SharpUp/Checks/WSUSOverHTTP.cs | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
create mode 100644 SharpUp/Checks/WSUSOverHTTP.cs
diff --git a/SharpUp/Checks/WSUSOverHTTP.cs b/SharpUp/Checks/WSUSOverHTTP.cs
new file mode 100644
index 0000000..a0454f7
--- /dev/null
+++ b/SharpUp/Checks/WSUSOverHTTP.cs
@@ -0,0 +1,30 @@
+using SharpUp.Classes;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using static SharpUp.Utilities.RegistryUtils;
+
+namespace SharpUp.Checks
+{
+ public class WSUSOverHTTP : VulnerabilityCheck
+ {
+ private static string _regPath = "Software\\Policies\\Microsoft\\Windows\\WindowsUpdate";
+ private static string _regName = "WUServer";
+ private static string _regPathEnabled = "Software\\Policies\\Microsoft\\Windows\\WindowsUpdate\\AU";
+ private static string _regNameEnabled = "UseWUServer";
+
+ public WSUSOverHTTP()
+ {
+ _name = "WSUS updates over HTTP";
+ string WSUSOverHTTPHKLM = GetRegValue("HKLM", _regPath, _regName);
+ string WSUSEnabledHKLM = GetRegValue("HKLM", _regPathEnabled, _regNameEnabled);
+
+ if (WSUSOverHTTPHKLM.ToLower().StartsWith("http://") & (WSUSEnabledHKLM == "1"))
+ {
+ _details.Add($"WUServer: {WSUSOverHTTPHKLM}");
+ _isVulnerable = true;
+ }
+ }
+ }
+}