CVE-2019-19781 PoC — Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞

Source

Associated Vulnerability

Description

Automated script for Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API. You must have a Shodan account to use this script.

Readme

# CVE-2019-19781
Automated script for Citrix ADC scanner ([CVE-2019-19781](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19781 "CVE-2019-19781")) using hosts retrieved from Shodan API. You must have a Shodan account to use this script. Click [here](https://account.shodan.io/register) if you don't have Shodan account.

## Installation

1. Install dependencies.
```bash
    # CentOS & Fedora
    yum install git python3 -y

    # Ubuntu & Debian
    apt install git python3 python3-pip -y

    # FreeBSD
    pkg install -y python3 git
    python3 -m ensurepip
```

2. Clone repository & install python3 module
```bash
    git clone https://github.com/aqhmal/CVE-2019-19781.git
    cd CVE-2019-19781/
    pip3 install -r requirements.txt
```

3. Add your Shodan API key
```python
    # Shodan API Key (change according to your Shodan API key)
    api_key = ''
    # Shodan search query
    search_query = '"http://cis.citrix.com"'
```

## Usage

```bash
    python3 scanner.py -t <number of threads/ default: 5>
```

## Disclaimer
This script is only for penetration testing and security research, I will not be responsible if you use it for illegal activities.

File Snapshot

 [4.0K]  /data/pocs/188098f062d00b068e3bf78babc1b0fe8e01196d
├── [1.0K]  LICENSE
├── [1.2K]  README.md
├── [   7]  requirements.txt
└── [2.7K]  scanner.py

0 directories, 4 files

Remarks