POC详情: 233e73a6de600b1478bc0455e75c52080579a2d6

来源
https://github.com/DanielWep/CVE-NetScalerFileSystemCheck
关联漏洞
标题: Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞 (CVE-2019-19781)
描述:Citrix Systems NetScaler Gateway(Citrix Systems Gateway)和Citrix Application Delivery Controller(ADC)都是美国思杰系统(Citrix Systems)公司的产品。Citrix Systems NetScaler Gateway是一套安全的远程接入解决方案。该方案可为管理员提供应用级和数据级管控功能,以实现用户从任何地点远程访问应用和数据。Citrix Application Delivery Controll
描述
This script checks the Citrix Netscaler if it has been compromised by CVE-2019-19781 attacks and collects all file system information
介绍
# CVE-NetScalerFileSystemCheck
This script checks the Citrix Netscaler if it has been compromised by CVE-2019-19781 attacks and collects all file system information.

The following files and logs will be checked (Latest version 1.13):
- Template folders for XML files
- Apache Access logfiles
- Apache Error logfiles
- Cron Jobs
- Backdoor Scripts
- Crypto Miner
- Bash logfiles

## Getting Started

The Output file will be created in the execution directory. 

### Prerequisites

CVE-NetScalerFileSystemCheck.ps1 needs [plink.exe](https://the.earth.li/~sgtatham/putty/latest/w64/plink.exe) in the execution directory and can be run your local computer. 

CVE-NetScalerFileSystemCheck.sh can be run your NetScaler appliance directly, e.g. under /var/tmp/.  

## Running the scripts

### CCVE-NetScalerFileSystemCheck.ps1

```
.\CVE-NetScalerFileSystemCheck.ps1 -NSIP [YourNetScalerIP]
```

### CCVE-NetScalerFileSystemCheck.sh

```
bash CVE-NetScalerFileSystemCheck.sh
```
## Credits
@manuelkolloff - https://nerdscaler.com/
#

Cheers,
[Daniel Weppeler](https://danielweppeler.de)
文件快照

 [4.0K]  /data/pocs/233e73a6de600b1478bc0455e75c52080579a2d6
├── [4.5K]  CVE-NetScalerFileSystemCheck.ps1
├── [1.3K]  CVE-NetScalerFileSystemCheck.sh
└── [1.1K]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。