POC详情: 58b4b2cca0d2d871503cf423a822001c7a7c1e3b

来源
https://github.com/onSec-fr/CVE-2019-19781-Forensic
关联漏洞
标题: Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞 (CVE-2019-19781)
描述:Citrix Systems NetScaler Gateway(Citrix Systems Gateway)和Citrix Application Delivery Controller(ADC)都是美国思杰系统(Citrix Systems)公司的产品。Citrix Systems NetScaler Gateway是一套安全的远程接入解决方案。该方案可为管理员提供应用级和数据级管控功能,以实现用户从任何地点远程访问应用和数据。Citrix Application Delivery Controll
描述
Automated forensic script hunting for cve-2019-19781
介绍
# CVE-2019-19781-Forensic

## Note : My advice is now to use the official tool published by fireeye & citrix : https://github.com/fireeye/ioc-scanner-CVE-2019-19781

##### This little script was created to help security analyst to discover traces of successful CVE-2019-19781 exploits on their systems.
Feel free to fork and improve !
You can find an example of output on a compromised system : [output_demo.txt](https://github.com/onSec-fr/CVE-2019-19781-Forensic/blob/master/output_demo.txt "output_demo.txt").
##### Usage

1- Login on your Citrix Gateway with nsroot (or other high privileged account).

2- Download the script : 
`curl -o CVE-2019-19781-Forensic.sh https://raw.githubusercontent.com/onSec-fr/CVE-2019-19781-Forensic/master/script.sh`

3- Make it executable :
`chmod +x CVE-2019-19781-Forensic.sh`

4- Specify an output filename : 
`./CVE-2019-19781-Forensic.sh <output>`

5- Done !
文件快照

 [4.0K]  /data/pocs/58b4b2cca0d2d871503cf423a822001c7a7c1e3b
├── [1.0K]  LICENSE
├── [ 32K]  output_demo.txt
├── [ 902]  README.md
└── [2.2K]  script.sh

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。