漏洞平台

POC详情： b08fd0e7d99e44a00392593044a1412feb9d6172

来源

https://github.com/0xgh057r3c0n/CVE-2025-5777

关联漏洞

标题： Citrix NetScaler ADC和Citrix NetScaler Gateway 安全漏洞 (CVE-2025-5777)
描述：Citrix NetScaler ADC和Citrix NetScaler Gateway都是美国Citrix公司的产品。Citrix NetScaler ADC是一个应用程序交付和安全性平台。Citrix NetScaler Gateway是一种安全远程访问的解决方案。 Citrix NetScaler ADC和Citrix NetScaler Gateway存在安全漏洞，该漏洞源于NetScaler Management Interface输入验证不足，可能导致内存过度读取。

描述

Citrix NetScaler Memory Leak PoC

介绍

# CVE-2025-5777 - Citrix NetScaler Memory Leak PoC

## 📌 Description

This script exploits a critical memory disclosure vulnerability in Citrix NetScaler ADC/Gateway appliances, identified as **CVE-2025-5777** (dubbed **CitrixBleed 2**). It triggers a memory leak through the `/p/u/doAuthentication.do` endpoint, revealing uninitialized memory containing sensitive data such as XML fragments, tokens, and potentially credentials.

* 📅 **CVE ID:** CVE-2025-5777
* ⚙️ **Impact:** Information Disclosure
* 🧑‍💻 **Author:** \[0xgh057r3c0n]
* 🧵 **Concurrency:** Asynchronous with `aiohttp`
* 📦 **Dependencies:** `aiohttp`, `colorama`

---

## 🚀 Features

* Asynchronous mass-request engine using `asyncio + aiohttp`
* Hex dump of leaked memory fragments
* Auto-detection of the `<InitialValue>` memory leak
* Verbose mode for debugging and response preview
* Graceful interrupt handling (Ctrl+C)

---

## 🧪 Usage

```bash
python3 CVE-2025-5777.py http://<target> [options]
```

### 🔧 Options

| Option          | Description                                    |
| --------------- | ---------------------------------------------- |
| `-v, --verbose` | Enable verbose debug output                    |
| `-p <proxy>`    | Use HTTP proxy (e.g., `http://127.0.0.1:8080`) |
| `-t <threads>`  | Number of concurrent requests (default: 10)    |

---

## 📥 Example

```bash
python3 CVE-2025-5777.py http://192.168.1.1 -v -t 5
```

---

## 📤 Sample Output

```
_____________   _______________         _______________   ________   .________          .___________________________________ 
\_   ___ \   \ /   /\_   _____/         \_____  \   _  \  \_____  \  |   ____/          |   ____/\______  \______  \______  \
/    \  \/\   Y   /  |    __)_   ______  /  ____/  /_\  \  /  ____/  |____  \   ______  |____  \     /    /   /    /   /    /
\     \____\     /   |        \ /_____/ /       \  \_/   \/       \  /       \ /_____/  /       \   /    /   /    /   /    / 
 \______  / \___/   /_______  /         \_______ \_____  /\_______ \/______  /         /______  /  /____/   /____/   /____/  
        \/                  \/                  \/     \/         \/       \/                 \/                             

         Citrix NetScaler Memory Leak PoC (CVE-2025-5777)
                     Author: 0xgh057r3c0n

[🔄] POST → http://192.168.1.1/p/u/doAuthentication.do → Status: 200
[✔️ ] Found InitialValue Memory Leak!
[🧠] Hex Dump:
------------------------------------------------------------------------
00000000: 73 65 63 72 65 74 3d 22 61 62 63 64 31 32 33 21   secret="abcd123!
00000010: 40 23 24 25 5e 26 2a 28 29 22 3c 2f 49 6e 69 74   @#$%^&*()"</Init
00000020: 69 61 6c 56 61 6c 75 65 3e                        ialValue>
------------------------------------------------------------------------

[✔️ ] Leak confirmed. Continuing extraction...
```

---

## ⚠️ Disclaimer

> This proof-of-concept is intended for **educational and authorized security testing only**.
> Unauthorized scanning or exploitation of systems you don't own is **illegal**.

---

文件快照


 [4.0K]  /data/pocs/b08fd0e7d99e44a00392593044a1412feb9d6172
├── [5.1K]  CVE-2025-5777.py
├── [2.1K]  CVE-2025-5777.yaml
├── [1.1K]  LICENSE
└── [3.0K]  README.md

0 directories, 4 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。