CVE-2019-19781 PoC — Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞

Source

https://github.com/redscan/CVE-2019-19781

Associated Vulnerability

Title:Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞 (CVE-2019-19781)
Description:Citrix Systems NetScaler Gateway（Citrix Systems Gateway）和Citrix Application Delivery Controller（ADC）都是美国思杰系统（Citrix Systems）公司的产品。Citrix Systems NetScaler Gateway是一套安全的远程接入解决方案。该方案可为管理员提供应用级和数据级管控功能，以实现用户从任何地点远程访问应用和数据。Citrix Application Delivery Controll

Description

CVE-2019-19781 Attack Triage Script

Readme

# CVE-2019-19781
CVE-2019-19781 Attack Triage Script

The script can be run on your affected Citrix ADC devices to assist in determining if a compromise has occured. It will quicky capture any associated commands or files that were used as part of the attack (unless cleanup has occured):

$ ./CVE-2019-19781-Triage.sh

Disclaimer: Best efforts were made to test the script provided, however Redscan can not be held responsible for any impact caused to the appliance the script is ran on.

# Credits
Parts of this script were put together using content from posts authored by:

@x1sec
darkQuassar
@mpgn_x64
@ItsReallyNick
@msandbu

File Snapshot


 [4.0K]  /data/pocs/f3df3c3e81712969d46e7c82d73069cf6a2d6a8a
├── [2.1K]  CVE-2019-19781-Triage.sh
└── [ 632]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!