CVE-2019-19781 PoC — Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞

Source

https://github.com/zenturacp/cve-2019-19781-web

Associated Vulnerability

Title:Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞 (CVE-2019-19781)
Description:Citrix Systems NetScaler Gateway（Citrix Systems Gateway）和Citrix Application Delivery Controller（ADC）都是美国思杰系统（Citrix Systems）公司的产品。Citrix Systems NetScaler Gateway是一套安全的远程接入解决方案。该方案可为管理员提供应用级和数据级管控功能，以实现用户从任何地点远程访问应用和数据。Citrix Application Delivery Controll

Readme

# CVE-2019-19781 

To use this scanner goto https://cve-2019-19781.azurewebsites.net

## Features

- Scan for IPs/Hostnames that are exposted to CVE 2019 19781
- Scan offline database for leaked wildcard certificates

## Credits

This project is based on this project:

Citrixmash v0.1 - Exploits the Citrix Directory Traversal Bug: CVE-2019-19781

Tool Written by: Rob Simon and Dave Kennedy  
Contributions: The TrustedSec Team  
Website: https://www.trustedsec.com

File Snapshot


 [4.0K]  /data/pocs/f80b54b597d004f0ffd0f78765d85509314f6da5
├── [ 135]  custom-entrypoint.sh
├── [ 415]  Dockerfile
├── [1.7K]  LICENSE.txt
├── [4.0K]  php
│   ├── [979K]  database.json
│   ├── [2.9K]  index.php
│   ├── [2.9K]  scan.php
│   ├── [ 998]  stat.php
│   └── [2.4K]  wildcard.php
├── [4.0K]  python
│   ├── [ 10K]  citrixmash.py
│   └── [5.9K]  cve-2019-19781_scanner.py
├── [ 467]  README.md
└── [  31]  requirements.txt

2 directories, 12 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!