Giters

mlynchcogent / CVE-2023-4966-POC

Proof Of Concept for te NetScaler Vuln

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE-2023-4966-POC

Proof Of Concept for NetScaler CVE-2023-4966 Vulnerability

Description

This Python script exploits CVE-2023-4966, a critical vulnerability in Citrix ADC instances that allows unauthenticated attackers to leak session tokens. The vulnerability is assigned a CVSS score of 9.4 and is remotely exploitable without user interaction. Citrix NetScaler appliances configured as Gateways (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual servers are vulnerable to this attack.

Usage

$ OPENSSL_CONF=./openssl.cnf python3.10 exploit.py -h

Options

  • -u URL, --url URL Specify the Citrix ADC / Gateway target (e.g., https://192.168.1.200).
  • -f FILE, --file FILE Provide a file containing a list of target URLs (one URL per line).
  • -o OUTPUT, --output OUTPUT Specify the file to save the output results.
  • -v, --verbose Enable verbose mode.
  • --only-valid Only show results with valid session tokens.

How to use

For a single target:

  • $ OPENSSL_CONF=./openssl.cnf python3.10 exploit.py -u https://target.example.com

For multiple targets listed in a file:

  • $ OPENSSL_CONF=./openssl.cnf python3.10 exploit.py -f targets.txt --only-valid

Disclaimer

This script is provided for educational and research purposes only. Use it responsibly and only on systems you have permission to test.

Reference

Senpaisamp, Italy

About

Proof Of Concept for te NetScaler Vuln

License:GNU General Public License v3.0

Languages

Language:Python 100.0%