Skip to content

onSec-fr/CVE-2019-19781-Forensic

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 

Repository files navigation

CVE-2019-19781-Forensic

Note : My advice is now to use the official tool published by fireeye & citrix : https://github.com/fireeye/ioc-scanner-CVE-2019-19781

This little script was created to help security analyst to discover traces of successful CVE-2019-19781 exploits on their systems.

Feel free to fork and improve ! You can find an example of output on a compromised system : output_demo.txt.

Usage

1- Login on your Citrix Gateway with nsroot (or other high privileged account).

2- Download the script : curl -o CVE-2019-19781-Forensic.sh https://raw.githubusercontent.com/onSec-fr/CVE-2019-19781-Forensic/master/script.sh

3- Make it executable : chmod +x CVE-2019-19781-Forensic.sh

4- Specify an output filename : ./CVE-2019-19781-Forensic.sh <output>

5- Done !

About

Automated forensic script hunting for cve-2019-19781

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages