π [ securekomodo, Bryan Smith ]
Here is my python-based scanner to find #Citrix RCE. Leverages several fingerprinting techniques to accurately identify a remote Citrix servers version and detect if vulnerable to CVE-2023-3467. This is not an exploit PoC. Happy #bugbounty hunting :)
π https://github.com/securekomodo/citrixInspector/
π₯ [ tweet ]
Here is my python-based scanner to find #Citrix RCE. Leverages several fingerprinting techniques to accurately identify a remote Citrix servers version and detect if vulnerable to CVE-2023-3467. This is not an exploit PoC. Happy #bugbounty hunting :)
π https://github.com/securekomodo/citrixInspector/
π₯ [ tweet ]
π4
This media is not supported in your browser
VIEW IN TELEGRAM
π [ bishopfox, Bishop Fox ]
We just published a detailed analysis of #CVE-2023-3519, which we previously wrote about. Today, weβre going even further into how this #RCE vulnerability can be exploited.
Our team created a #python script for generating shellcode given the fixup address and callback URL by calling nasm from Python. The final #exploit with addresses for VPX version 13.1-48.47 is available on our #GitHub.
π bfx.social/3YjMxpz
#infosec #Citrix
π₯ [ tweet ]
We just published a detailed analysis of #CVE-2023-3519, which we previously wrote about. Today, weβre going even further into how this #RCE vulnerability can be exploited.
Our team created a #python script for generating shellcode given the fixup address and callback URL by calling nasm from Python. The final #exploit with addresses for VPX version 13.1-48.47 is available on our #GitHub.
π bfx.social/3YjMxpz
#infosec #Citrix
π₯ [ tweet ]
π₯4