citrix.nasl

来自「漏洞扫描源码,可以扫描linux,windows,交换机路由器」· NASL 代码 · 共 78 行

NASL

78 行

# This script was written by John Lampe ... j_lampe@bellsouth.net## Script is based on # Citrix Published Application Scanner version 2.0# By Ian Vitek, ian.vitek@ixsecurity.com## See the Nessus Scripts License for details#if(description){ script_id(11138); script_bugtraq_id(5817); script_version ("$Revision: 38 $"); name["english"] = "Citrix published applications"; script_name(english:name["english"]); desc["english"] = "Attempt to enumerate Citrix published Applications  Risk factor : Medium"; script_description(english:desc["english"]); summary["english"] = "Find Citrix published applications"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2002 John Lampe...j_lampe@bellsouth.net"); family["english"] = "Misc."; script_family(english:family["english"]); exit(0);}#script code starts hereport = 1604;trickmaster =               raw_string(0x20,0x00,0x01,0x30,0x02,0xFD,0xA8,0xE3);trickmaster = trickmaster + raw_string(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);trickmaster = trickmaster + raw_string(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);trickmaster = trickmaster + raw_string(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);get_pa =          raw_string(0x2A,0x00,0x01,0x32,0x02,0xFD);get_pa = get_pa + raw_string(0xa8,0xe3,0x00,0x00,0x00,0x00);get_pa = get_pa + raw_string(0x00,0x00,0x00,0x00,0x00,0x00);get_pa = get_pa + raw_string(0x00,0x00,0x00,0x00,0x00,0x00);get_pa = get_pa + raw_string(0x00,0x00,0x00,0x00,0x21,0x00);get_pa = get_pa + raw_string(0x02,0x00,0x00,0x00,0x00,0x00);get_pa = get_pa + raw_string(0x00,0x00,0x00,0x00,0x00,0x00);if(!get_udp_port_state(port))exit(0);soc = open_sock_udp(port);if (soc) {    send (socket:soc, data:trickmaster);    incoming = recv(socket:soc, length:1024);    close(soc);    if (incoming) {	soc = open_sock_udp(port);        send(socket:soc, data:get_pa);	incoming = recv(socket:soc, length:1024);	if(incoming) {	    mywarning = string("The Citrix server is configured in a way which may allow an external attacker\n");	    mywarning = string(mywarning, "to enumerate remote services.\n\n");	    mywarning = string(mywarning, "Risk factor: Medium\n");	    mywarning = string(mywarning, "Solution: see http://sh0dan.org/files/hackingcitrix.txt for more info");	    security_warning(port:port, data:mywarning, proto:"udp");	}    }}

citrix.nasl - 源码说明

本页面展示了「漏洞扫描源码,可以扫描linux,windows,交换机路由器」中的 citrix.nasl 源码文件，采用 NASL 编程语言编写，共 78 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫开发者社区收录了大量与漏洞扫描相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C

搜索代码Ctrl + F

全屏模式F11

增大字号Ctrl + =

减小字号Ctrl + -

显示快捷键?