GitHub - projectzeroindia/CVE-2019-11510: Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)
2019-08-22 19:35:01 Author: github.com(查看原文) 阅读量:451 收藏

Join GitHub today

GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.

Sign up

Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)

You can use a single domain, either a list of domains. You must include https:// in front of the domain.

Usage : cat targetlist.txt | bash CVE-2019-11510.sh / bash CVE-2019-11510.sh -d https://vpn.target.com/

If you want to just verify the exploit and download /etc/passwd then use :

cat targetlist.txt | bash CVE-2019-11510.sh --only-etc-passwd

bash CVE-2019-11510.sh -d https://vpn.target.com/ --only-etc-passwd

Output will be saved inside output/vpn.target.com/

Demo :

CVE-2019-11510.sh demo

Reference/Credits

https://www.blackhat.com/us-19/briefings/schedule/index.html#infiltrating-corporate-intranet-like-nsa---pre-auth-rce-on-leading-ssl-vpns-15545

https://blog.orange.tw/2019/08/attacking-ssl-vpn-part-2-breaking-the-fortigate-ssl-vpn.html

https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf


文章来源: https://github.com/projectzeroindia/CVE-2019-11510
如有侵权请联系:admin#unsafe.sh