CVE-2023-4966

This repository contains a functional Python exploit for CVE-2023-4966, a memory leak vulnerability in Citrix ADC instances. The exploit sends a crafted HTTP request with a long 'Host' header to trigger a memory dump, then extracts and validates session tokens from the response.

This repository contains a functional Python script that exploits CVE-2023-4966 (Citrix Bleed) to leak session tokens by sending a crafted HTTP request with an oversized Host header. The script supports both single-target and multi-target scanning via a file input.

This repository contains a functional exploit script for CVE-2023-4966, a Citrix Bleed information disclosure vulnerability. The script sends a crafted HTTP request with a long 'Host' header to dump memory contents from vulnerable Citrix Gateway instances.

This repository contains a functional Python exploit for CVE-2023-4966, a critical vulnerability in Citrix ADC/NetScaler Gateways that allows unauthenticated attackers to leak session tokens via memory dumping. The exploit sends a crafted HTTP request with an oversized 'Host' header to trigger the vulnerability and extracts valid session tokens from the response.

This repository contains a Perl script designed to parse Citrix NetScaler logs for signs of CVE-2023-4966 exploitation by detecting anomalous session reconnects. It does not exploit the vulnerability but scans logs for indicators of compromise.

This repository contains a functional C program demonstrating the buffer overread vulnerability (CVE-2023-4966) in Citrix systems. It simulates how `snprintf` truncation can lead to memory overreads, exposing sensitive data.

The repository contains functional exploit code for CVE-2023-4966, targeting Citrix Gateway. The exploit is written in Python and demonstrates an information disclosure vulnerability. The repository also includes YAML templates for Nuclei scanning and README files with technical details for multiple CVEs.

This repository contains a functional Python script that exploits CVE-2023-4966, a vulnerability in Citrix Gateway or ADC. The exploit sends a crafted HTTP request with an oversized 'Host' header to trigger an information leak via the '/oauth/idp/.well-known/openid-configuration' endpoint.

This repository provides a detailed threat intelligence analysis of the LockBit ransomware attack exploiting CVE-2023-4966 (Citrix Bleed). It covers the attack lifecycle, MITRE ATT&CK mapping, and defensive recommendations but does not include functional exploit code.

The repository contains PowerShell scripts designed to detect potential exploitation of CVE-2023-4966 by analyzing Citrix VDA registry entries and NetScaler logs for suspicious activity, such as mismatched client IP addresses. It does not include exploit code but provides forensic tools for post-compromise analysis.

The repository contains a Go-based tool that scans a range of IP addresses for Citrix Bleed (CVE-2023-4966) by checking for vulnerable endpoints and extracting sensitive information from responses. It does not include exploit code for achieving remote code execution but detects potential vulnerabilities.

This repository contains a functional exploit for CVE-2023-4966, targeting Citrix ADC/Gateway. The exploit includes methods to check for vulnerability, curl a URL with formatted XML response, and dump memory by manipulating the Host header to trigger a buffer overflow.

This repository contains a functional Python script that exploits CVE-2023-4966, a memory leak vulnerability in NetScaler ADC and Gateway. The script sends a crafted HTTP request to trigger sensitive information disclosure, including session tokens.

The repository contains an empty exploit.py file with no functional code or technical details. No exploit logic, payload, or vulnerability analysis is present.

This repository contains a Python script that scans Citrix NetScaler logs for indicators of compromise (IoCs) related to CVE-2023-4966 exploitation. It does not exploit the vulnerability but detects potential exploitation attempts by analyzing log patterns.

The repository contains functional exploit code for CVE-2023-4966, targeting Citrix NetScaler. The exploit leverages a deserialization vulnerability to achieve remote code execution (RCE). The provided Python script constructs a malicious payload and sends it to the target system to execute arbitrary commands.

This repository contains a functional exploit PoC for CVE-2023-4966, targeting Citrix NetScaler ADC and Gateway. The code includes a modular framework for vulnerability scanning, directory mapping, and exploitation, with specific modules for CVE-2023-4966 and other vulnerabilities.

This Metasploit module scans for CVE-2023-4966 (Citrix Bleed), a vulnerability in Citrix ADC (NetScaler) that allows unauthenticated memory leakage. It checks for leaked session cookies and attempts to validate them by querying the target for associated usernames.