CVE-2025-5777

This exploit targets a memory disclosure vulnerability in Citrix NetScaler ADC/Gateway 14.1 (CVE-2025-5777) by sending a crafted POST request to '/p/u/doAuthentication.do' and extracting sensitive data from the response. The exploit captures and displays leaked memory content in hexadecimal format.

This repository contains a functional proof-of-concept exploit for CVE-2025-5777, a memory leak vulnerability in Citrix NetScaler appliances. The exploit sends malformed POST requests to leak uninitialized memory content, which may include sensitive data like session tokens or credentials.

This repository contains a functional proof-of-concept exploit for CVE-2025-5777, a memory leak vulnerability in Citrix NetScaler ADC/Gateway devices. The exploit sends malformed authentication requests to trigger memory disclosure, parsing leaked content from XML responses.

This repository contains a proof-of-concept exploit for CVE-2025-5777, an out-of-bounds memory read vulnerability in Citrix NetScaler ADC/Gateway. The exploit leverages an overly long Host header to trigger memory leakage, potentially exposing session cookies and other sensitive data.

This repository contains a mass-scanner for CVE-2025-5777 (CitrixBleed 2), designed to detect vulnerable Citrix systems by sending multiple POST requests and analyzing responses for specific hex patterns indicative of session token leaks. It uses GNU parallel for concurrent scanning and includes optional OpenSSL configuration tweaks for compatibility.

This repository contains a Python-based exploit for CVE-2025-5777, targeting Citrix NetScaler VPN to extract sensitive tokens, internal IPs, and hidden endpoint paths. The tool uses asynchronous requests to scan and analyze vulnerable endpoints.

This exploit PoC targets CVE-2025-5777, a memory disclosure vulnerability in Citrix NetScaler Gateway & AAA Virtual Server. It leverages insufficient input validation and TOCTOU race conditions to scrape variables in memory, potentially leading to session cookie leakage.

This repository contains a working PoC for CVE-2025-5777, an authentication bypass and RCE vulnerability in Trend Micro Apex Central. The exploit sends a crafted HTTP request to execute arbitrary commands with SYSTEM/root privileges.

This repository contains a functional PoC scanner for CVE-2025-5777, a memory disclosure vulnerability in Citrix NetScaler ADC and Gateway. The script sends crafted HTTP POST requests to trigger memory leaks and extracts sensitive data such as session cookies, tokens, and passwords.

This repository contains a functional PoC for CVE-2025-5777, a critical memory leak vulnerability in Citrix NetScaler ADC and Gateway. The script scans targets, extracts sensitive data like session cookies, and logs findings for analysis.

This repository contains a proof-of-concept exploit for CVE-2025-5777, targeting Citrix ADC/Gateway. The scripts include a checker to identify vulnerable hosts and a PoC to dump memory contents, leveraging an authentication bypass vulnerability.

This repository contains a proof-of-concept exploit for CVE-2025-5777, an unauthenticated out-of-bounds read vulnerability in Citrix NetScaler ADC/Gateway. The exploit sends a minimal authentication request to extract memory contents between specific XML tags, potentially leaking session tokens.

The repository contains a functional exploit for CVE-2025-5777, a memory disclosure vulnerability in Citrix NetScaler ADC/Gateway. The Python script sends crafted HTTP requests to leak sensitive memory contents, similar to the original CitrixBleed vulnerability.

The repository contains a functional Python script that exploits CVE-2025-5777, a memory disclosure vulnerability in Citrix NetScaler ADC/Gateway. The exploit sends crafted HTTP requests to leak sensitive memory contents, including session tokens and authentication cookies.

The repository contains a functional Python script that exploits CVE-2025-5777, a memory disclosure vulnerability in Citrix NetScaler ADC/Gateway. The exploit sends crafted HTTP requests to leak sensitive memory contents, including session tokens and authentication cookies.

This PowerShell script exploits CVE-2025-5777 by sending crafted POST requests to a vulnerable endpoint to leak sensitive data. It iteratively extracts and saves leaked content to a file, displaying progress in real-time.

This repository contains a functional exploit for CVE-2025-5777, a memory leak vulnerability in Citrix NetScaler appliances. The exploit sends malformed POST requests to leak uninitialized memory content, which may include session tokens, credentials, and other sensitive data.

The repository contains a functional Python-based PoC for CVE-2025-5777, a memory leak vulnerability in Citrix NetScaler. The exploit sends crafted POST requests to extract sensitive memory contents via the <InitialValue> tag, demonstrating the vulnerability effectively.

The repository contains only a placeholder README for CVE-2025-5777, labeled as 'CitrixBleed 2.0,' with no actual exploit code or technical details. It appears to be an early or incomplete placeholder for future content.

This PoC exploits a memory leak vulnerability in Citrix NetScaler by sending POST requests to '/p/u/doAuthentication.do' and extracting sensitive data from the response. It uses asyncio for concurrent requests and checks for the presence of an 'InitialValue' tag in the response.

This is a functional PoC for CVE-2025-5777, a memory leak vulnerability in Citrix NetScaler. It sends multiple POST requests to `/p/u/doAuthentication.do` to extract memory contents via the `<InitialValue>` tag.

This repository appears to be a writeup or documentation related to honeypot logs for CVE-2025-5777, which is associated with CitrixBleed 2 NetScaler. It does not contain exploit code or technical details of the vulnerability.

This PoC exploits an information leak vulnerability in Citrix Gateway by sending a crafted POST request to '/p/u/doAuthentication.do' and extracting sensitive data from the 'InitialValue' field in the XML response. It also attempts to trigger additional responses by sending 20 follow-up requests.

This is a functional proof-of-concept exploit for CVE-2025-5777, a memory leak vulnerability in Citrix NetScaler ADC/Gateway appliances. It leverages asynchronous HTTP requests to trigger and extract sensitive memory fragments via the `/p/u/doAuthentication.do` endpoint.

This PoC exploits CVE-2025-5777, an OOB read vulnerability in Citrix Gateway's login process, to leak memory data. It uses multi-threaded requests to extract sensitive information like cookies or credentials.

This repository contains a PoC scanner for CVE-2025-5777, a hypothetical vulnerability in Citrix ADC devices. The scanner sends oversized requests to detect memory leaks and extracts sensitive information using entropy analysis and regex patterns.