• Close
  • Back to search

    Citrix Access Gateway Command Execution

    The Citrix Access Gateway provides support for multiple authentication types. When utilizing the external legacy NTLM authentication module known as ntlm_authenticator the Access Gateway spawns the Samba 'samedit' command line utility to verify a user's identity and password. By embedding shell metacharacters in the web authentication form it is possible to execute arbitrary commands on the Access Gateway.

    Free Metasploit Download

    Get your copy of the world's leading penetration testing tool

     Download Now

    Module Name

    exploit/unix/webapp/citrix_access_gateway_exec

    Authors

    • George D. Gal
    • Erwin Paternotte

    References

    Targets

    • Automatic

    Platforms

    • unix

    Architectures

    • cmd

    Reliability

    Development

    Module Options

    To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

    msf > use exploit/unix/webapp/citrix_access_gateway_exec msf exploit(citrix_access_gateway_exec) > show targets ...targets... msf exploit(citrix_access_gateway_exec) > set TARGET <target-id> msf exploit(citrix_access_gateway_exec) > show options ...show and set options... msf exploit(citrix_access_gateway_exec) > exploit