citrix-ioc-scanner-cve-2023-3519 icon indicating copy to clipboard operation
citrix-ioc-scanner-cve-2023-3519 copied to clipboard

Published 20 hours ago verified publisher icon mandiant

Add hash for found php shells

Open m-terlinde opened this issue 1 year ago • 0 comments

Dear team,

thanks for the awesome tool!

In most cases the ops team will run the script and simply paste the output to security teams. To get more context on the shells, it would be nice to have a file hash in the report.

I've skimmed through the code and found https://github.com/mandiant/citrix-ioc-scanner-cve-2023-3519/blob/903b4b0ecae8f68faaebfbed3e8361550c21aaf2/scanners/netscaler-content.sh#L79 but I haven't felt comfortable to edit this monster on my own.

Could you maybe consider adding the file hash to the report as well?

Cheers, Matthias

m-terlinde avatar Aug 24 '23 10:08 m-terlinde