Created
August 13, 2019 09:04
-
-
Save rxwx/d07495f790d62029b12065c38ac2a86a to your computer and use it in GitHub Desktop.
Pulse Secure Version Scanner
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| import re | |
| HEADERS = {"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:67.0) Gecko/20100101 Firefox/67.0"} | |
| if len(sys.argv) != 2: | |
| print " Usage: python pulseversion.py <target ip/domain>" | |
| sys.exit(1) | |
| r = requests.get("https://%s/dana-na/nc/nc_gina_ver.txt" % sys.argv[1], verify=False, allow_redirects=False) | |
| if r.status_code != 200: | |
| print "[!] Couldn't find target file" | |
| sys.exit(1) | |
| reg = re.compile(r'<PARAM NAME="ProductVersion" VALUE="([\d.]*?)"') | |
| result = reg.search(r.text) | |
| if result: | |
| print "[+] %s, version: %s" % (sys.argv[1], result.group(1)) | |
| else: | |
| print "[!] Unable to detect version" |
Thanks a lot, awesome work!
- For a faster check
# Pulse secure version <= R8
curl -k https://IP/dana-na/nc/nc_gina_ver.txt | grep '<PARAM NAME="ProductVersion" VALUE="'
# Pulse secure version > R8 (R9 >>)
curl -k https://IP/dana-cached/hc/HostCheckerInstaller.osx -o version && strings version | grep '<string>'
Very useful, thanks!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@sei-vsarvepalli you're the man!
For anyone else who wants to do a quick/simple/dirty manual check