Pulse Secure Version Scanner
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| import re | |
| HEADERS = {"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:67.0) Gecko/20100101 Firefox/67.0"} | |
| if len(sys.argv) != 2: | |
| print " Usage: python pulseversion.py <target ip/domain>" | |
| sys.exit(1) | |
| r = requests.get("https://%s/dana-na/nc/nc_gina_ver.txt" % sys.argv[1], verify=False, allow_redirects=False) | |
| if r.status_code != 200: | |
| print "[!] Couldn't find target file" | |
| sys.exit(1) | |
| reg = re.compile(r'<PARAM NAME="ProductVersion" VALUE="([\d.]*?)"') | |
| result = reg.search(r.text) | |
| if result: | |
| print "[+] %s, version: %s" % (sys.argv[1], result.group(1)) | |
| else: | |
| print "[!] Unable to detect version" |
Thanks a lot, awesome work!
- For a faster check
# Pulse secure version <= R8
curl -k https://IP/dana-na/nc/nc_gina_ver.txt | grep '<PARAM NAME="ProductVersion" VALUE="'
# Pulse secure version > R8 (R9 >>)
curl -k https://IP/dana-cached/hc/HostCheckerInstaller.osx -o version && strings version | grep '<string>'
Very useful, thanks!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@sei-vsarvepalli you're the man!
For anyone else who wants to do a quick/simple/dirty manual check