Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/cephurs/wildcarded-citrix-2020
Wildcard certificates which were on vulnerable Citrix servers in 2020
https://github.com/cephurs/wildcarded-citrix-2020
Last synced: 3 months ago
JSON representation
Wildcard certificates which were on vulnerable Citrix servers in 2020
- Host: GitHub
- URL: https://github.com/cephurs/wildcarded-citrix-2020
- Owner: cephurs
- Created: 2020-02-03T17:39:04.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2020-01-26T20:45:34.000Z (almost 5 years ago)
- Last Synced: 2024-04-24T13:40:28.877Z (6 months ago)
- Homepage: https://www.bleepingcomputer.com/news/security/patching-the-citrix-adc-bug-doesnt-mean-you-werent-hacked/
- Size: 95.7 KB
- Stars: 3
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - cephurs/wildcarded-citrix-2020 - Wildcard certificates which were on vulnerable Citrix servers in 2020 (Others)
README
# Exposed wildcard certificates
Through four volunteers, the GDI Foundation scanned the internet for vulnerable Citrix devices and validated the results to remove false positives, sinkholes, and honeypots.More than 98,000 vulnerable Citrix endpoints were found and reported through the Dutch Institute for Vulnerability Disclosure [DIVD.nl](https://divd.nl) to companies and Internet Service Providers when the owner could not be determined.
Gevers told BleepingComputer that about 11,800 wildcard TLS certificates to validate multiple sub-domains were exposed at some point, and some of them still are.
If an attacker steals a wildcard certificate, they can build phishing sites that impersonate a reputable entity such as governments, hospitals, universities, or companies.
“So after patching these organizations need to have this certificates revoked and get new ones “ - Victor Gevers
DIVD issued an [alert on Wednesday](https://www.securitymeldpunt.nl/cases/202002-Wildcard-Certificaten-Citrix-ADC/) about the poor combination of wildcard certificates with the Citrix vulnerability.
This is the [full article](https://www.bleepingcomputer.com/news/security/patching-the-citrix-adc-bug-doesnt-mean-you-werent-hacked/) on Bleepingcomputer.
## Status
We are still retrieving and analyzing data of (previous) vulnerable Citrix servers and verifying if they have issued new cerificates.This is the list of exposed wildcard certificates. At this moment, we can't share the full data set because not all vulnerable servers are successfully patched and secured yet.
* [Exposed (13,869) wildcard certificates: Short list](https://github.com/cookiemonster/wildcarded-citrix-2020/blob/master/exposed_wildcards.txt) - ***not complete***