19/01/2024 ***** Update ******* Updated with the latest info based on Assetnote's blog. Now three checks are executed before a status is shown, this also to better detect older versions of Avanti
Blogs with analysis of the CVE: https://attackerkb.com/topics/AdUh6by52K/cve-2023-46805/rapid7-analysis https://www.assetnote.io/resources/research/high-signal-detection-and-exploitation-of-ivantis-pulse-connect-secure-auth-bypass-rce
Simple scanner for scanning a list of ip-addresses for vulnerable Ivanti Pulse Secure devices
- Scan a service like Shodan or Censys for the relevant devices and create a list of ip_adresses.
- Save them to "ip_list.txt" and in the same folder as this script
- run the script and it will show output to screen and save to a csv file once finished