citrix 脚本使用

最新推荐文章于 2024-05-27 10:35:55 发布

wem520

最新推荐文章于 2024-05-27 10:35:55 发布

阅读量582

点赞数

文章标签： citrix

本文链接：https://blog.csdn.net/wem520/article/details/127431822

版权

1. Get initial logon cookies
$curlPath = "C:\cURL"
$outputFile = "$curlPath\Login.txt"
$cookieJar = "$curlPath\cookie.txt"
$icaProg = "C:\Program Files (x86)\Citrix\ICA Client\wfica32.exe"
$deliveryGroupName = "SysAdmin As A Service Desktop"
$username = "user@saaas.com"
$password = "MyPassword"

$step = 1

.\curl.exe --cookie-jar $cookieJar --output "$($curlPath)\OUTPUT1.txt" --data "login=$($username)&passwd=$($password)" --header 'Accept: text/html, application/xhtml+xml, image/jxr, */*' --header 'Referer: https://desktop.saaas.com/vpn/index.html' "https://desktop.saaas.com/cgi/login"
2. /home/configuration - Get CSRF Token & ASP Session ID
$step = 2
.\curl.exe --request POST --location --cookie-jar $cookieJar --cookie $cookieJar --output "$($curlPath)\OUTPUT2.txt" --dump-header "$($curlPath)\CSRF-Token.txt" --cacert "$($curlPath)\curl-ca-bundle.crt" --header 'Accept: application/xml, text/xml, */*; q=0.01' --header 'Content-Length: 0' --header 'X-Citrix-IsUsingHTTPS: Yes' --header 'Referer: https://desktop.saaas.com/Citrix/StoreWeb/' "https://desktop.saaas.com/Citrix/StoreWeb/Home/Configuration"
3. Find CSRF Token
$step = 3

$headers = Get-Content "$($curlPath)\CSRF-Token.txt" | Select-String "Set-Cookie: CsrfToken=" $csrfToken = ($headers -split "=" -split ";")[1]
echo ($csrfToken)
3a. Storefront GetAuthMethods - must do this before login
.\curl.exe --request POST --cookie-jar $cookieJar --cookie $cookieJar --output "$($curlPath)\OUTPUT3.txt" --header 'Accept: application/xml, text/xml, */*; q=0.01' --header "Csrf-Token: $($csrfToken)" --header 'X-Citrix-IsUsingHTTPS: Yes' --header 'Referer: https://desktop.saaas.com/Citrix/StoreWeb/' --header 'Content-Length: 0' "https://desktop.saaas.com/Citrix/StoreWeb/Authentication/GetAuthMethods"
4. Storefront login
$step = 4

.\curl.exe --request POST --cookie-jar $cookieJar --cookie $cookieJar --header 'Accept: application/xml, text/xml, */*; q=0.01' --header "Csrf-Token: $($csrfToken)" --header 'X-Citrix-IsUsingHTTPS: Yes' --header 'Referer: https://desktop.saaas.com/Citrix/StoreWeb/' --header 'Content-Length: 0' "https://desktop.saaas.com/Citrix/StoreWeb/GatewayAuth/Login"
5. List resources
$step = 5

.\curl.exe --request POST --cookie-jar $cookieJar --cookie $cookieJar --output "$($curlPath)\Resources.json" --header 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' --header 'Accept: application/json, text/javascript, */*; q=0.01' --header "Csrf-Token: $($csrfToken)" --header 'X-Citrix-IsUsingHTTPS: Yes' --header 'Referer: https://desktop.saaas.com/Citrix/StoreWeb/' --data "format=json&resourceDetails=Default" "https://desktop.saaas.com/Citrix/StoreWeb/Resources/List"

$j = (Get-Content "$curlPath\Resources.json" -Raw) | ConvertFrom-Json $desktopDeliveryGroup = $j.resources | where {$\_.name -eq "Sysadmin As A Service Desktop"}
6. Launch URL
$step = 6

.\curl.exe --request GET --cookie-jar $cookieJar --cookie $cookieJar --output "$($curlPath)\launch.ica" "https://desktop.saaas.com/Citrix/StoreWeb/Resources/LaunchIca/$($desktopDeliveryGroup.id).ica?CsrfToken=$($csrfToken)&IsUsingHttps=Yes"
7. Launch Desktop
$step = 7

Start-Process "$($curlPath)\launch.ica"
Ok, now let's break it down into steps.

Step 1: Login to Netscaler Gateway

This is pretty straightforward - just pass the username & password in the data portion of cURL, and store the cookie in a file.

.\curl.exe --location --cookie-jar $cookieJar --output "$($curlPath)\OUTPUT1.txt" --data "login=$($username)&passwd=$($password)" --header 'Accept: text/html, application/xhtml+xml, image/jxr, */*' --header 'Referer: https://desktop.saaas.com/vpn/index.html' "https://desktop.saaas.com/cgi/login"

Step 2: Get CSRF Token & ASP.NET session ID

This step is pretty important - it's the first call to our Storefront server, and when we get the CSRF token and ASP.NET session ID. Without these passed into every subsequent call to Storefront, you'll get a 403 Forbidden response.

<div>.\curl.exe --request POST --location --cookie-jar $cookieJar --cookie $cookieJar --output "$($curlPath)\OUTPUT2.txt" --dump-header "$($curlPath)\CSRF-Token.txt" --cacert "$($curlPath)\curl-ca-bundle.crt" --header 'Accept: application/xml, text/xml, */*; q=0.01' --header 'Content-Length: 0' --header 'X-Citrix-IsUsingHTTPS: Yes' --header 'Referer: https://desktop.saaas.com/Citrix/StoreWeb/' "https://desktop.saaas.com/Citrix/StoreWeb/Home/Configuration"

Step 3: Store the CSRF token in a new variable

This takes the response from Step 2 and stores the CSRF token in a new variable.

$headers = Get-Content "$($curlPath)\CSRF-Token.txt" | Select-String "Set-Cookie: CsrfToken=" $csrfToken = ($headers -split "=" -split ";")\[1\] #echo ($csrfToken)

Step 3b: Get Authentication Methods from Storefront

Although we know what Authentication method we want to use to log into the Storefront (passthrough from Netscaler Gateway), we still need to initiate GetAuthMethods before Storefront will be ready for us to send a login request.

.\curl.exe --request POST --cookie-jar $cookieJar --cookie $cookieJar --output "$($curlPath)\OUTPUT3.txt" --header 'Accept: application/xml, text/xml, */*; q=0.01' --header "Csrf-Token: $($csrfToken)" --header 'X-Citrix-IsUsingHTTPS: Yes' --header 'Referer: https://desktop.saaas.com/Citrix/StoreWeb/' --header 'Content-Length: 0' "https://desktop.saaas.com/Citrix/StoreWeb/Authentication/GetAuthMethods"

Step 4: Login to Storefront

Finally, we can login to the Storefront by passing our cookie with our NSC_AAAC token to the Storefront server.

Step 5: List Resources

Now, we request a list of all available resources (Delivery Groups & Published Apps) from the Storefront server. We'll get back a JSON file with names, IDs and launch URLs. Then, we parse the output to select the resource name of our chosen Delivery Group.

$j = (Get-Content "$curlPath\Resources.json" -Raw) | ConvertFrom-Json $desktopDeliveryGroup = $j.resources | where {$\_.name -eq $deliveryGroupName}

Step 6: Get Launch.ica file

This is where we request the ICA file of our chosen Delivery Group and save the output as launch.ica

Step 7: Launch!

Finally, we launch Citrix using wfica32.exe and our launch.ica file

Start-Process "$($curlPath)\launch.ica"

Congratulations! You have now logged into & launched a Citrix session using the Storefront API.

For full details on the API documentation - see Citrix SDK Page - you will need a Citrix login to access this :)