Penetration Testing mailing list archives
Re: Citrix Remote Desktop
From: The Dead <th3d34d () gmail com>
Date: Wed, 2 Jun 2010 15:08:34 -0300
Thanks! I´ll read the docs and make more tests. On Wed, Jun 2, 2010 at 2:28 PM, <root () vulnerabilityassessment co uk> wrote:
Hi, nmap now has some nice scripts available for enumerating citrix, also check out: http://www.vulnerabilityassessment.co.uk/Citrix.html which may help, lots of links to tools, tutorials, references etc. educational paper available at: http://www.vulnerabilityassessment.co.uk/Independent_Study_Module.zip The nmap scripts replace some of the legacy tools that target TCP 1494 and UDP 1604 http://nmap.org/nsedoc/scripts/citrix-brute-xml.html http://nmap.org/nsedoc/scripts/citrix-enum-apps.html et al Hope this helps Rgds Kev -------------------------------------------------- From: "The Dead" <th3d34d () gmail com> Sent: Wednesday, June 02, 2010 2:26 PM To: <pen-test () securityfocus com> Subject: Citrix Remote DesktopHello guys! I'm manking a pen-testing from an external network to a target and I found a Citrix session (port 1494) opened. I have downloaded some tools that perform brute-force login and application enumeration. Is there something else that I can do about such enviroment? Thanks! ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Citrix Remote Desktop The Dead (Jun 02)
- Re: Citrix Remote Desktop Jonathan Cran (Jun 02)
- Re: Citrix Remote Desktop SD List (Jun 02)
- Message not available
- Re: Citrix Remote Desktop The Dead (Jun 02)
- RE: Citrix Remote Desktop Nicholas J. Fanelli (Jun 02)
- Message not available
- Re: Citrix Remote Desktop The Dead (Jun 02)
- Re: Citrix Remote Desktop Daniel Clemens (Jun 03)