Penetration Testing mailing list archives
Re: Pentesting a Citrix Network
From: "DrobyX" <droby10 () onebox com>
Date: Tue, 05 Mar 2002 11:53:03 -0600
---- Franklin DeMatto <franklin.lists () qDefense com> wrote:
They also listen on the 1494 port (which is designated for citrix) I was unable to get it to respond to any HTTP request, by hand or with a browser....
the ica protocol is not human-language based, so you'll be hard-pressed to get anything out of it with http commands. it uses (if unspecified at install) the system-default encryption level - which is typically 56-bit on freshly staged machines. for the most part, the protocol itself is fairly secure, maybe you should try another route? more recently it's come to focus that the client-side is somewhat vulnerable. you've already identified a web-service. considering it's used to distribute an ica configuration to the citrix client, what routes are available through compromising it. have you looked at the ica(err. ini file)-file? it's plain-text. does it allow for other types of attacks/manipulations (ie. hostname/ip => dns poisoning/route modifications). for what it's worth, here's a somewhat-outdated link with some information on a few citrix command-line utilities used for querying against a master browser. http://lists.insecure.org/pen-test/2000/Oct/0141.html
Franklin DeMatto Senior Analyst, qDefense Penetration Testing http://qDefense.com qDefense: Making Security Accessible ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Pentesting a Citrix Network Franklin DeMatto (Mar 04)
- Re: Pentesting a Citrix Network Erlend J. Leiknes (Mar 05)
- RE: Pentesting a Citrix Network Greg (Mar 05)
- <Possible follow-ups>
- Re: Pentesting a Citrix Network DrobyX (Mar 05)
- Re: Pentesting a Citrix Network Erlend J. Leiknes (Mar 05)