Penetration Testing mailing list archives
RE: Pen test, tcp/1404 found - advice needed
From: "DUBRAWSKY, IDO (CALLISMA)" <id3878 () sbc com>
Date: Fri, 16 Sep 2005 11:52:44 -0500
Just download the Citrix ICA client from Citrix's website: http://www.citrix.com/English/ss/downloads/downloads.asp?dID=2755 Typically you need a system username and password (on the target system not to download the Citrix client) to access the box. Once done, you're in. Also, I surmise that most people responded with the "nmap -sV" response based on your port number in the Subject header rather than the information in the body of the message. In the subject line you have tcp/1404 and not tcp/1494. Ido -- Ido Dubrawsky, CISSP Senior Security Consultant SBC/Callisma (571) 633-9500 (Office) (202) 213-9029 (Mobile)
-----Original Message----- From: Sekurity Wizard [mailto:s.wizard () boundariez com] Sent: Friday, September 16, 2005 8:34 AM To: Marc.Werner () t-systems com; pen-test () securityfocus com Subject: RE: Pen test, tcp/1404 found - advice needed Yes - guys - already tried -sV and other scan types, results were: "1494/tcp open citrix-ica Citrix Metaframe XP ICA" What I need now is some tricks to break Citrix Megaframe XP, which is the crux of the problem. Wiz -----Original Message----- From: Marc.Werner () t-systems com [mailto:Marc.Werner () t-systems com] Sent: Thursday, September 15, 2005 1:44 AM To: Sekurity Wizard; pen-test () securityfocus com Subject: AW: Pen test, tcp/1404 found - advice needed Hi Wiz, Have you already tried a nmap version scan on the port(nmap -sV)? Or you can try amap from THC (http://www.thc.org/). Good luck :-) Cheers Marc -----Ursprüngliche Nachricht----- Von: Sekurity Wizard [mailto:s.wizard () boundariez com] Gesendet: Dienstag, 13. September 2005 05:30 An: pen-test () securityfocus com Betreff: Pen test, tcp/1404 found - advice needed Hey folks, Found tcp/1494 open to a server during a pen test, black-box style. Are there any interesting tools that may be available to extract information from the server on the receiving end? Please reply to list, or offline to me if necessary. Cheers, Wiz -------------------------------------------------------------- ---------------- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------- ----------------- -------------------------------------------------------------- ---------------- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------- -----------------
------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: Pen test, tcp/1404 found - advice needed, (continued)
- Re: Pen test, tcp/1404 found - advice needed Luke Eckley (Sep 15)
- Re: Pen test, tcp/1404 found - advice needed Andre Ludwig (Sep 16)
- Re: Pen test, tcp/1404 found - advice needed Nicolas RUFF (Sep 16)
- Re: Pen test, tcp/1404 found - advice needed Andre Ludwig (Sep 16)
- Re: Pen test, tcp/1404 found - advice needed mike king (Sep 15)
- RE: Pen test, tcp/1404 found - advice needed Sekurity Wizard (Sep 16)
- RE: Pen test, tcp/1404 found - advice needed Sekurity Wizard (Sep 16)
- RE: Pen test, tcp/1404 found - advice needed DUBRAWSKY, IDO (CALLISMA) (Sep 16)
- FW: Pen test, tcp/1404 found - advice needed Craig Wright (Sep 16)
- RE: Pen test, tcp/1404 found - advice needed MacEwen, Jeffrey B. (Sep 16)
- RE: Pen test, tcp/1404 found - advice needed DUBRAWSKY, IDO (CALLISMA) (Sep 16)
- Re: Pen test, tcp/1404 found - advice needed Sekurity Shaman (Sep 16)
- RE: Pen test, tcp/1404 found - advice needed Craig Wright (Sep 18)
- Re: Pen test, tcp/1404 found - advice needed Luke Eckley (Sep 15)