Penetration Testing mailing list archives
Re: Pen test, tcp/1404 found - advice needed
From: Sekurity Shaman <sekurityshaman () yahoo com>
Date: Fri, 16 Sep 2005 11:04:11 -0700 (PDT)
Hailing from the bustling halls of Valhalla i present ye with the following. Please note the orginal Wizard who created these magical spells to be cast upon those that are seen fit to taste their wrath. http://www.cqure.net/tools/citrix_pa.zip - Location of said spells <start of copy and paste spell> Unix tools contain citrix-pa-scan.pl and citrix-pa-proxy.pl. These tools uses blocking sockets with alarm so they will probably fail in a win32 environment. Win32 tools contain pas.pl. Citrix-pa-scan ============== This tool should be used to enumerate Citrix published applications. Usage: citrix-pa-scan.pl {IP | file | - | random } [timeout] where IP is one IP or file is a one file containing a list with IP or - is to read IP from standard input or random to read IP from /dev/urandom. timeout is the timeout in seconds. The output if in the following format: SCANNED IP1|MASTER BROWSER IP1|NO PROXY?|Application1;Application2 SCANNED IP2|MASTER BROWSER IP2|NO PROXY?|Application3;Application4 If the output is redirected to a file called pas.wri it could be supplied to pas.pl. Citrix-pa-proxy =============== This tool should be used to enumerate and connect to a published application with the Citrix client when the master browser is non-public. Usage: citrix-pa-proxy.pl IP_to_proxy_to [Local_IP] Where IP_to_proxy_to is the remote Citrix server. Local_IP is default 127.0.0.1. Change it to the local IP when running the proxy on a remote host (When running the Citrix client on one host and the proxy on another). Pas === This tool should be used to connect to the applications reported by citrix-pa-scan.pl. pas.pl requires the output from citrix-pa-scan.pl to be called pas.wri. pas.pl asks how the connection went and writes the output to pas_results.wri. To enable 128 bit encryption add following row under the Published Application section in the template.ica file: EncryptionLevelSession=EncRC5-128 INFO ==== download my Defcon presentation here citrix-pa-scan.pl, citrix-pa-proxy.pl and pas.pl is written by Ian Vitek. ian.vitek () ixsecurity com <end of copy and paste spell> If those spells do not cast properly, you may be forced to consult an oracle on citrix. http://www.google.com/intl/xx-hacker/ http://sh0dan.org/files/hackingcitrix.txt I will no doubt see you at Ragnarok!! May Odin be with you in all your journeys! __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: Pen test, tcp/1404 found - advice needed, (continued)
- Re: Pen test, tcp/1404 found - advice needed Andre Ludwig (Sep 16)
- Re: Pen test, tcp/1404 found - advice needed Nicolas RUFF (Sep 16)
- Re: Pen test, tcp/1404 found - advice needed Andre Ludwig (Sep 16)
- Re: Pen test, tcp/1404 found - advice needed mike king (Sep 15)
- RE: Pen test, tcp/1404 found - advice needed Sekurity Wizard (Sep 16)
- RE: Pen test, tcp/1404 found - advice needed Sekurity Wizard (Sep 16)
- RE: Pen test, tcp/1404 found - advice needed DUBRAWSKY, IDO (CALLISMA) (Sep 16)
- FW: Pen test, tcp/1404 found - advice needed Craig Wright (Sep 16)
- RE: Pen test, tcp/1404 found - advice needed MacEwen, Jeffrey B. (Sep 16)
- RE: Pen test, tcp/1404 found - advice needed DUBRAWSKY, IDO (CALLISMA) (Sep 16)
- Re: Pen test, tcp/1404 found - advice needed Sekurity Shaman (Sep 16)
- RE: Pen test, tcp/1404 found - advice needed Craig Wright (Sep 18)