Penetration Testing mailing list archives
Re: Citrix Remote Desktop
From: Daniel Clemens <daniel.clemens () packetninjas net>
Date: Wed, 2 Jun 2010 13:58:00 -0500
On Jun 2, 2010, at 8:26 AM, The Dead wrote:
I'm manking a pen-testing from an external network to a target and I found a Citrix session (port 1494) opened. I have downloaded some tools that perform brute-force login and application enumeration. Is there something else that I can do about such enviroment?
Half ass response I know, but; Do you have access to the citrix environment yet? If so there are tons of things you can do. Once in the citrix environment try to see when and where you can get past any restrictions placed on your environment through making your own batch files, or tricks to get cmd.exe to launch. | Daniel Uriah Clemens | Packetninjas L.L.C | | http://www.packetninjas.net | c. 205.567.6850 | | o. 866.267.8851 "Moments of sorrow are moments of sobriety" ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Citrix Remote Desktop The Dead (Jun 02)
- Re: Citrix Remote Desktop Jonathan Cran (Jun 02)
- Re: Citrix Remote Desktop SD List (Jun 02)
- Message not available
- Re: Citrix Remote Desktop The Dead (Jun 02)
- RE: Citrix Remote Desktop Nicholas J. Fanelli (Jun 02)
- Message not available
- Re: Citrix Remote Desktop The Dead (Jun 02)
- Re: Citrix Remote Desktop Daniel Clemens (Jun 03)