Comments on: CITRIX: Owning the Legitimate Backdoor http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/ Information Security Think Tank Sat, 02 Feb 2013 17:50:40 +0000 hourly 1 http://wordpress.org/?v=3.4.1 By: anon http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-134215 anon Mon, 07 Jan 2013 17:05:46 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-134215 The video works by clicking the download link at the bottom of the post: http://www.gnucitizen.org/static/blog/2007/10/hc01.wmv The video works by clicking the download link at the bottom of the post: http://www.gnucitizen.org/stat.....0/hc01.wmv

]]> By: Citrix à la peine ? — SecurityVibes Magazine http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-129782 Citrix à la peine ? — SecurityVibes Magazine Mon, 28 Mar 2011 10:10:48 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-129782 [...] http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/La rédactionL'équipe rédactionnelle de SecurityVibes Magazine France.Website - Twitter - Facebook - More Posts A lire également [...] [...] http://www.gnucitizen.org/blog.....ackdoor/La rédactionL'équipe rédactionnelle de SecurityVibes Magazine France.Website – Twitter – Facebook – More Posts A lire également [...]

]]> By: Citrix à la peine ? — SecurityVibes Magazine http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-129777 Citrix à la peine ? — SecurityVibes Magazine Wed, 23 Mar 2011 15:17:11 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-129777 [...] http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/La rédactionL'équipe rédactionnelle de SecurityVibes Magazine France.Website - Twitter - Facebook - More Posts   Notez l'article! Soyez le premier à évaluer cet article! A lire [...] [...] http://www.gnucitizen.org/blog.....ackdoor/La rédactionL'équipe rédactionnelle de SecurityVibes Magazine France.Website – Twitter – Facebook – More Posts   Notez l'article! Soyez le premier à évaluer cet article! A lire [...]

]]> By: pdp http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-129273 pdp Sat, 13 Nov 2010 01:47:57 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-129273 it is not difficult to learn how to hack... use google... or sign up for a course :) it is not difficult to learn how to hack… use google… or sign up for a course :)

]]> By: john http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-129223 john Wed, 20 Oct 2010 02:23:25 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-129223 looking for mentors...i need to learn how to hack looking for mentors…i need to learn how to hack

]]> By: nod32升级id » Hacking Citrix http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-128439 nod32升级id » Hacking Citrix Thu, 01 Apr 2010 12:39:49 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-128439 [...] http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/http://www.gnucitizen.org/blog/hacking-citrix-the-forceful-way/ [...] [...] http://www.gnucitizen.org/blog.....ceful-way/ [...]

]]> By: Souvenez vous ;) Ne laissez pas de porte ouverte Citrix sur le Net | tescitrixoupas http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-127675 Souvenez vous ;) Ne laissez pas de porte ouverte Citrix sur le Net | tescitrixoupas Thu, 06 Aug 2009 13:48:51 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-127675 [...] http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/ [...] [...] http://www.gnucitizen.org/blog.....-backdoor/ [...]

]]> By: Hacking CITRIX - the forceful way | GNUCITIZEN http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-125573 Hacking CITRIX - the forceful way | GNUCITIZEN Sun, 25 Jan 2009 07:40:19 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-125573 [...] CITRIX - the forceful way published: October 5th, 2007 Yesterday I briefly covered how CITIRX hacking works by performing simple enumeration exercises. Today, I [...] [...] CITRIX – the forceful way published: October 5th, 2007 Yesterday I briefly covered how CITIRX hacking works by performing simple enumeration exercises. Today, I [...]

]]> By: Virüs Güvenlik Haberleri » Citrix Prezantasyon Sunucusu http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-124669 Virüs Güvenlik Haberleri » Citrix Prezantasyon Sunucusu Tue, 09 Dec 2008 22:40:27 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-124669 [...] güvenlik aç??? duyurusu: http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/ Citrix güvenlik bülteni: [...] [...] güvenlik aç??? duyurusu: http://www.gnucitizen.org/blog.....-backdoor/ Citrix güvenlik bülteni: [...]

]]> By: free dlls http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-124051 free dlls Tue, 14 Oct 2008 07:54:17 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-124051 the video can't be play , it says it may removed. Please check. the video can’t be play , it says it may removed. Please check.

]]> By: ikkuhqhp http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-122075 ikkuhqhp Sun, 18 May 2008 09:57:47 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-122075 pdp, I was reading this post but found that the youtube link doesn't work. Could you explain "escaping windows GUI" again please? pdp, I was reading this post but found that the youtube link doesn’t work. Could you explain “escaping windows GUI” again please?

]]> By: Citrix Prezantasyon Sunucusu için Yama | Virüs Güvenlik Haberleri http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-86876 Citrix Prezantasyon Sunucusu için Yama | Virüs Güvenlik Haberleri Sat, 15 Dec 2007 10:17:36 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-86876 [...] güvenlik açığı duyurusu: http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/ Citrix güvenlik bülteni: [...] [...] güvenlik açığı duyurusu: http://www.gnucitizen.org/blog.....-backdoor/ Citrix güvenlik bülteni: [...]

]]> By: TesCitrixOuPas » Blog Archive » Citrix, trou de sécurité ou mauvaise gestion des administrateurs Citrix ? http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-78422 TesCitrixOuPas » Blog Archive » Citrix, trou de sécurité ou mauvaise gestion des administrateurs Citrix ? Wed, 28 Nov 2007 22:03:02 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-78422 [...] le site GNUCITIZEN, un chercheur en sécurité en faisant une simple recherche sur Google est tombé sur une floppé [...] [...] le site GNUCITIZEN, un chercheur en sécurité en faisant une simple recherche sur Google est tombé sur une floppé [...]

]]> By: newKid http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-73277 newKid Mon, 19 Nov 2007 03:30:40 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-73277 I am not a hacker, just a college kid, studying networking, programming, security, the like. I am researching Citrix for a security paper. I clicked on some of these links, to see what would happen, as the read is seriously intriguing to me. Most of them you can't actually get to. One came up but gave me an error and did not display. Please explain; are you telling me that by clicking the links that are returned in the search, that you are actually accessing information running on the server? There is no one on the other end that can see or be alerted of the fact that some remote user is actually getting in unauthenticated? I don't understand. How does this actually work out? I am not a hacker, just a college kid, studying networking, programming, security, the like. I am researching Citrix for a security paper. I clicked on some of these links, to see what would happen, as the read is seriously intriguing to me. Most of them you can’t actually get to. One came up but gave me an error and did not display. Please explain; are you telling me that by clicking the links that are returned in the search, that you are actually accessing information running on the server? There is no one on the other end that can see or be alerted of the fact that some remote user is actually getting in unauthenticated? I don’t understand. How does this actually work out?

]]> By: pdp http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-63063 pdp Tue, 30 Oct 2007 07:21:04 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-63063 Intrigued, absolutely! Intrigued, absolutely!

]]> By: Intrigued http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-62957 Intrigued Tue, 30 Oct 2007 00:56:30 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-62957 I found it interesting that some of the servers have user names and domain names in the config files. After looking around I found that some of them give you a remote desktop without authentication with full access by using a user name and domain name (could be dead wrong and it just gives you the remote desktop anyways but none the less its still a blatant hole) I found it interesting that some of the servers have user names and domain names in the config files. After looking around I found that some of them give you a remote desktop without authentication with full access by using a user name and domain name (could be dead wrong and it just gives you the remote desktop anyways but none the less its still a blatant hole)

]]> By: Network Security Podcast, Episode 81 | securosis.com http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-59431 Network Security Podcast, Episode 81 | securosis.com Thu, 18 Oct 2007 16:23:42 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-59431 [...] Citrix; Owning the legitimate backdoor [...] [...] Citrix; Owning the legitimate backdoor [...]

]]> By: Bbb http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-58567 Bbb Mon, 15 Oct 2007 15:06:32 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-58567 Absolutely very concerning, the fact that you can get Numb-Nut administrators. As I mentioned above.... http://search.yahoo.com/search.....ension:rdp http://www.google.com/search?q=ext:rdp .....you get the same numb-nuts administrating plain old Terminal services as well as any other product. The first line of your article 'The Internet is full of wide open CITRIX gateways' probably put the Sh$ts up many a CITRIX administrator because they implement true CITRIX gateways (that only open for the correct people). I hope people reading this article realise that this is not the way to implement CITRIX for remote access. I can't believe the amount of people who don't follow simple IT Security recommended practices. This is probably why your article should be entitled 'Beware There are Numb-Nut Administrators everywhere!!' ;-) Bbb Absolutely very concerning, the fact that you can get Numb-Nut administrators.

As I mentioned above….

http://search.yahoo.com/search…..ension:rdp

http://www.google.com/search?q=ext:rdp

…..you get the same numb-nuts administrating plain old Terminal services as well as any other product.

The first line of your article ‘The Internet is full of wide open CITRIX gateways’ probably put the Sh$ts up many a CITRIX administrator because they implement true CITRIX gateways (that only open for the correct people). I hope people reading this article realise that this is not the way to implement CITRIX for remote access.

I can’t believe the amount of people who don’t follow simple IT Security recommended practices. This is probably why your article should be entitled ‘Beware There are Numb-Nut Administrators everywhere!!’ ;-)

Bbb

]]> By: Citrix holes endanger Government and Military systems - spyware news http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-58562 Citrix holes endanger Government and Military systems - spyware news Mon, 15 Oct 2007 14:05:16 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-58562 [...] into Citrix GUIs and playing with .ica files. He kindly posted the results of this rampage on his blog. What he did was he tried searching for public .ICAs in google and yahoo and found "tons" [...] [...] into Citrix GUIs and playing with .ica files. He kindly posted the results of this rampage on his blog. What he did was he tried searching for public .ICAs in google and yahoo and found "tons" [...]

]]> By: The Day Today » Blog Archive » Citrix backdoors easy to find http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/comment-page-1/#comment-58560 The Day Today » Blog Archive » Citrix backdoors easy to find Mon, 15 Oct 2007 13:47:37 +0000 http://www.gnucitizen.org/blog/citrix-owning-the-legitimate-backdoor/#comment-58560 [...] gateways, which are often unsecured - allowing a hacker to get a command prompt on the servers. This article explains how, and includes a video showing how to get a command prompt from the calculator [...] [...] gateways, which are often unsecured – allowing a hacker to get a command prompt on the servers. This article explains how, and includes a video showing how to get a command prompt from the calculator [...]

]]>