Comments on: Hacking CITRIX – the forceful way

By: infoz

infoz — Sun, 23 Jan 2011 00:19:06 +0000

What did you do to get the scripts working in XP? They execute fine from cmd, wscript is installed, .net, etc.. but they never launch the Citrix client (which is also installed) for enum, connect or bforce. I can launch an .ica file to the target server with no issues however running the .js files never launch the client. Any help is appreciated!

By: nod32å‡çº§id » Hacking Citrix

nod32å‡çº§id » Hacking Citrix — Thu, 01 Apr 2010 12:40:05 +0000

[...] http://www.gnucitizen.org/blog.....ceful-way/ [...]

By: pdp

pdp — Sun, 25 Jan 2009 07:50:59 +0000

back again :) still moving infrastructures…

By: jeff

jeff — Wed, 14 Jan 2009 19:59:58 +0000

Gone again, the links…

By: Hacking Citrix

Hacking Citrix — Thu, 05 Jun 2008 14:38:22 +0000

[...] A more recent reference to hacking Citrix is from GNUCITIZEN and can be found here [...]

By: xyyzy

xyyzy — Tue, 16 Oct 2007 13:17:32 +0000

thanks pdp, found them

By: pdp

pdp — Tue, 16 Oct 2007 10:44:45 +0000

check the bottom of the post

By: xyyzy

xyyzy — Tue, 16 Oct 2007 10:42:07 +0000

Where are the videos? seems youtube has removed them.

By: curious mind

curious mind — Tue, 16 Oct 2007 07:50:06 +0000

pdp, I totally agree…applications without authentication is asking for trouble..but as you showed that even with authentication you’re not really safe that’s why I hope somebody can answer my questions..

By: pdp

pdp — Tue, 16 Oct 2007 06:44:29 +0000

curious mind, I have no idea how CITRIX is shipped but I believe that you are on the right track. However, it is up to the administrator to export applications that does not require authentication. In case your ICA is in the DMZ and you have one of these application hanging out in there, then you are in a big trouble. Unfortunately, this is what I see most of the times.

By: curious mind

curious mind — Tue, 16 Oct 2007 06:22:29 +0000

I’m wondering what FREE features Citrix has for deploying apps to the internet in a secure manner. The only thing I could find was the Citrix Secure Gateway 3.0 (is this still supported or maintained?) from which the admin guide and checklist is no longer avaiable so forget about the documentation.

So as it would seem, you maybe required to purchase a Citrix Access Gateway to secure your Citrix environment am I correct..? If so, this would mean that making Citrix apps available across the web would not be secure out of the box without buying additional hardware.
This is not a statement but more a question I have…

By: Citrix Internet Gateways - Critical need to lock these down - Harry Waldron - My IT Forums Blog

Fri, 12 Oct 2007 13:41:53 +0000

[...] Hacking CITRIX – the forceful way http://www.gnucitizen.org/blog.....ceful-way/ Citrix Security Best Practices http://www.thin-world.com/nfuse.htm [...]

By: pdp

pdp — Fri, 12 Oct 2007 10:57:26 +0000

Jonathan, thanks. I am not very sure. I guess it has something to do with the CITRIX logo, which appears on the screen when a connection is established.

By: Jonathan

Jonathan — Fri, 12 Oct 2007 10:25:38 +0000

It’s strange that Citrix should be able to do this. Does your video:

1. breach the copyright of Citrix, or
2. describe a method for illegally circumventing copyright protection?

If not, then perhaps you could file a “counter-take-down” notice to YouTube, as described here: http://www.youtube.com/t/dmca_policy.

This approach was famously used by Christopher Knight:
http://theknightshift.blogspot.....right.html

Keep on hacking!
Jonathan

By: pdp

pdp — Fri, 12 Oct 2007 08:41:02 +0000

Apparently CITRIX has removed the YouTube videos due to a copyright violation. This is strange and the same time not the right way to handle situations like this.

By: pdp

pdp — Thu, 11 Oct 2007 18:41:36 +0000

RX8volution, I forgot to include that. Give me some time and I will come with an updated script, or you can do that yourself if you want to.

By: RX8volution

RX8volution — Thu, 11 Oct 2007 16:54:40 +0000

pdp : How do you account for domains? I am working on password “grinding” or brute-force… and don’t quite get how to append the Domain name into your script… would be a nice pen-test tool…

By: pdp

pdp — Wed, 10 Oct 2007 18:28:49 +0000

Anthony D., yes you are right. The reason I came up with the script is mainly because I wasn’t aware of any other CITRIX authentication bruteforcer.

By: Anthony D.

Anthony D. — Wed, 10 Oct 2007 18:26:14 +0000

You should note that you are demonstrating exploiting a poorly implemented security model. When implemented correctly using existing Citrix security features and Microsoft Security Features your attacks would not work at all.

This was an attack against a poorly implemented Citrix environment.

Nice work either way!

By: radi

radi — Wed, 10 Oct 2007 07:21:28 +0000

*hides head in shame* oopps…. sorry about that guys!!! :) my bad i should have read the other article more carefully…..

Comments on: Hacking CITRIX – the forceful way

By: infoz

By: nod32å‡çº§id » Hacking Citrix

By: pdp

By: jeff

By: Hacking Citrix

By: xyyzy

By: pdp

By: xyyzy

By: curious mind

By: pdp

By: curious mind

By: Citrix Internet Gateways - Critical need to lock these down - Harry Waldron - My IT Forums Blog

By: pdp

By: Jonathan

By: pdp

By: pdp

By: RX8volution

By: pdp

By: Anthony D.

By: radi

By: nod32å‡çº§id » Hacking Citrix