Re: Citrix pentesting ideas

From: wirepair (wirepair@roguemail.net)
Date: Sun Feb 09 2003 - 12:11:57 EST


You can always open up a dos command prompt and paste it
in. Using copy.exe. (My friend told me this idea):
copy con heh.exe
<paste>
ctrl Z
<enter>
this will work as long as the binary doesn't have a ^Z
character in it. Good luck,
-wire

On Sat, 8 Feb 2003 22:02:27 -0000
  "Gareth Bromley" <gbromley@intstar.com> wrote:
>As subject:
>
>Got some projects involving Citrix (also I guess MS
>Terminal server) coming
>up, and was pondering some ways to subvert the desktop
>when the file sharing
>option has been disabled.
>
>So far I've come up with the following ideas:
>- Using the clipboard copy feature, copy an archive of
>exploit(s) to the
>local PC clipboard, and then paste onto remot desktop.
>- If this dont work due to OLE/Binary transfer issues,
>how about same
>concept as above, but first UUEncode (or another means to
>turn binary into
>text) the archive, then copy and paste and UUDecode the
>other end?
>
>Any got any experience of either of these? Or other
>means?
>
>As an aside, how about ways to interrupt running spawned
>scripts, say runing
>a perl script through inetd, that just dumps data and
>then closes? I was
>thinking Ctrl+C, Z etc... ot use telnet's send brk, ip,
>.... however on
>testing on Linux and Solaris these dont work as I
>thought. Any ideas??
>
>Gareth
>
>
>----------------------------------------------------------------------------
>This list is provided by the SecurityFocus Security
>Intelligence Alert (SIA)
>Service. For more information on SecurityFocus' SIA
>service which
>automatically alerts you to the latest security
>vulnerabilities please see:
>https://alerts.securityfocus.com/
>

_____________________________
For the best comics, toys, movies, and more,
please visit <http://www.tfaw.com/?qt=wmf>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:27 EDT