[THIN] FW: Citrix Published Application Brute Forcer
- From: "Warner, Kathleen" <kwarner@xxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Wed, 2 Oct 2002 15:43:28 -0600
FYI
-----Original Message-----
From: wirepair [mailto:wirepair@xxxxxxxxxxxxx]=20
Sent: Tuesday, October 01, 2002 7:33 PM
To: bugtraq@xxxxxxxxxxxxxxxxx; vuln-dev@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx;
com@xxxxxxxxxxxxxxxxx; vulnwatch@xxxxxxxxxxxxx;
pen-test@xxxxxxxxxxxxxxxxx
Subject: Citrix Published Application Brute Forcer
This is a new design flaw that I discovered when trying to=20
break the 'only allow published applications' option. This=20
will attempt to brute force the application names that are=20
published by looking for a specific return datagram. All=20
other details are in the README. This file can be=20
downloaded at http://sh0dan.org/files/pubappbrute.tar.gz
It also includes a template pubapp file which contains=20
common published applications. Enjoy.
-wire
_____________________________
For the best comics, toys, movies, and more,
please visit <http://www.tfaw.com/?qt=3Dwmf>
**********************************************
This weeks sponsor 99Point9.com
99Point9 helps solve your unresolved technical
server-based questions, issues and incidents.
http://www.99point9.com
***********************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
Other related posts:
- » [THIN] FW: Citrix Published Application Brute Forcer