[THIN] FW: Citrix Published Application Brute Forcer

  • From: "Warner, Kathleen" <kwarner@xxxxxxxxxxxx>
  • To: <thin@xxxxxxxxxxxxx>
  • Date: Wed, 2 Oct 2002 15:43:28 -0600


-----Original Message-----
From: wirepair [mailto:wirepair@xxxxxxxxxxxxx]=20
Sent: Tuesday, October 01, 2002 7:33 PM
To: bugtraq@xxxxxxxxxxxxxxxxx; vuln-dev@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx;
com@xxxxxxxxxxxxxxxxx; vulnwatch@xxxxxxxxxxxxx;
Subject: Citrix Published Application Brute Forcer

This is a new design flaw that I discovered when trying to=20
break the 'only allow published applications' option. This=20
will attempt to brute force the application names that are=20
published by looking for a specific return datagram. All=20
other details are in the README. This file can be=20
downloaded at http://sh0dan.org/files/pubappbrute.tar.gz

It also includes a template pubapp file which contains=20
common published applications. Enjoy.
For the best comics, toys, movies, and more,
please visit <http://www.tfaw.com/?qt=3Dwmf>

This weeks sponsor 99Point9.com
99Point9 helps solve your unresolved technical
server-based questions, issues and incidents.

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link.


Other related posts:

  • » [THIN] FW: Citrix Published Application Brute Forcer