---- Franklin DeMatto <[EMAIL PROTECTED]> wrote: > They also listen on the 1494 port (which is designated for citrix) > > I was unable to get it to respond to any HTTP request, by hand or with > a > browser.... >
the ica protocol is not human-language based, so you'll be hard-pressed to get anything out of it with http commands. it uses (if unspecified at install) the system-default encryption level - which is typically 56-bit on freshly staged machines. for the most part, the protocol itself is fairly secure, maybe you should try another route? more recently it's come to focus that the client-side is somewhat vulnerable. you've already identified a web-service. considering it's used to distribute an ica configuration to the citrix client, what routes are available through compromising it. have you looked at the ica(err. ini file)-file? it's plain-text. does it allow for other types of attacks/manipulations (ie. hostname/ip => dns poisoning/route modifications). for what it's worth, here's a somewhat-outdated link with some information on a few citrix command-line utilities used for querying against a master browser. http://lists.insecure.org/pen-test/2000/Oct/0141.html > Franklin DeMatto > Senior Analyst, qDefense Penetration Testing > http://qDefense.com > qDefense: Making Security Accessible > > > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus Security Intelligence Alert > (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security vulnerabilities please > see: > https://alerts.securityfocus.com/ > > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
