RE: Pen test, tcp/1404 found - advice needed

From: MacEwen, Jeffrey B. (JMacEwen@umcaz.edu)
Date: Fri Sep 16 2005 - 12:51:09 EDT


Try here:

http://sh0dan.org/files/hackingcitrix.txt

Jeff

-----Original Message-----
From: Sekurity Wizard [mailto:s.wizard@boundariez.com]
Sent: Friday, September 16, 2005 5:34 AM
To: Marc.Werner@t-systems.com; pen-test@securityfocus.com
Subject: RE: Pen test, tcp/1404 found - advice needed

Yes - guys - already tried -sV and other scan types, results were:

        "1494/tcp open citrix-ica Citrix Metaframe XP ICA"

What I need now is some tricks to break Citrix Megaframe XP, which is the crux of the problem.

Wiz

 

-----Original Message-----
From: Marc.Werner@t-systems.com [mailto:Marc.Werner@t-systems.com]
Sent: Thursday, September 15, 2005 1:44 AM
To: Sekurity Wizard; pen-test@securityfocus.com
Subject: AW: Pen test, tcp/1404 found - advice needed

Hi Wiz,

Have you already tried a nmap version scan on the port(nmap -sV)?
Or you can try amap from THC (http://www.thc.org/).
Good luck :-)

Cheers Marc

-----Ursprüngliche Nachricht-----
Von: Sekurity Wizard [mailto:s.wizard@boundariez.com]
Gesendet: Dienstag, 13. September 2005 05:30
An: pen-test@securityfocus.com
Betreff: Pen test, tcp/1404 found - advice needed

Hey folks,
        Found tcp/1494 open to a server during a pen test, black-box style. Are there any interesting tools that may be available to extract information from the server on the receiving end?

Please reply to list, or offline to me if necessary.

Cheers,
        Wiz

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:55 EDT