Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Citrix ICA Basic Encryption

From: dugsong () MONKEY ORG (Dug Song)
Date: Wed, 29 Mar 2000 09:59:55 -0500

The ICA (Independent Computing Architecture) protocol used in various
Citrix products (Winframe, Metaframe) relies on a trivially cracked
encryption scheme to protect user authentication.

The ICA basic encryption algorithm is a variant of the simple XOR
scheme used for saved Winframe passwords:

        void decrypt(u_char key, u_char *p, int len)
        {
          int i;

          for (i = len; i > 0; i--)
            p[i] = p[i-1] ^ p[i] ^ key;

          p[0] ^= (key | 'C');
        }

Demonstration code to decrypt Winframe passwords stored in appsrv.ini:

         http://www.monkey.org/~dugsong/icadecrypt.c.txt

Demonstration code to sniff (and decrypt) ICA network authentication:

        http://www.monkey.org/~dugsong/dsniff/

Citrix offers a secure alternative called SecureICA, which uses
Diffie-Hellman for key exchange and RC5 to encrypt the underlying
transport (now at 128-bit strength worldwide). While this is certainly
better than the simple XOR scheme outlined above, it may still be
vulnerable to an active man-in-the-middle attack. Caveat user.

        http://www.citrix.com/products/sica/

Thanks to Jeremie Kass <jeremie () monkey org> for providing me with ICA
traffic traces, and to Niels Provos <provos () monkey org> for sifting thru
hexdumps with me. :-)

-d.

---
http://www.monkey.org/~dugsong/
Previous By Date Next
Previous By Thread Next

Current thread: