AW: (In)Secure Citrix Configs

["!s3grim" <persephane () gmx eu>]

Hi Lefteris,
 
this is an amazing, a nice bunch of links. Seems I'll have some nice reading
time and some cups of coffee to get through all of them.
Thanks alot, to you and also to all other, too.
 
!s3grim

________________________________

Von: lefteris panos [mailto:lefterispanos () gmail com] 
Gesendet: Freitag, 29. Juni 2012 08:27
An: !s3grim
Cc: pen-test () securityfocus com
Betreff: Re: (In)Secure Citrix Configs


Hey,
You can download the audit / hardening guides from DoD here
http://iase.disa.mil/stigs/app_security/remote_desktop/remote_desk.html
Also you can find an audit guide here from SANS
http://it-audit.sans.org/community/papers/security-audit-citrix-nfuse-www-se
rver-published-application-infrastructure_159

As Ivan said a great series of guides is in
http://synjunkie.blogspot.com.au/2009/03/abusing-citrix-part-1.html
A presentation from insomniasec, dated back in 2009 but still relevant
http://www.insomniasec.com/publications/Hacking_Citrix.ppt
A thorough list is also posted on Penetration Testing Framework here
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html which also
has a good list of other resources.

A set of tools can be found here http://hackarmoury.com/tools under
/infrastructure_tools/windows/citrix_tools and last but not least the
excellent work of Paul Craig with Interactive Kiosk Attack Tool in
http://ikat.ha.cked.net/ and the taskmanager Excel spreadsheet from Didier
Stevens here
http://blog.didierstevens.com/2012/05/01/update-taskmanager-xls-v0-1-3-kille
r-shellcode/

Hope this info will get you started

Lefteris




On Thu, Jun 28, 2012 at 8:46 PM, !s3grim <persephane () gmx eu> wrote:


        Hi guys,
        
        does anyone know any ressources about the security of citrix
environments?
        Anything like the basic security model, like configuration places
and usual
        'misconfigurations'?
        Maybe there is also a hardening guide or something about config
caveats?
        
        I'd appreciate any useful information.
        
        !s3grim
        
        
        
------------------------------------------------------------------------
        This list is sponsored by: Information Assurance Certification
Review Board
        
        Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require a
full practical examination in order to become certified.
        
        http://www.iacertification.org
        
------------------------------------------------------------------------
        
        




------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------