Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
- From: <full-disclosure@xxxxxxxxxxxx>
- Date: Wed, 10 Oct 2007 14:05:28 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SHUT UP VLADIS IF ANYONE CARED THEY WOULD JUST FREQUENT YOUR BLOG
GET OFF THIS LIST THIS IS FOR SERIOUS SECURITY MATTERS ONLY
On Wed, 10 Oct 2007 07:14:32 -0400 "pdp (architect)"
<pdp.gnucitizen@xxxxxxxxxxxxxx> wrote:
http://www.gnucitizen.org/blog/remote-desktop-command-fixation------BEGIN PGP SIGNATURE-----
attacks
Security in depth does not exist! No matter what you do, dedicated
attackers will always be able to penetrate your network.
Seriously!
Information security is mostly about risk assessment and crisis
management.
When it comes to exploitative penetration testing, I relay on
tactics
rather then exploits. I've already talked about how insecure
Remote
Desktop service could be. In this post I will show you how easy it
is
to compromise a well protected Windows Terminal or CITRIX server
with
a simple social engineering attack and some knowledge about the
platform we are about to exploit.
The attack is rather simple. All the bad guys have to do is to
compose
a malicious RDP (for Windows Terminal Services) or ICA (for
CITRIX)
file and send it to the victim. The victim is persuaded to open
the
file by double clicking on it. When the connection is established,
the
user will enter their credentials to login and as such let the
hackers
in. Vicious!
I have a more detailed explanation about the tactics behind this
attack. Because I don't want to spam people with tones of text, I
just
included a link which you can follow. Hope that this is useful and
at
the same time eye opening, not that it is something completely
amazing. But it does work and it works well.
cheers.
--
pdp (architect) | petko d. petkov
http://www.gnucitizen.org
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Note: This signature can be verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5
wpwEAQECAAYFAkcNFGgACgkQ+dWaEhErNvS4wwQAj8LqbxzIYoXodiXgspcs/YDG0/a8
oNPk3PsmOKHp7N7jVObIEDPjCgGHMRrPfHIEjys5EBTkVr/wq7/y6XPQLdyzIu5VyFE2
04q7slbdkrfImgByVX2itNYDJ5JlbzqrakxxZ9TVrNqqXtjWhw4IN90jDMo8tLoQT0V4
7xtyuiU=
=mlsP
-----END PGP SIGNATURE-----
--
Click for free info on business schools, $150K/ year potential.
http://tagline.hushmail.com/fc/Ioyw6h4dC6kbhaI6CLIgyWpO60jMWLXpHtbVzuYHwGilHWig7GUYZK/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
- From: Valdis . Kletnieks
- Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
- Prev by Date: [Full-disclosure] Tom Serson Serious Business
- Next by Date: Re: [Full-disclosure] 0day: Hacking secured CITRIX from outside
- Previous by thread: Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
- Next by thread: Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
- Index(es):
Relevant Pages
|
